PHPackages seablast/auth - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. seablast/auth ActiveLibrary seablast/auth ============= No-password authentication and authorisation library for Seablast for PHP v0.1.8(4mo ago)01.7k[1 PRs](https://github.com/WorkOfStan/seablast-auth/pulls)MITPHPPHP >=7.2 <8.6CI passing Since Jun 1Pushed 2mo ago1 watchersCompare [ Source](https://github.com/WorkOfStan/seablast-auth)[ Packagist](https://packagist.org/packages/seablast/auth)[ RSS](/packages/seablast-auth/feed)WikiDiscussions main Synced 1mo ago READMEChangelog (9)Dependencies (10)Versions (12)Used By (0) `Seablast\Auth` =============== [](#seablastauth) A no-password authentication and authorization extension for [Seablast for PHP](https://github.com/WorkOfStan/seablast) apps. This extension facilitates secure user verification and efficient access control. Optionally, `Seablast\Auth` has a ligthweight integration with Google and Facebook to support social authentication, allowing seamless sign-in through various social media platforms. Integrable via Composer, it activates only when required, equipping your app with essential security features effortlessly. If your Seablast-based application necessitates user authentication or resource authorization, incorporating `Seablast\Auth` will equip it with these capabilities instantly. (For applications that do not require these features, `Seablast\Auth` can simple be not included to maintain a lighter application footprint.) User management --------------- [](#user-management) - RBAC (Role-Based Access Control) supported - user MUST have one role (admin, editor, ordinary user) - user MAY belong to various groups (based on subscription tariff, a promotion, etc.) Usage ----- [](#usage) When just getting the identity of a logged-in user is needed: ``` // Instantiate the IdentityManager class with `\mysqli` $identity = new IdentityManager($this->configuration->mysqli()); // If prefix is used, inject it $identity->setTablePrefix($this->configuration->dbmsTablePrefix()); // To make Remember me Cookies predictable = avoid conflicts, inject a cookie path $identity->setCookiePath($this->configuration->getString(SeablastConstant::SB_SESSION_SET_COOKIE_PARAMS_PATH)); ``` To create the expected database table structure, just add the seablast/auth migration path to your phinx.php configuration, e.g. ``` 'paths' => [ 'migrations' => [ '%%PHINX_CONFIG_DIR%%/db/migrations', '%%PHINX_CONFIG_DIR%%/../vendor/seablast/auth/conf/db/migrations', ], 'seeds' => '%%PHINX_CONFIG_DIR%%/db/seeds' ], ``` Following tables will be created (prefixed as set in your app), so avoid conflict with the naming of tables by your app: - email\_token (user) - group (user\_groups) - group\_activation\_tokens (user\_groups) - roles (user) - session\_user (user) - users (user) - user\_group (user\_groups) ### Cookies [](#cookies) IdentityManager expects cookie scope being set already by: ``` session_set_cookie_params( int $lifetime_or_options, ?string $path = null, ?string $domain = null, ?bool $secure = null, ?bool $httponly = null ): bool ``` Note: sbRememberMe cookie created/read only if the web is accessed over HTTPS and if allowed by `AuthApp:FLAG_REMEMBER_ME_COOKIE` (allowed by default). (todo check whether if not allowed, it is really not created or just not read) ### Routing [](#routing) `/user` is the default route (which can be changed by `AuthConstant::USER_ROUTE`) to the user log-in/log-out page, but if you want to customize it, configure path to your own template within your app's `conf/app.conf.php` like this: ``` //->setString(AuthConstant::USER_ROUTE, '/user') // can be changed ->setArrayArrayString( SeablastConstant::APP_MAPPING, '/user', [ 'template' => 'user', // your latte template including login-form.latte 'model' => '\Seablast\Auth\UserModel', ] ) ``` The successful login behaviour is reload the current page or go to a social login success page: ``` ->setString(AuthConstant::SOCIAL_LOGIN_SUCCESS_URL, '') // empty OR not set => just reload; otherwise go to the fully qualified URL of a social login success page ``` Note 1: already Seablast::v0.2.5 is using the default settings in the [conf/app.conf.php](conf/app.conf.php), so Seablast/Auth configuration is used with v0.2.5 forward. `send-auth-token.js` (since Seablast::v0.2.10) expects the route `/api/social-login` as configured in [app.conf.php](conf/app.conf.php) and provider either `facebook` or `google`. These arguments `window.sendAuthToken(token, apiRoute, errorLogger);` are processed since Seablast::v0.2.13. Note 2: `const API_BASE = ''; const flags = [];` MUST be defined in JavaScript as the default `/user` expects these two variables. ### View [](#view) `\Seablast\Auth\UserModel` returns arguments ($configuration, $csrfToken, $message, $showLogin, $showLogout) for the user.latte template: ``` {include '../vendor/seablast/auth/views/user-control.latte'} ``` Note 1: user.latte uses inherite.latte for all the latte parts, so either you may use it or include user-control.latte or create app version of any of the latte parts. Note 2: vendor/seablast is accessible for Seablast apps, so the web browser assets (such as `send-auth-token.js`) used by plugins MUST be put into assets folder of the Seablast library. ### Social login [](#social-login) Existence of configuration strings 'FACEBOOK\_APP\_ID' or 'GOOGLE\_CLIENT\_ID' imply option to login by these platforms respectively. Note 1: social login can be deactivated in an app by `->deactivate(AuthConstant::FLAG_USE_SOCIAL_LOGIN)` in the configuration. Note 2: send-auth-token.js is expected in seablast directory, which needs at least Seablast v0.2.10. (These arguments `window.sendAuthToken(token, apiRoute, errorLogger);` are processed since Seablast::v0.2.13.) Note 3: The new Google Identity Services no longer opens a traditional pop‑up account chooser; instead, it displays the One Tap UI. ### MailOut::send() method is a generic mail sender built on top of Symfony Mailer [](#mailoutsend-method-is-a-generic-mail-sender-built-on-top-of-symfony-mailer) Sending of emails to users MUST be activated, so that `$this->configuration->flag->status(SeablastConstant::USER_MAIL_ENABLED)` is true. ``` // Usage: use Seablast\Auth\MailOut; $sendMail = new MailOut('smtp://smtp.example.com:587', 'noreply@example.com'); $sendMail->send( to: 'user@example.com', subject: 'Login link', textBody: "Open this URL: https://app.example.com/?token=XYZ", options: [ 'cc' => ['cc1@example.com', 'cc2@example.com'], // optional 'bcc' => 'audit@example.com', // optional, can be string or array 'html' => 'Open this URL: Login', // optional // 'replyTo' => 'support@example.com', // optional // 'from' => 'custom-from@example.com', // optional override of defaultFrom // 'priority'=> Email::PRIORITY_HIGH, // optional (1..5), default normal ] ); ``` Testing ------- [](#testing) Run [./test.sh](./test.sh) for essential PHPUnit tests: - create token and use it, - check its disapperance as it's valid only once, - invalid emails is not accepted, - SQL injection attempts is not accepted. TODO ---- [](#todo) - 251227, success email token login/logout page - 251227, define also (social login) logout page ### Health Score 44 — FairBetter than 92% of packages Maintenance82 Actively maintained with recent releases Popularity20 Limited adoption so far Community7 Small or concentrated contributor base Maturity54 Maturing project, gaining track record Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~71 days Total 9 Last Release 134d ago PHP version history (3 changes)v0.1PHP ^7.2 || ^8.0 v0.1.6PHP >=7.2 <8.5 v0.1.8PHP >=7.2 <8.6 ### Community Maintainers ![](https://www.gravatar.com/avatar/f8ab84e79abe75dc2ab7d20061533e5dbd4f5ccde41708c7ae7b70360b4d79f2?d=identicon)[WorkOfStan](/maintainers/WorkOfStan) --- Top Contributors [![WorkOfStan](https://avatars.githubusercontent.com/u/26247074?v=4)](https://github.com/WorkOfStan "WorkOfStan (13 commits)") --- Tags facebook-logingoogle-loginrole-based-access-controlsecure-login-phpsocial-loginsocial-login-google ### Code Quality TestsPHPUnit ### Embed Badge ![Health badge](/badges/seablast-auth/health.svg) ``` [![Health](https://phpackages.com/badges/seablast-auth/health.svg)](https://phpackages.com/packages/seablast-auth) ``` ### Alternatives [sylius/sylius E-Commerce platform for PHP, based on Symfony framework. 8.4k5.6M650](/packages/sylius-sylius)[drupal/core Drupal is an open source content management platform powering millions of websites and applications. 19462.3M1.3k](/packages/drupal-core)[sulu/sulu Core framework that implements the functionality of the Sulu content management system 1.3k1.3M152](/packages/sulu-sulu)[tempest/framework The PHP framework that gets out of your way. 2.1k23.1k9](/packages/tempest-framework)[contao/core-bundle Contao Open Source CMS 1231.6M2.3k](/packages/contao-core-bundle)[shopsys/framework Core of Shopsys Platform - open source framework for building large, scalable, fast-growing e-commerce projects based on Symfony 25211.4k19](/packages/shopsys-framework) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)