PHPackages                             rudra/auth - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [Authentication &amp; Authorization](/categories/authentication)
4. /
5. rudra/auth

ActiveLibrary[Authentication &amp; Authorization](/categories/authentication)

rudra/auth
==========

Authentication module for Rudra framework

v26.7(1w ago)16081MPL-2.0PHPPHP ^8.3CI passing

Since Jun 28Pushed 1w ago2 watchersCompare

[ Source](https://github.com/Jagepard/Rudra-Auth)[ Packagist](https://packagist.org/packages/rudra/auth)[ RSS](/packages/rudra-auth/feed)WikiDiscussions master Synced 3d ago

READMEChangelog (4)Dependencies (8)Versions (7)Used By (1)

[![PHPunit](https://github.com/Jagepard/Rudra-Auth/actions/workflows/php.yml/badge.svg)](https://github.com/Jagepard/Rudra-Auth/actions/workflows/php.yml)[![Maintainability](https://camo.githubusercontent.com/d59503d959a936ee51a69c1a886bdd55f5dec732e482b24eba7e575b0346f0ad/68747470733a2f2f716c74792e73682f6261646765732f31333436643737632d623766312d343438382d623733632d6234373538323136363036312f6d61696e7461696e6162696c6974792e737667)](https://qlty.sh/gh/Jagepard/projects/Rudra-Auth)[![CodeFactor](https://camo.githubusercontent.com/7ebf99e294676ca55b9d5da3ff8ec01341ba064b7caec297acb1df2e9cd88887/68747470733a2f2f7777772e636f6465666163746f722e696f2f7265706f7369746f72792f6769746875622f6a616765706172642f72756472612d617574682f6261646765)](https://www.codefactor.io/repository/github/jagepard/rudra-auth)[![Coverage Status](https://camo.githubusercontent.com/982139b149bb9e015cf8fb7731d358a7b7c5dcdc64fcd15a54982873f279fa04/68747470733a2f2f636f766572616c6c732e696f2f7265706f732f6769746875622f4a616765706172642f52756472612d417574682f62616467652e7376673f6272616e63683d6d6173746572)](https://coveralls.io/github/Jagepard/Rudra-Auth?branch=master)
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

[](#)

Authentication, session management and RBAC | [API](https://github.com/Jagepard/Rudra-Auth/blob/master/docs.md "Documentation API")
-----------------------------------------------------------------------------------------------------------------------------------

[](#authentication-session-management-and-rbac--api)

#### Install

[](#install)

`composer require rudra/auth`

##### Usage

[](#usage)

```
use Rudra\Auth\AuthFacade as Auth;
```

##### Configuration

[](#configuration)

> For the component to work correctly, you need to add the following parameters to the Rudra configuration file:

```
# Secret key for encrypting cookies and generating session hashes
secret: your_super_secret_key_here

# Roles for Role-Based Access Control (the smaller the number, the higher the privilege)
roles:
    admin: 0
    editor: 1
    moderator: 2
    user: 3

# Environment (in the 'test' environment, cookies are not deleted on logout)
environment: production
```

##### User registration

[](#user-registration)

```
$user = [
    "email"    => "user@email.com",
    "password" => Auth::bcrypt("password")
];
```

##### Getting a user from the database

[](#getting-a-user-from-the-database)

```
$user = [
    "email"    => "user@email.com",
    "password" => "password_hash",
    "role"     => "admin"
];
```

##### Authentication

[](#authentication)

> The second argument is the **plain text password** entered by the user. The `$user['password']` must contain a **hash** from the database.

```
Auth::authentication(
    $user,
    "password",
    ["admin/dashboard", "login"],
    ["error" => "Wrong access data"]
);
```

> **Note:** For the "Remember Me" feature to work, the login form must contain a checkbox with the name `remember_me`.

##### Login form example

[](#login-form-example)

```

         Remember me / Запомнить меня

    Login

```

##### Restoring session (Remember Me)

[](#restoring-session-remember-me)

> Called at the beginning of the application loading (before authorization check). If the user has valid 'Remember Me' cookies, the session will be restored automatically.

```
Auth::restoreSessionIfSetRememberMe("login");
```

##### Authorization check

[](#authorization-check)

###### General authorization check

[](#general-authorization-check)

> Check if the user is authorized. If not — redirect to 'login'

```
if (!Auth::authorization(null, "login")) {
    exit;
}
```

> If you just need to get a boolean value without a redirect (for example, for an API):

```
$isLoggedIn = Auth::authorization();
```

###### Access to personal user resources

[](#access-to-personal-user-resources)

> For access control to a specific user's resources (e.g., profile, personal data), a token is used. The token is generated from the user's password, email, and session hash.

```
// Generate token for the current user
$token = md5($user['password'] . $user['email'] . Auth::getSessionHash());

// Check if the token matches the session token
if (!Auth::authorization($token, "login")) {
    exit;
}
```

##### Role-Based Access Control

[](#role-based-access-control)

> Check if the current role ('admin') has privileges not lower than the requested ones ('editor'). If privileges are insufficient — redirect to 'error/403'

```
use Rudra\Container\Facades\Session;

// Get the role of the current user from the session (for example, after authorization)
if (Session::has("user")) {
   $currentRole = Session::get("user")['role'] ?? 'user';
}

// Check if the permissions are sufficient for access (for example, 'editor' level is required)
if (!Auth::roleBasedAccess($currentRole, "editor", "error/403")) {
    exit;
}
```

##### Log out of the authentication session with a redirect to the login page

[](#log-out-of-the-authentication-session-with-a-redirect-to-the-login-page)

```
Auth::logout("login");
```

License
-------

[](#license)

This project is licensed under the **Mozilla Public License 2.0 (MPL-2.0)** — a free, open-source license that:

- Requires preservation of copyright and license notices,
- Allows commercial and non-commercial use,
- Requires that any modifications to the original files remain open under MPL-2.0,
- Permits combining with proprietary code in larger works.

📄 Full license text: [LICENSE](./LICENSE)
🌐 Official MPL-2.0 page:

###  Health Score

49

—

FairBetter than 94% of packages

Maintenance98

Actively maintained with recent releases

Popularity18

Limited adoption so far

Community14

Small or concentrated contributor base

Maturity56

Maturing project, gaining track record

 Bus Factor1

Top contributor holds 99.8% of commits — single point of failure

How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window.

**Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores.

**Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement.

**Maturity (30%)** — Project age, version count, PHP version support, and release stability.

###  Release Activity

Cadence

Every ~90 days

Total

5

Last Release

9d ago

Major Versions

v25.12 → v26.12025-12-26

PHP version history (2 changes)v25.6PHP &gt;=8.3

v26.7PHP ^8.3

### Community

Maintainers

![](https://www.gravatar.com/avatar/75e65761bdd94035d1c783773a706d5722ce3164fe55d9722581c2cb4a642d8c?d=identicon)[jagepard](/maintainers/jagepard)

---

Top Contributors

[![Jagepard](https://avatars.githubusercontent.com/u/4591345?v=4)](https://github.com/Jagepard "Jagepard (424 commits)")[![scrutinizer-auto-fixer](https://avatars.githubusercontent.com/u/6253494?v=4)](https://github.com/scrutinizer-auto-fixer "scrutinizer-auto-fixer (1 commits)")

---

Tags

authrudraauthAuthenticationrudra

### Embed Badge

![Health badge](/badges/rudra-auth/health.svg)

```
[![Health](https://phpackages.com/badges/rudra-auth/health.svg)](https://phpackages.com/packages/rudra-auth)
```

###  Alternatives

[tymon/jwt-auth

JSON Web Token Authentication for Laravel and Lumen

11.7k51.8M370](/packages/tymon-jwt-auth)[league/oauth2-server

A lightweight and powerful OAuth 2.0 authorization and resource server library with support for all the core specification grants. This library will allow you to secure your API with OAuth and allow your applications users to approve apps that want to access their data from your API.

6.7k147.0M289](/packages/league-oauth2-server)[php-open-source-saver/jwt-auth

JSON Web Token Authentication for Laravel and Lumen

84611.1M63](/packages/php-open-source-saver-jwt-auth)[auth0/auth0-php

PHP SDK for Auth0 Authentication and Management APIs.

41021.9M91](/packages/auth0-auth0-php)[kreait/firebase-tokens

A library to work with Firebase tokens

23945.4M18](/packages/kreait-firebase-tokens)[auth0/login

Auth0 Laravel SDK. Straight-forward and tested methods for implementing authentication, and accessing Auth0's Management API endpoints.

2795.3M3](/packages/auth0-login)

PHPackages © 2026

[Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)
