PHPackages                             skyline/security - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [Security](/categories/security)
4. /
5. skyline/security

ActiveLibrary[Security](/categories/security)

skyline/security
================

v8.0.2(3y ago)01232BSD-3-ClausePHPPHP ^8CI failing

Since Apr 23Pushed 3y ago1 watchersCompare

[ Source](https://github.com/tasoftch/skyline-security)[ Packagist](https://packagist.org/packages/skyline/security)[ RSS](/packages/skyline-security/feed)WikiDiscussions master Synced 3d ago

READMEChangelog (7)Dependencies (5)Versions (8)Used By (2)

Skyline Security
================

[](#skyline-security)

The Skyline Security Package provides several services to increase your application's security.

Skyline Security adds the security service to use in your action controllers.

Install
-------

[](#install)

Manual created applications do not install the security package automatically.
You can easy add them using composer:

```
$ composer require skyline/security
```

How it works
------------

[](#how-it-works)

The Skyline Security package has two functions:

1. Manage access control to your application
2. Protect html forms against cross site request forgery

### Manage Access

[](#manage-access)

Skyline Security uses three phases for access control

##### Phase 1: Identification

[](#phase-1-identification)

Who is requesting?
There are several possibilities to detect the identity of a requesting client:

- Anonymous: You don't know who it is, but the identity is always the same
- Remember Me: An identity created from remember me information
- Session: An identity for the current session
- HTTP: Basic and Digest identities specified by HTTP/1.0
- HTML Form Login
- API Keys

All identities must specify a token (usually a username, but can be anything). This identifies a client.
Identities also specify a reliability.

##### Phase 2: Authentication

[](#phase-2-authentication)

Does Skyline CMS know someone with this token (username)?
For this Skyline Security needs user providers that know registered users by token.
If Skyline knows a user with a given identity, it tries to authenticate the identity using its credentials.
Now the credentials are wrong, the authentication phase will break and send an authentication challenge to the client.
But if the credentials matched, phase 3 takes place

##### Phase 3: Authorization

[](#phase-3-authorization)

Is the user allowed to perform the desired action?
Skyline Security knows voters to decide, if the request is granted or denied.
The package ships with a role system.
You as administrator can assign as many roles as you want to users.
After that, every action in an action controller can require roles. So now Skyline Security only grant access to the desired action if the user has all required roles.

### Cross Site Request Forgery

[](#cross-site-request-forgery)

```
$csrfManager = ServiceManager::generalServiceManager()->CSRFManager;
```

#### Special Thanks To

[](#special-thanks-to)

- Symfony ( Copyright (c) 2004-2019 Fabien Potencier )

###  Health Score

28

—

LowBetter than 52% of packages

Maintenance20

Infrequent updates — may be unmaintained

Popularity10

Limited adoption so far

Community11

Small or concentrated contributor base

Maturity61

Established project with proven stability

 Bus Factor1

Top contributor holds 100% of commits — single point of failure

How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window.

**Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores.

**Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement.

**Maturity (30%)** — Project age, version count, PHP version support, and release stability.

###  Release Activity

Cadence

Every ~170 days

Recently: every ~223 days

Total

7

Last Release

1238d ago

Major Versions

v0.8.3 → v8.0.02023-02-06

PHP version history (2 changes)v0.8.0PHP ^7.2

v8.0.0PHP ^8

### Community

Maintainers

![](https://www.gravatar.com/avatar/6ebe1f5c8eebd8dbc08f97152d06e1435e7eee746ea87e28eaaabaf708ac17dc?d=identicon)[skyline](/maintainers/skyline)

---

Top Contributors

[![tasoftch](https://avatars.githubusercontent.com/u/24875322?v=4)](https://github.com/tasoftch "tasoftch (46 commits)")

###  Code Quality

TestsPHPUnit

### Embed Badge

![Health badge](/badges/skyline-security/health.svg)

```
[![Health](https://phpackages.com/badges/skyline-security/health.svg)](https://phpackages.com/packages/skyline-security)
```

###  Alternatives

[laravel/framework

The Laravel Framework.

34.8k543.8M19.5k](/packages/laravel-framework)[symfony/http-kernel

Provides a structured process for converting a Request into a Response

8.1k853.6M8.4k](/packages/symfony-http-kernel)[easycorp/easyadmin-bundle

Admin generator for Symfony applications

4.3k17.9M379](/packages/easycorp-easyadmin-bundle)[symfony/framework-bundle

Provides a tight integration between Symfony components and the Symfony full-stack framework

3.6k246.0M11.2k](/packages/symfony-framework-bundle)[symfony/security-bundle

Provides a tight integration of the Security component into the Symfony full-stack framework

2.5k181.3M2.2k](/packages/symfony-security-bundle)[api-platform/core

Build a fully-featured hypermedia or GraphQL API in minutes!

2.6k50.1M316](/packages/api-platform-core)

PHPackages © 2026

[Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)
