PHPackages philippgrashoff/userauthforatk - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Authentication & Authorization](/categories/authentication) 4. / 5. philippgrashoff/userauthforatk ActiveLibrary[Authentication & Authorization](/categories/authentication) philippgrashoff/userauthforatk ============================== 5.0.0(1y ago)012PHPPHP 8.\* Since Jul 2Pushed 1y ago1 watchersCompare [ Source](https://github.com/PhilippGrashoff/userauthforatk)[ Packagist](https://packagist.org/packages/philippgrashoff/userauthforatk)[ RSS](/packages/philippgrashoff-userauthforatk/feed)WikiDiscussions main Synced 1mo ago READMEChangelog (1)Dependencies (5)Versions (2)Used By (0) userauthforatk - Beta ===================== [](#userauthforatk---beta) Motivation ---------- [](#motivation) atk4/login is an existing repository to handle user authentication, but it carries a lot of UI code. IMHO, user authentication has nothing to do with UI per se. I need the logged-in user a lot in data layer to check sufficient rights for an action, audit changes made by users and so on. The normal atk4\\login way is to attach an `Auth` instance to Atk4\\Ui\\App, which then somehow needs to be passed down to data level if it should be used there. As I split the code of my Application into several "data" and "ui" repositories, this way would require to widely use Atk4\\Ui\\App in data layer. This repo aims to make the logged-in user available independently of UI. Current implementation, possible improvements etc ------------------------------------------------- [](#current-implementation-possible-improvements-etc) ### Auth as Singleton [](#auth-as-singleton) At first, all Auth actions (login, logout, get logged-in user) were implemented as static methods, such as `Auth::getUser($somePersistence)`. But this comes along with a major problem: ATK models cannot be serialized - so only the field values of the logged-in user can be stored in Session. When using `Auth::getUser()` in several places, each call would create a new instance of the logged in user. This is not only bad from a performance POV. The only solution I could think of was to use a singleton, as adding some dependency injection deep inside atk4\\data seemed impossible at first glance. Some singleton "getter" for the logged-in user could have been implemented, but as Auth class is very small, it seemed less overhead to implement the whole Auth class as Singleton. While the code isn't perfectly nice as it gets a bit longer (`Auth::getInstance()->getUser($somePersistence)`), it solves the issue of possibly having multiple instances for the logged-in user. ### Coupling to User Model [](#coupling-to-user-model) A basic User model comes with this repo. However, this Auth can be used with any User class as its independent of the User class. This was achieved by moving the responsibility for successful login handling, failed login handling and before login handling (too many failed logins already?) to user model. Generally, this responsibility is something that can be well put into Auth, but this also means that Auth needs to be aware of the User classes capabilities. In the current implementation, Auth only calls hooks in the user Model, so Auth does not need any knowledge of the User class. Hence, the User class can be easily exchanged. ### No usage of atk Session handling [](#no-usage-of-atk-session-handling) At the moment, this repo does not use Atk session handling, as I only needed the minimal functionality of storing the logged-in User data in the Session. However, the normal Atk Session Handler could be easily used. ### (Impossible) configuration of Auth [](#impossible-configuration-of-auth) One thing I do not really like is that Auth is not configurable in the current implementation. If you want to use a different User class than the provided one, you will have to create a new Auth class which extends this Auth, just overwriting the `$userModel` property. ### Health Score 23 — LowBetter than 27% of packages Maintenance33 Infrequent updates — may be unmaintained Popularity5 Limited adoption so far Community7 Small or concentrated contributor base Maturity40 Maturing project, gaining track record Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Unknown Total 1 Last Release 678d ago ### Community Maintainers ![](https://www.gravatar.com/avatar/b8d7dc9f818ca121a41b3d19bd263147b404e0488096d2357729dea14232ec6e?d=identicon)[Philipp Reisigl](/maintainers/Philipp%20Reisigl) --- Top Contributors [![PhilippGrashoff](https://avatars.githubusercontent.com/u/33204878?v=4)](https://github.com/PhilippGrashoff "PhilippGrashoff (9 commits)") ### Code Quality TestsPHPUnit Static AnalysisPHPStan Type Coverage Yes ### Embed Badge ![Health badge](/badges/philippgrashoff-userauthforatk/health.svg) ``` [![Health](https://phpackages.com/badges/philippgrashoff-userauthforatk/health.svg)](https://phpackages.com/packages/philippgrashoff-userauthforatk) ``` ### Alternatives [namshi/jose JSON Object Signing and Encryption library for PHP. 1.8k99.6M101](/packages/namshi-jose)[league/oauth1-client OAuth 1.0 Client Library 99698.8M106](/packages/league-oauth1-client)[gesdinet/jwt-refresh-token-bundle Implements a refresh token system over Json Web Tokens in Symfony 70516.4M35](/packages/gesdinet-jwt-refresh-token-bundle)[league/oauth2-google Google OAuth 2.0 Client Provider for The PHP League OAuth2-Client 41721.2M118](/packages/league-oauth2-google)[illuminate/auth The Illuminate Auth package. 9327.3M1.0k](/packages/illuminate-auth)[beatswitch/lock A flexible, driver based Acl package for PHP 5.4+ 870304.7k2](/packages/beatswitch-lock) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)