PHPackages                             shovv/phalcon-user-plugin - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [Authentication &amp; Authorization](/categories/authentication)
4. /
5. shovv/phalcon-user-plugin

ActiveLibrary[Authentication &amp; Authorization](/categories/authentication)

shovv/phalcon-user-plugin
=========================

User plugin for Phalcon PHP framework

7.0.1(2y ago)0181[1 PRs](https://github.com/shovv/PhalconUserPlugin/pulls)MITPHPPHP &gt;=8.2.0

Since Jun 13Pushed 2y agoCompare

[ Source](https://github.com/shovv/PhalconUserPlugin)[ Packagist](https://packagist.org/packages/shovv/phalcon-user-plugin)[ Docs](https://github.com/calinrada/PhalconUserPlugin)[ RSS](/packages/shovv-phalcon-user-plugin/feed)WikiDiscussions master Synced 2d ago

READMEChangelogDependencies (8)Versions (50)Used By (0)

Phalcon User Plugin (v 3.0)
===========================

[](#phalcon-user-plugin-v-30)

- [About](#about)
- [Features](#features)
- [Installation](#installation)
- [Plug it](#plug-it)
- [Configuration](#configuration)
- [Example controller](#example-controller)
- [Known issues](#known-issues)
- [Examples](#examples)
- [TODO](#todo)

### About

[](#about)

This is a plugin based on Vokuro ACL idea.

### Features

[](#features)

- Login / Register with LinkedIn account
- Login / Register with Twitter account
- Login / Register with Google account
- Change password
- Password recovery by email
- Protect different areas from your website, where a user must be logged in, in order to have access
- Protect different actions, based on the ACL list for each user
- User profile: birth date, birth location, current location, profile picture
- Locations - save locations using google API - see Wiki for examples
- Simple notifications system

### Installation

[](#installation)

The recommended installation is via [Composer](https://getcomposer.org/).

For minor / bug releases (based on [semantic versioning](https://semver.org/)):

```
$ composer require crada/phalcon-user-plugin:^3.0.0
```

For all commits and most current version (unstable):

```
$ composer require --dev crada/phalcon-user-plugin:v3.0.0
```

For bug releases only (maximum stability):

```
$ composer require crada/phalcon-user-plugin:~3.0.0
```

Or manually by adding the following to your `composer.json`:

```
{
  "require": {
    "crada/phalcon-user-plugin": "^3.0.0"
  }
}
```

and then updating composer:

```
$ composer update
```

### Plug it

[](#plug-it)

Add the following lines where to your events manager:

```
$security = new \Phalcon\UserPlugin\Plugin\Security($di);
$eventsManager->attach('dispatch', $security);
```

Full example code:

```
use Phalcon\UserPlugin\Plugin\Security as SecurityPlugin;
use Phalcon\Mvc\Dispatcher;

$di->setShared(
    'dispatcher',
    function() use ($di) {
        $eventsManager = $di->getShared('eventsManager');

        $security = new SecurityPlugin($di);
        $eventsManager->attach('dispatch', $security);

        $dispatcher = new Dispatcher();
        $dispatcher->setEventsManager($eventsManager);

        return $dispatcher;
    }
);
```

Register Auth, Mail and Acl services

```
use Phalcon\UserPlugin\Auth\Auth;
use Phalcon\UserPlugin\Acl\Acl;
use Phalcon\UserPlugin\Mail\Mail;

$di->setShared(
    'auth',
    function() {
        return new Auth();
    }
);

$di->setShared(
    'acl',
    function() {
        return new Acl();
    }
);

$di->setShared(
    'mail',
    function() {
        return new Mail();
    }
);
```

### Configuration

[](#configuration)

You must add configuration keys to your config.php file. If you are using a multimodule application, i recommend you to set up the configuration separately for each module.

#### Configuration examples

[](#configuration-examples)

In the example bellow, you will treat your website as public, EXCEPT the actions ACCOUNT and PROFILE from the USER controller:

```
'pup' => [
    'redirect' => [
        'success' => 'user/profile',
        'failure' => 'user/login'
    ],
    'resources' => [
        'type' => 'public',
        'resources' => [
            '*' => [
                // All except
                'user' => ['account', 'profile']
            ]
        ]
    ]
];
```

In the example bellow, the ONLY PUBLIC resources are the actions LOGIN and REGISTER from the USER controller:

```
'pup' => [
    'redirect' => [
        'success' => 'user/profile',
        'failure' => 'user/login'
    ],
    'resources' => [
        'type' => 'public',
        'resources' => [
            'user' => [
                'user' => ['login', 'register']
            ]
        ]
    ]
];
```

In the example bellow, you will treat your website as private, EXCEPT the actions LOGIN and REGISTER from the USER controller:

```
'pup' => [
    'redirect' => [
        'success' => 'user/profile',
        'failure' => 'user/login'
    ],
    'resources' => [
        'type' => 'private',
        'resources' => [
            '*' => [
                // All except
                'user' => ['login', 'register']
            ]
        ]
    ]
];
```

In the example bellow, the ONLY PRIVATE resources are the actions ACCOUNT and PROFILE from the USER controller:

```
'pup' => [
    'redirect' => [
        'success' => 'user/profile',
        'failure' => 'user/login'
    ],
    'resources' => [
        'type' => 'private',
        'resources' => [
            'user' => [
                'user' => ['account', 'profile']
            ]
        ]
    ]
];
```

Configuration example with connectors:

```
// phalcon-user-plugin
'pup' => [
    'redirect' => [
        'success' => 'user/profile',
        'failure' => 'user/login'
    ],
    'resources' => [
        'type' => 'public',
        'resources' => [
            '*' => [
                // All except
                'user' => ['account', 'profile']
            ]
        ]
    ],
    'connectors' => [
        'linkedIn' => [
            'api_key' => 'YOUR_LINKED_IN_APP_ID',
            'api_secret' => 'YOUR_LINKED_IN_APP_SECRET',
            'callback_url' => 'CALLBACK_URL'
        ],
        'twitter' => [
            'consumer_key' => 'TWITTER_CONSUMER_KEY',
            'consumer_secret' => 'TWITTER_CONSUMER_SECRET',
            // Leave empty if you don't want to set it
            'user_agent' => 'YOUR_APPLICATION_NAME'
        ],
        'google' => [
            'application_name' => 'YOUR_APPLICATION_NAME',
            'client_id' => 'YOUR_CLIENT_ID',
            'client_secret' => 'YOUR_CLIENT_SECRET',
            'developer_key' => 'YOUR_DEVELOPER_KEY',
            'redirect_uri' => 'YOUR_REDIRECT_URI'
        ]
    ]
];
```

### Example controller

[](#example-controller)

- For a complete controller example read the Wiki page:

```
class UserController extends Controller
{
    /**
     * Login user
     * @return \Phalcon\Http\ResponseInterface
     */
    public function loginAction()
    {
        if (true === $this->auth->isUserSignedIn()) {
            $this->response->redirect(['action' => 'profile']);
        }

        $form = new LoginForm();

        try {
            $this->auth->login($form);
        } catch (AuthException $e) {
            $this->flash->error($e->getMessage());
        }

        $this->view->form = $form;
    }

    /**
     * Login with LinkedIn account
     */
    public function loginWithLinkedInAction()
    {
        try {
            $this->view->disable();
            $this->auth->loginWithLinkedIn();
        } catch(AuthException $e) {
            $this->flash->error('There was an error connectiong to LinkedIn.');
        }
    }

    /**
     * Login with Twitter account
     */
    public function loginWithTwitterAction()
    {
        try {
            $this->view->disable();
            $this->auth->loginWithTwitter();
        } catch(AuthException $e) {
            $this->flash->error('There was an error connectiong to Twitter.');
        }
    }

    /**
     * Login with Google account
     */
    public function loginWithGoogleAction()
    {
        try {
            $this->view->disable();
            $this->auth->loginWithGoogle();
        } catch(AuthException $e) {
            $this->flash->error('There was an error connectiong to Google.');
        }
    }

    /**
     * Logout user and clear the data from session
     *
     * @return \Phalcon\Http\ResponseInterface
     */
    public function signoutAction()
    {
        $this->auth->remove();
        return $this->response->redirect('/', true);
    }
}
```

### Known issues

[](#known-issues)

- Twitter does not provide us the email. We are generating a random email for the user. It is your choice how you handle this
- Facebook lib has no php8 support so it has been removed, login with facebook has been deleted
- Phalcon/incubator has no phalcon5 support, so there will be workarounds

### Examples

[](#examples)

- [Notifications](https://github.com/calinrada/PhalconUserPlugin/wiki/Notifications)

### TODO

[](#todo)

- Implement CRUD templates for ACl, UserManagement, etc
- Update Swift Mailer to Symfony Mailer
- Fix failing test for testBeforeDispatchLoopRedirect and testBeforeDispatchLoopFail
- Check @TODOs in code

###  Health Score

36

—

LowBetter than 79% of packages

Maintenance20

Infrequent updates — may be unmaintained

Popularity7

Limited adoption so far

Community17

Small or concentrated contributor base

Maturity89

Battle-tested with a long release history

 Bus Factor1

Top contributor holds 60.4% of commits — single point of failure

How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window.

**Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores.

**Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement.

**Maturity (30%)** — Project age, version count, PHP version support, and release stability.

###  Release Activity

Cadence

Every ~85 days

Recently: every ~10 days

Total

42

Last Release

887d ago

Major Versions

1.1.13 → 2.02015-03-11

2.0.7 → 3.0.02016-12-06

v3.0.0.x-dev → 5.0.02023-08-06

5.0.5 → 6.0.02023-12-28

6.1.0 → 7.0.02024-01-30

PHP version history (2 changes)1.1.5PHP &gt;=5.3.2

5.0.0PHP &gt;=8.2.0

### Community

Maintainers

![](https://avatars.githubusercontent.com/u/58041110?v=4)[shovv](/maintainers/shovv)[@shovv](https://github.com/shovv)

---

Top Contributors

[![calinrada](https://avatars.githubusercontent.com/u/873482?v=4)](https://github.com/calinrada "calinrada (81 commits)")[![shovv](https://avatars.githubusercontent.com/u/58041110?v=4)](https://github.com/shovv "shovv (29 commits)")[![tturnerdev](https://avatars.githubusercontent.com/u/1414401?v=4)](https://github.com/tturnerdev "tturnerdev (5 commits)")[![kbsali](https://avatars.githubusercontent.com/u/53676?v=4)](https://github.com/kbsali "kbsali (4 commits)")[![mizterp](https://avatars.githubusercontent.com/u/843041?v=4)](https://github.com/mizterp "mizterp (3 commits)")[![loeken](https://avatars.githubusercontent.com/u/6338814?v=4)](https://github.com/loeken "loeken (2 commits)")[![mzf](https://avatars.githubusercontent.com/u/4039372?v=4)](https://github.com/mzf "mzf (2 commits)")[![oligus](https://avatars.githubusercontent.com/u/2466591?v=4)](https://github.com/oligus "oligus (2 commits)")[![xboston](https://avatars.githubusercontent.com/u/201306?v=4)](https://github.com/xboston "xboston (1 commits)")[![flancer-prosum](https://avatars.githubusercontent.com/u/85375548?v=4)](https://github.com/flancer-prosum "flancer-prosum (1 commits)")[![sergeyklay](https://avatars.githubusercontent.com/u/1256298?v=4)](https://github.com/sergeyklay "sergeyklay (1 commits)")[![SidRoberts](https://avatars.githubusercontent.com/u/1364214?v=4)](https://github.com/SidRoberts "SidRoberts (1 commits)")[![sumeko](https://avatars.githubusercontent.com/u/36034171?v=4)](https://github.com/sumeko "sumeko (1 commits)")[![byfareska](https://avatars.githubusercontent.com/u/24964397?v=4)](https://github.com/byfareska "byfareska (1 commits)")

---

Tags

usertwitterloginphalconlinkedin

###  Code Quality

TestsPHPUnit

### Embed Badge

![Health badge](/badges/shovv-phalcon-user-plugin/health.svg)

```
[![Health](https://phpackages.com/badges/shovv-phalcon-user-plugin/health.svg)](https://phpackages.com/packages/shovv-phalcon-user-plugin)
```

###  Alternatives

[crada/phalcon-user-plugin

User plugin for Phalcon PHP framework

1832.5k1](/packages/crada-phalcon-user-plugin)[hwi/oauth-bundle

Support for authenticating users using both OAuth1.0a and OAuth2 in Symfony.

2.4k22.3M81](/packages/hwi-oauth-bundle)[sulu/sulu

Core framework that implements the functionality of the Sulu content management system

1.3k1.4M204](/packages/sulu-sulu)[socialconnect/auth

Social Connect Auth Component

568893.3k5](/packages/socialconnect-auth)[contao/core-bundle

Contao Open Source CMS

1231.6M2.8k](/packages/contao-core-bundle)[mageplaza/magento-2-social-login

Magento 2 Social Login extension is designed for quick login to your Magento 2 store without procesing complex register steps

1841.2M5](/packages/mageplaza-magento-2-social-login)

PHPackages © 2026

[Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)
