PHPackages skyline/security - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. skyline/security ActiveLibrary skyline/security ================ v8.0.2(3y ago)01222BSD-3-ClausePHPPHP ^8 Since Apr 23Pushed 3y ago1 watchersCompare [ Source](https://github.com/tasoftch/skyline-security)[ Packagist](https://packagist.org/packages/skyline/security)[ RSS](/packages/skyline-security/feed)WikiDiscussions master Synced 2mo ago READMEChangelog (7)Dependencies (5)Versions (8)Used By (2) Skyline Security ================ [](#skyline-security) The Skyline Security Package provides several services to increase your application's security. Skyline Security adds the security service to use in your action controllers. Install ------- [](#install) Manual created applications do not install the security package automatically. You can easy add them using composer: ``` $ composer require skyline/security ``` How it works ------------ [](#how-it-works) The Skyline Security package has two functions: 1. Manage access control to your application 2. Protect html forms against cross site request forgery ### Manage Access [](#manage-access) Skyline Security uses three phases for access control ##### Phase 1: Identification [](#phase-1-identification) Who is requesting? There are several possibilities to detect the identity of a requesting client: - Anonymous: You don't know who it is, but the identity is always the same - Remember Me: An identity created from remember me information - Session: An identity for the current session - HTTP: Basic and Digest identities specified by HTTP/1.0 - HTML Form Login - API Keys All identities must specify a token (usually a username, but can be anything). This identifies a client. Identities also specify a reliability. ##### Phase 2: Authentication [](#phase-2-authentication) Does Skyline CMS know someone with this token (username)? For this Skyline Security needs user providers that know registered users by token. If Skyline knows a user with a given identity, it tries to authenticate the identity using its credentials. Now the credentials are wrong, the authentication phase will break and send an authentication challenge to the client. But if the credentials matched, phase 3 takes place ##### Phase 3: Authorization [](#phase-3-authorization) Is the user allowed to perform the desired action? Skyline Security knows voters to decide, if the request is granted or denied. The package ships with a role system. You as administrator can assign as many roles as you want to users. After that, every action in an action controller can require roles. So now Skyline Security only grant access to the desired action if the user has all required roles. ### Cross Site Request Forgery [](#cross-site-request-forgery) ``` $csrfManager = ServiceManager::generalServiceManager()->CSRFManager; ``` #### Special Thanks To [](#special-thanks-to) - Symfony ( Copyright (c) 2004-2019 Fabien Potencier ) ### Health Score 28 — LowBetter than 54% of packages Maintenance20 Infrequent updates — may be unmaintained Popularity10 Limited adoption so far Community11 Small or concentrated contributor base Maturity61 Established project with proven stability Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~170 days Recently: every ~223 days Total 7 Last Release 1191d ago Major Versions v0.8.3 → v8.0.02023-02-06 PHP version history (2 changes)v0.8.0PHP ^7.2 v8.0.0PHP ^8 ### Community Maintainers ![](https://www.gravatar.com/avatar/6ebe1f5c8eebd8dbc08f97152d06e1435e7eee746ea87e28eaaabaf708ac17dc?d=identicon)[skyline](/maintainers/skyline) --- Top Contributors [![tasoftch](https://avatars.githubusercontent.com/u/24875322?v=4)](https://github.com/tasoftch "tasoftch (46 commits)") ### Code Quality TestsPHPUnit ### Embed Badge ![Health badge](/badges/skyline-security/health.svg) ``` [![Health](https://phpackages.com/badges/skyline-security/health.svg)](https://phpackages.com/packages/skyline-security) ``` ### Alternatives [symfony/security-bundle Provides a tight integration of the Security component into the Symfony full-stack framework 2.5k172.9M1.8k](/packages/symfony-security-bundle)[statamic/cms The Statamic CMS Core Package 4.8k3.2M720](/packages/statamic-cms)[laravel/reverb Laravel Reverb provides a real-time WebSocket communication backend for Laravel applications. 1.5k9.4M48](/packages/laravel-reverb)[elgg/elgg Elgg is an award-winning social networking engine, delivering the building blocks that enable businesses, schools, universities and associations to create their own fully-featured social networks and applications. 1.7k15.7k5](/packages/elgg-elgg)[api-platform/http-cache API Platform HttpCache component 223.2M7](/packages/api-platform-http-cache)[mapado/rest-client-sdk Rest Client SDK for hydra API 1125.9k2](/packages/mapado-rest-client-sdk) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)