PHPackages sandstorm/usermanagement - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Authentication & Authorization](/categories/authentication) 4. / 5. sandstorm/usermanagement ActiveNeos-package[Authentication & Authorization](/categories/authentication) sandstorm/usermanagement ======================== Neos and Flow package for user management, login/logout, password reset and user activation 8.0.0(4mo ago)3828.4k↓35.7%30[17 issues](https://github.com/sandstorm/UserManagement/issues)[2 PRs](https://github.com/sandstorm/UserManagement/pulls)MITPHP Since Jun 6Pushed 4mo ago10 watchersCompare [ Source](https://github.com/sandstorm/UserManagement)[ Packagist](https://packagist.org/packages/sandstorm/usermanagement)[ Docs](https://github.com/sandstorm/UserManagement)[ RSS](/packages/sandstorm-usermanagement/feed)WikiDiscussions master Synced 1mo ago READMEChangelog (10)Dependencies (2)Versions (61)Used By (0) Sandstorm.UserManagement Neos / Flow Package ============================================ [](#sandstormusermanagement-neos--flow-package) 0. Features =========== [](#0-features) This package works in Neos CMS and Flow and provides the following functionality: - Registration of (frontend) users via a registration form - Sending out an e-mail for account confirmation - Login of registered (frontend) users via a login form - "Forgotten password" with password reset e-mail 1. Compatibility and Maintenance ================================ [](#1-compatibility-and-maintenance) Sandstorm.UserManagement is currently being maintained for the following versions: Neos / Flow VersionSandstorm.UserManagement VersionBranchMaintainedNeos 8.3-9.x, Flow 8.3-9.x8.xmasterYesNeos 5.x-8.x, Flow 6.x-8.x7.x7.0YesNeos 4.x, Flow 5.x6.x6.0YesNeos 3.x, Flow 4.x5.x5.0BugfixesNeos 2.3 LTS, Flow 3.3 LTS3.x3.0NoNeos 2.2, Flow 3.21.x-NoBreaking changes in Version 5.x ------------------------------- [](#breaking-changes-in-version-5x) ### Configuration Changes [](#configuration-changes) Since I've removed the direct dependency to swiftmailer in favor of the Sandstorm/TemplateMailer package (which provides css inlining), the EmailService in this package was removed. This means that you will need to change some of your config options, because they are now set in the Sandstorm.TemplateMailer config path instead of inside the Sandstom.UserManagement path. Please refer to the [Sandstorm/TemplateMailer Documentation](https://github.com/sandstorm/TemplateMailer)for instructions on how to set the following configurations: - senderAddress - senderName - templatePackage Hint: to override the sender address for this package, you will need the following setting: ``` Sandstorm: TemplateMailer: senderAddresses: sandstorm_usermanagement_sender_email: # You need to use this exact key to override the UserManagement defaults name: Your-App address: yoursenderemail@yourapp.de ``` ### Changes to Email Templates [](#changes-to-email-templates) In the registration email templates, two variables are no longer available by default: - "applicationName" (filled with configured email senderAddress) - "email" (filled with the email address the mail is sent to) However, in the registration email, "registrationFlow" is now available, which gives access to the email as well to all other information the user has entered during the registration process (as long as it is stored in the RegistrationFlow object). To overwrite the existing Activation- and PasswordReset templates, do the following: - Add `ActivationToken.html`, `ActivationToken.txt`, `ResetPasswordToken.html` and `ResetPasswordToken.txt` to `/Resources/Private/EmailTemplates/` - Fill in the necessary information (you can use the [sandstormUserManagement templates](https://github.com/sandstorm/UserManagement/tree/master/Resources/Private/EmailTemplates) as a point of reference - Add your package to your TemplateMailer-Configuration 2. Configuration ================ [](#2-configuration) Setup ----- [](#setup) There are the basic config steps: 1. Run `./flow doctrine:migrate` after you add this package to install its model. The package automatically exposes its routes via auto-inclusion in the package settings. Attention: Any routes defined in the global `Routes.yaml` are loaded before this package's routes, so they may be overriden. This is especially true for the default Flow subroutes, so make sure you have removed those from your global `Routes.yaml`. If you can't remove them, just include the subroutes for this package manually before the Flow subroutes. 2. Require this package in your own package's `composer.json`. This will inform Flow that it needs to load UserManagement before your packages, which allows you to override config and will make sure authorizations work correctly. Keep in mind that you have to add this into all packages that use features from user management - very important if your site is split into multiple packages or plugins. Here's an example: ``` { "description": "Your Site Package", "type": "neos-site", (or "neos-package" if you're using Flow only or building a Plugin) "require": { "neos/neos": "*", "sandstorm/usermanagement": "*" } ...more settings here... } ``` 3. Run `./flow neos.flow:package:rescan` to regenerate to order in which all your packages are loaded. 4. Add and adapt the configuration settings below to your config (make sure to not miss the special Neos settings). Basic configuration options --------------------------- [](#basic-configuration-options) These are the basic configuration options for e-mails, timeouts etc. You will usually want to adapt these to your application. ``` Sandstorm: UserManagement: # Validity timespan for the activation token for newly registered users. activationTokenTimeout: '2 days' # Validity timespan for the token used to reset passwords. resetPasswordTokenTimeout: '4 hours' # The message that appears if a user could not be logged in. authFailedMessage: title: 'Login nicht möglich' body: 'Sie haben ungültige Zugangsdaten eingegeben. Bitte versuchen Sie es noch einmal.' # Email settings email: # Subject line for the account confirmation email subjectActivation: 'Please confirm your account' # Subject line for the password reset email subjectResetPassword: 'Password reset' # An array of roles which are assigned to users after they activate their account. rolesForNewUsers: [] ``` ### I18N [](#i18n) It is possible to use i18n for the messages configured in the settings. Simply by setting the values to 'i18n'. ``` Sandstorm: UserManagement: authFailedMessage: title: 'i18n' body: 'i18n' email: subjectActivation: 'i18n' subjectResetPassword: 'i18n' ``` Additional Settings for usage in Neos ------------------------------------- [](#additional-settings-for-usage-in-neos) You should switch the implementation of the Redirect and User Creation Services to the Neos services. Add this to your `Objects.yaml`: ``` # Use the Neos services Sandstorm\UserManagement\Domain\Service\RedirectTargetServiceInterface: className: 'Sandstorm\UserManagement\Domain\Service\Neos\NeosRedirectTargetService' Sandstorm\UserManagement\Domain\Service\UserCreationServiceInterface: className: 'Sandstorm\UserManagement\Domain\Service\Neos\NeosUserCreationService' ``` Be aware that the `NeosUserCreationService` requires a non-empty firstName and lastName to be present in the `RegistrationFlow` attributes as it's in the templates of this package. ### Neos 3.0 and higher [](#neos-30-and-higher) Add the following to your package's (or the global) `Settings.yaml`. This creates a separate authentication provider so Neos can distinguish between frontend and backend logins. ``` Neos: Flow: security: authentication: providers: 'Neos.Neos:Backend': requestPatterns: Sandstorm.UserManagement:NeosBackend: pattern: Sandstorm\UserManagement\Security\NeosRequestPattern patternOptions: 'area': 'backend' 'Sandstorm.UserManagement:Login': provider: PersistedUsernamePasswordProvider requestPatterns: Sandstorm.UserManagement:NeosFrontend: pattern: Sandstorm\UserManagement\Security\NeosRequestPattern patternOptions: 'area': 'frontend' ``` ### Neos 2.3 (Flow 3.3) [](#neos-23-flow-33) Before Neos 3.0, the `Neos.Neos:Backend` authentication provider was called `Typo3BackendProvider`. Replace `Neos.Neos:Backend`with `Typo3BackendProvider` in the config above. 3. Usage ======== [](#3-usage) CLI Commands ------------ [](#cli-commands) ### Creating users [](#creating-users) The package exposes a command to create users. You can run `./flow sandstormuser:create test@example.com password --additionalAttributes="firstName:Max;lastName:Mustermann"` to create a user. This will create a Neos user if you're using the package in Neos. You can assign roles to the new user in the Neos backend afterwards. ### Confirming user registration [](#confirming-user-registration) It is possible to confirm a registrationflow and trigger user creation by running `./flow sandstormuser:activateregistration test@example.com` ### Resetting passwords [](#resetting-passwords) Since 1.1.2, it is possible to reset passwords for users created with this package. `./flow sandstormuser:setpassword test@example.com password` If the package detects that the NeosUserCreationService is used, it forwards the command to the Neos `UserCommandController->setPasswordCommand()`. Otherwise, our oackage's own logic is used. The Authentication Provider can be passed in as an optional argument to reset passwords for users created with a different provider that the default UserManagement one (`Sandstorm.UserManagement:Login`): `./flow sandstormuser:setpassword test@example.com password --authenticationProvider=Typo3BackendProvider` Redirect after login/logout --------------------------- [](#redirect-after-loginlogout) ### Via configuration [](#via-configuration) To define where users should be redirected after they log in or out, you can set some config options: ``` Sandstorm: UserManagement: redirect: # To activate redirection, make these settings: afterLogin: action: 'action' controller: 'Controller' package: 'Your.Package' afterLogout: action: 'action' controller: 'Controller' package: 'Your.Package' ``` ### Via node properties [](#via-node-properties) When using the package within Neos, you have another possibility: you can set properties on the LoginForm node type. The pages you link here will be shown after users log in or out. Please note that when a login/logout form is displayed on a restricted page: in that case you MUST set a redirect target, otherwise you will receive an error message on logout. If the redirection is configured via Settings.yaml, they will take precedence over the configuration at the node. You can, of course, set these properties from TypoScript also if you have a login/logout form directly in you template: ``` loginform = Sandstorm.UserManagement:LoginForm { // This should be set, or there will be problems when you have multiple plugins on a page argumentNamespace = 'login' // Redirect to the parent page automatically after logout redirectAfterLogout = ${q(documentNode).parent().get(0)} } ``` ### Via custom RedirectTargetService [](#via-custom-redirecttargetservice) If redirecting to a specific controller method is still not enough for you, you can simply roll your own implementation of the `RedirectTargetServiceInterface`. Just add the implementation within your own package and add the following lines to your `Objects.yaml`. Mind the package loading order, you package should require sandstorm/usermanagement in its composer.json. ``` Sandstorm\UserManagement\Domain\Service\RedirectTargetServiceInterface: className: 'Your\Package\Domain\Service\YourCustomRedirectTargetService' ``` Checking for a logged-in user in your templates ----------------------------------------------- [](#checking-for-a-logged-in-user-in-your-templates) There is a ViewHelper available that allows you to check if somebody is logged into the frontend. Here's an example: ``` {namespace um=Sandstorm\UserManagement\ViewHelpers} You are currently logged in. You are not logged in! ``` If you have configured a different Authentication Provider than the default one, the viewhelper has an `authenticationProviderName`argument to which you can pass the name of the Auth Provider you are using. Extending the package ===================== [](#extending-the-package) Changing / overriding templates ------------------------------- [](#changing--overriding-templates) You can change any template via the default method using `Views.yaml`. Please see . Here's an example how to plug your own login template: ``` - requestFilter: 'mainRequest.isPackage("Neos.Neos") && isPackage("Sandstorm.UserManagement") && isController("Login") && isAction("login")' options: templatePathAndFilename: 'resource://Your.Package/Private/Templates/Login/Login.html' partialRootPaths: ['resource://Your.Package/Private/Partials'] layoutRootPaths: ['resource://Your.Package/Private/Layouts'] ``` Overriding e-mail templates --------------------------- [](#overriding-e-mail-templates) As documented in the configuration options above, overriding e-mail templates is easy: - Copy the `EmailTemplates` folder from the UserManagement's `Resources/Private` folder into your own package and modify the templates to your heart's desire. - Add your own package to the templatePackages config, as described in [Sandstorm/TemplateMailer Documentation](https://github.com/sandstorm/TemplateMailer). Changing the User model ----------------------- [](#changing-the-user-model) You might want to add additional information to the user model. This can be done by extending the User model delivered with this package and adding properties as you like. You will then need to switch out the implementation of `UserCreationServiceInterface` to get control over the creation process. This can be done via `Objects.yaml`: ``` Sandstorm\UserManagement\Domain\Service\UserCreationServiceInterface: className: 'Your\Package\Domain\Service\YourCustomUserCreationService' ``` Hooking into the login/logout process ------------------------------------- [](#hooking-into-the-loginlogout-process) The UserManagement package emits three signals during the login and logout process, into which you can hook using Flows [Signals and Slots](http://flowframework.readthedocs.io/en/stable/TheDefinitiveGuide/PartIII/SignalsAndSlots.html)mechanism. You could for example use this to set additional cookies when a user logs in, e.g. to enable JWT authentication with another service. Here is an example of using all three, you could copy this into your own `Package.php` file: ``` public function boot(Bootstrap $bootstrap) { $dispatcher = $bootstrap->getSignalSlotDispatcher(); $dispatcher->connect( \Sandstorm\UserManagement\Controller\LoginController::class, 'authenticationSuccess', \Your\Package\Domain\Service\ExampleService::class, 'onAuthenticationSuccess' ); $dispatcher->connect( \Sandstorm\UserManagement\Controller\LoginController::class, 'authenticationFailure', \Your\Package\Domain\Service\ExampleService::class, 'onAuthenticationFailure' ); $dispatcher->connect( \Sandstorm\UserManagement\Controller\LoginController::class, 'logout', \Your\Package\Domain\Service\ExampleService::class, 'onLogout' ); } ``` Your example service could then look like this: ``` namespace Your\Package\Domain\Service; use Neos\Flow\Mvc\ActionRequest; use Neos\Flow\Mvc\Controller\ControllerContext; use Neos\Flow\Security\Exception\AuthenticationRequiredException; class ExampleService { public function onAuthenticationSuccess(ControllerContext $controllerContext, ActionRequest $originalRequest = null) { // Do custom stuff here } public function onAuthenticationFailure(ControllerContext $controllerContext, AuthenticationRequiredException $exception = null) { // Do custom stuff here } public function onLogout(ControllerContext $controllerContext) { // Do custom stuff here } } ``` Changing the Registration Flow and validation logic --------------------------------------------------- [](#changing-the-registration-flow-and-validation-logic) The `RegistrationFlow` class is the representation of a user signing up for your application. It has a few default properties and can be extended with arbitrary additional data via its `attributes` property. ### Adding custom fields to the Registration Flow [](#adding-custom-fields-to-the-registration-flow) Exchange the registration template as described above and add a field: ``` ``` This will add the field, but of course you might also want to validate it. ### Extending the Registration Flow validation logic [](#extending-the-registration-flow-validation-logic) The UserManagement package has a hook for you to implement your custom registration flow validation logic. It is called directly from the domain model validator of the package. All you need to to is create an implementation of `Sandstorm\UserManagement\Domain\Service\RegistrationFlowValidationServiceInterface` in your own package. It could look like this: ``` class RegistrationFlowValidationService implements RegistrationFlowValidationServiceInterface { /** * @param RegistrationFlow $registrationFlow * @param RegistrationFlowValidator $validator * @return void */ public function validateRegistrationFlow(RegistrationFlow $registrationFlow, RegistrationFlowValidator $validator) { // This is an example of your own custom validation logic. if ($registrationFlow->getAttributes()['agb'] !== '1') { $validator->getResult()->forProperty('attributes.terms')->addError(new \Neos\Flow\Validation\Error('You need to accept the terms and conditions.')); } } } ``` 4. Running Tests ================ [](#4-running-tests) Run all tests with: `./bin/phpunit -c ./Build/BuildEssentials/PhpUnit/UnitTests.xml Packages/Application/Sandstorm.UserManagement/Tests/Unit` 5. Known issues =============== [](#5-known-issues) Feel free to submit issues/PRs :) 6. TODOs ======== [](#6-todos) - More Tests. 7. FAQ ====== [](#7-faq) - *What happens if the user did not receive the registration email?*Just tell the user to register again. In this case, previous unfinished registrations are discarded. 8. License ========== [](#8-license) MIT. ### Health Score 56 — FairBetter than 98% of packages Maintenance67 Regular maintenance activity Popularity40 Moderate usage in the ecosystem Community27 Small or concentrated contributor base Maturity77 Established project with proven stability Bus Factor2 2 contributors hold 50%+ of commits How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~60 days Recently: every ~333 days Total 59 Last Release 131d ago Major Versions 5.1.4 → 6.0.12018-09-28 5.1.5 → 7.0.02019-11-04 5.0.x-dev → 6.2.12020-03-11 6.0.x-dev → 7.0.22020-03-11 7.1.5 → 8.0.02026-01-08 ### Community Maintainers ![](https://www.gravatar.com/avatar/2ced0d63cfdae881c32128c7f66451a013d3e24d9eed210d6a846b6d8e95fa3b?d=identicon)[sandstorm](/maintainers/sandstorm) --- Top Contributors [![skurfuerst](https://avatars.githubusercontent.com/u/190777?v=4)](https://github.com/skurfuerst "skurfuerst (41 commits)")[![beheist](https://avatars.githubusercontent.com/u/10347669?v=4)](https://github.com/beheist "beheist (9 commits)")[![MarcoPNS](https://avatars.githubusercontent.com/u/35105681?v=4)](https://github.com/MarcoPNS "MarcoPNS (8 commits)")[![gerks](https://avatars.githubusercontent.com/u/255671?v=4)](https://github.com/gerks "gerks (5 commits)")[![JamesAlias](https://avatars.githubusercontent.com/u/1615332?v=4)](https://github.com/JamesAlias "JamesAlias (5 commits)")[![t-baier](https://avatars.githubusercontent.com/u/26550382?v=4)](https://github.com/t-baier "t-baier (4 commits)")[![Pingu501](https://avatars.githubusercontent.com/u/12086990?v=4)](https://github.com/Pingu501 "Pingu501 (4 commits)")[![on3iro](https://avatars.githubusercontent.com/u/8681413?v=4)](https://github.com/on3iro "on3iro (3 commits)")[![batabana](https://avatars.githubusercontent.com/u/36864084?v=4)](https://github.com/batabana "batabana (2 commits)")[![cvette](https://avatars.githubusercontent.com/u/6884391?v=4)](https://github.com/cvette "cvette (2 commits)")[![robertlemke](https://avatars.githubusercontent.com/u/95582?v=4)](https://github.com/robertlemke "robertlemke (1 commits)")[![tantegerda1](https://avatars.githubusercontent.com/u/4216652?v=4)](https://github.com/tantegerda1 "tantegerda1 (1 commits)")[![andrehoffmann30](https://avatars.githubusercontent.com/u/23524251?v=4)](https://github.com/andrehoffmann30 "andrehoffmann30 (1 commits)")[![ursulaklinger](https://avatars.githubusercontent.com/u/10496335?v=4)](https://github.com/ursulaklinger "ursulaklinger (1 commits)")[![daniellienert](https://avatars.githubusercontent.com/u/642226?v=4)](https://github.com/daniellienert "daniellienert (1 commits)")[![fnkr](https://avatars.githubusercontent.com/u/616991?v=4)](https://github.com/fnkr "fnkr (1 commits)")[![gerdemann](https://avatars.githubusercontent.com/u/690536?v=4)](https://github.com/gerdemann "gerdemann (1 commits)")[![haase-fabian](https://avatars.githubusercontent.com/u/55744962?v=4)](https://github.com/haase-fabian "haase-fabian (1 commits)")[![htuscher](https://avatars.githubusercontent.com/u/5076356?v=4)](https://github.com/htuscher "htuscher (1 commits)")[![jonathantechniconcept](https://avatars.githubusercontent.com/u/29302103?v=4)](https://github.com/jonathantechniconcept "jonathantechniconcept (1 commits)") --- Tags flowneosregistrationsandstormusermanagementuserloginregistrationflowNeoslogoutaccountfrontend-loginforgot password ### Embed Badge ![Health badge](/badges/sandstorm-usermanagement/health.svg) ``` [![Health](https://phpackages.com/badges/sandstorm-usermanagement/health.svg)](https://phpackages.com/packages/sandstorm-usermanagement) ``` ### Alternatives [teresko/palladium User authentication and registration component 4414.2k](/packages/teresko-palladium)[sarav/laravel-multiauth A Simple Laravel Package for handling multiple authentication 5030.7k](/packages/sarav-laravel-multiauth)[gburtini/acl Dependency free, simple access control lists for PHP. 3710.4k](/packages/gburtini-acl)[org_heigl/hybridauth Lightweight Authentication Module for Zend-Framework 2 using the hybridauth-library 211.9k](/packages/org-heigl-hybridauth) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)