PHPackages tourze/idle-lock-screen-bundle - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Authentication & Authorization](/categories/authentication) 4. / 5. tourze/idle-lock-screen-bundle ActiveSymfony-bundle[Authentication & Authorization](/categories/authentication) tourze/idle-lock-screen-bundle ============================== Symfony bundle for idle user lock screen functionality 0.0.2(11mo ago)00MITPHPPHP ^8.1CI passing Since Jun 3Pushed 4mo agoCompare [ Source](https://github.com/tourze/idle-lock-screen-bundle)[ Packagist](https://packagist.org/packages/tourze/idle-lock-screen-bundle)[ RSS](/packages/tourze-idle-lock-screen-bundle/feed)WikiDiscussions master Synced 1mo ago READMEChangelog (2)Dependencies (19)Versions (3)Used By (0) Idle Lock Screen Bundle ======================= [](#idle-lock-screen-bundle) [![PHP Version](https://camo.githubusercontent.com/acffb6ae1962992d26e4466782832787e79504a6250f80d732c4283458b9f497/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f7068702d253545382e312d626c75652e737667)](https://www.php.net/)[![License](https://camo.githubusercontent.com/8bb50fd2278f18fc326bf71f6e88ca8f884f72f179d3e555e20ed30157190d0d/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f6c6963656e73652d4d49542d677265656e2e737667)](LICENSE)[![Build Status](https://camo.githubusercontent.com/07c5a0015c097e0dfbb44d4220df0eed6a623d83eceb02ac299fe96b8e4e1a73/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f616374696f6e732f776f726b666c6f772f7374617475732f746f75727a652f7068702d6d6f6e6f7265706f2f63692e796d6c3f6272616e63683d6d6173746572)](https://github.com/tourze/php-monorepo/actions)[![Code Coverage](https://camo.githubusercontent.com/9cb168340a6d5a1bdda8e16dafe8eed3d60f1441986fb63de17bff84ee6a18f0/68747470733a2f2f696d672e736869656c64732e696f2f636f6465636f762f632f6769746875622f746f75727a652f7068702d6d6f6e6f7265706f)](https://codecov.io/gh/tourze/php-monorepo) [English](README.md) | [中文](README.zh-CN.md) A Symfony bundle that provides automatic idle lock screen functionality. When users are inactive on sensitive pages for a configured period, the application automatically redirects them to a password verification screen. Table of Contents ----------------- [](#table-of-contents) - [Features](#features) - [Installation](#installation) - [1. Install via Composer](#1-install-via-composer) - [2. Register the Bundle](#2-register-the-bundle) - [3. Create Database Tables](#3-create-database-tables) - [Quick Start](#quick-start) - [1. Template Integration](#1-template-integration) - [2. Configure Lock Rules](#2-configure-lock-rules) - [3. Route Pattern Syntax](#3-route-pattern-syntax) - [Configuration](#configuration) - [Programmatic Configuration](#programmatic-configuration) - [Database Configuration](#database-configuration) - [API Reference](#api-reference) - [Twig Functions](#twig-functions) - [Services](#services) - [Security](#security) - [Troubleshooting](#troubleshooting) - [License](#license) - [Contributing](#contributing) Features -------- [](#features) - ✅ **Route-based Configuration**: Configure lock rules based on route patterns with wildcard and regex support - ✅ **Flexible Timeout Settings**: Configurable idle timeout periods (1-86400 seconds) - ✅ **Smart Activity Detection**: Automatically detects user activity (mouse, keyboard, touch events) - ✅ **Server-side Session Management**: Lock state persisted server-side to prevent client-side bypassing - ✅ **Complete Audit Logging**: Full logging of all lock/unlock operations for security auditing - ✅ **Non-intrusive Integration**: Simple one-line template integration - ✅ **Modern UI**: Clean, responsive lock screen interface - ✅ **Security Features**: Protection against open redirect attacks and bypass attempts - ✅ **Mobile Friendly**: Responsive design for mobile devices Installation ------------ [](#installation) ### 1. Install via Composer [](#1-install-via-composer) ``` composer require tourze/idle-lock-screen-bundle ``` ### 2. Register the Bundle [](#2-register-the-bundle) Add to `config/bundles.php`: ``` return [ // ... Tourze\IdleLockScreenBundle\IdleLockScreenBundle::class => ['all' => true], ]; ``` ### 3. Create Database Tables [](#3-create-database-tables) Run database migrations: ``` php bin/console doctrine:migrations:diff php bin/console doctrine:migrations:migrate ``` Or create the table structure manually: ``` CREATE TABLE idle_lock_configuration ( id INT AUTO_INCREMENT NOT NULL, route_pattern VARCHAR(255) NOT NULL, timeout_seconds INT NOT NULL, is_enabled TINYINT(1) NOT NULL, description VARCHAR(500) DEFAULT NULL, created_at DATETIME NOT NULL COMMENT '(DC2Type:datetime_immutable)', updated_at DATETIME NOT NULL COMMENT '(DC2Type:datetime_immutable)', PRIMARY KEY(id), INDEX idx_route_pattern (route_pattern), INDEX idx_is_enabled (is_enabled) ); CREATE TABLE idle_lock_record ( id INT AUTO_INCREMENT NOT NULL, user_id INT DEFAULT NULL, session_id VARCHAR(128) NOT NULL, action_type VARCHAR(20) NOT NULL, route VARCHAR(255) NOT NULL, ip_address VARCHAR(45) DEFAULT NULL, user_agent LONGTEXT DEFAULT NULL, context JSON DEFAULT NULL, created_at DATETIME NOT NULL COMMENT '(DC2Type:datetime_immutable)', PRIMARY KEY(id), INDEX idx_user_id (user_id), INDEX idx_session_id (session_id), INDEX idx_action_type (action_type), INDEX idx_user_session (user_id, session_id) ); ``` Quick Start ----------- [](#quick-start) ### 1. Template Integration [](#1-template-integration) Add the idle lock script to your base template (e.g., `templates/base.html.twig`) before the closing `` tag: ``` > {% block title %}Welcome!{% endblock %} {% block body %}{% endblock %} {{ idle_lock_script() }} ``` ### 2. Configure Lock Rules [](#2-configure-lock-rules) Create lock configurations via code: ``` use Tourze\IdleLockScreenBundle\Service\IdleLockDetector; public function configureIdleLock(IdleLockDetector $detector): void { // Configure billing pages with 60-second timeout $detector->createConfiguration( routePattern: '/billing/*', timeoutSeconds: 60, isEnabled: true, description: 'Billing related pages' ); // Configure admin panel with 30-second timeout $detector->createConfiguration( routePattern: '^/admin/.*', timeoutSeconds: 30, isEnabled: true, description: 'Admin panel pages' ); } ``` ### 3. Route Pattern Syntax [](#3-route-pattern-syntax) The bundle supports three pattern matching modes: #### Exact Match [](#exact-match) ``` /billing/invoice ``` #### Wildcard Match [](#wildcard-match) ``` /billing/* # Matches all single-level paths under /billing/ /billing/** # Matches all multi-level paths under /billing/ ``` #### Regular Expression Match [](#regular-expression-match) ``` ^/admin/.* # Matches all paths starting with /admin/ /billing/(invoice|payment) # Matches /billing/invoice or /billing/payment ``` Configuration ------------- [](#configuration) ### Programmatic Configuration [](#programmatic-configuration) ``` use Tourze\IdleLockScreenBundle\Service\IdleLockDetector; // In a controller or service public function setupLockRules(IdleLockDetector $detector): void { // Create a new configuration $config = $detector->createConfiguration( routePattern: '/sensitive-area/*', timeoutSeconds: 120, isEnabled: true, description: 'Sensitive area requiring frequent verification' ); // Check if a route should be locked $shouldLock = $detector->shouldLockRoute('/billing/invoice'); // Get configuration for a specific route $config = $detector->getRouteConfiguration('/billing/invoice'); } ``` ### Database Configuration [](#database-configuration) Insert configurations directly into the database: ``` INSERT INTO idle_lock_configuration (route_pattern, timeout_seconds, is_enabled, description, created_at, updated_at) VALUES ('/billing/*', 60, 1, 'Billing related pages', NOW(), NOW()), ('/account/sensitive', 30, 1, 'Sensitive account pages', NOW(), NOW()), ('^/admin/.*', 30, 1, 'Admin panel pages', NOW(), NOW()); ``` API Reference ------------- [](#api-reference) ### Twig Functions [](#twig-functions) #### `idle_lock_script()` [](#idle_lock_script) Renders the idle lock JavaScript code. Only outputs the script when the current route has lock enabled and the session is not locked. #### `is_idle_lock_enabled()` [](#is_idle_lock_enabled) Checks if idle lock is enabled for the current route. #### `idle_lock_timeout()` [](#idle_lock_timeout) Gets the timeout duration in seconds for the current route. Example usage in templates: ``` {% if is_idle_lock_enabled() %} This page has idle lock enabled. Timeout: {{ idle_lock_timeout() }} seconds {% endif %} ``` ### Services [](#services) #### `IdleLockDetector` [](#idlelockdetector) Service for managing lock configurations. ``` // Check if a route should be locked $shouldLock = $detector->shouldLockRoute('/billing/invoice'); // Get route configuration $config = $detector->getRouteConfiguration('/billing/invoice'); // Create new configuration $config = $detector->createConfiguration('/new-route/*', 60); ``` #### `LockManager` [](#lockmanager) Service for managing lock state. ``` // Lock the session $lockManager->lockSession('/billing/invoice', 'idle_timeout'); // Unlock the session $lockManager->unlockSession(); // Check lock status $isLocked = $lockManager->isSessionLocked(); // Get user lock history $history = $lockManager->getUserLockHistory(); ``` #### `RoutePatternMatcher` [](#routepatternmatcher) Service for pattern matching. ``` // Check if route matches pattern $matches = $matcher->matches('/billing/invoice', '/billing/*'); // Validate pattern syntax $isValid = $matcher->isValidPattern('^/admin/.*'); ``` Security -------- [](#security) 1. **Password Verification**: Implement secure password verification logic 2. **Session Security**: Lock state is stored server-side and cannot be tampered with by clients 3. **Redirect Security**: Built-in protection against open redirect attacks 4. **Audit Logging**: Complete logging of all lock-related operations for security auditing ### Custom Password Verification [](#custom-password-verification) You can customize the password verification logic by extending the unlock controller: ``` use Tourze\IdleLockScreenBundle\Controller\IdleLockScreenUnlockController; use Symfony\Component\PasswordHasher\Hasher\UserPasswordHasherInterface; class CustomUnlockController extends IdleLockScreenUnlockController { public function __construct( // ... parent constructor parameters private UserPasswordHasherInterface $passwordHasher ) { parent::__construct(/* ... */); } // Override password verification logic protected function verifyPassword(string $password): bool { $user = $this->security->getUser(); if (!$user) { return false; } return $this->passwordHasher->isPasswordValid($user, $password); } } ``` Troubleshooting --------------- [](#troubleshooting) ### Script Not Injected [](#script-not-injected) Ensure you've called `{{ idle_lock_script() }}` in your template and the current route has lock configuration enabled. ### Lock Not Working [](#lock-not-working) 1. Check if the route pattern correctly matches the current route 2. Verify the configuration is enabled (`is_enabled = true`) 3. Check browser console for JavaScript errors ### Cannot Unlock [](#cannot-unlock) 1. Verify password verification logic is correctly implemented 2. Check if user session is valid License ------- [](#license) MIT License Contributing ------------ [](#contributing) Issues and Pull Requests are welcome! ### Health Score 28 — LowBetter than 54% of packages Maintenance64 Regular maintenance activity Popularity0 Limited adoption so far Community6 Small or concentrated contributor base Maturity36 Early-stage or recently created project Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~0 days Total 2 Last Release 341d ago ### Community Maintainers ![](https://www.gravatar.com/avatar/e354fdb316da535dfa8ba2e9193a473c403b6bc6fb9170778d1dc50e304c6e9d?d=identicon)[tourze](/maintainers/tourze) --- Top Contributors [![tourze](https://avatars.githubusercontent.com/u/13899502?v=4)](https://github.com/tourze "tourze (5 commits)") ### Code Quality TestsPHPUnit Static AnalysisPHPStan Type Coverage Yes ### Embed Badge ![Health badge](/badges/tourze-idle-lock-screen-bundle/health.svg) ``` [![Health](https://phpackages.com/badges/tourze-idle-lock-screen-bundle/health.svg)](https://phpackages.com/packages/tourze-idle-lock-screen-bundle) ``` ### Alternatives [sylius/sylius E-Commerce platform for PHP, based on Symfony framework. 8.4k5.6M648](/packages/sylius-sylius)[sulu/sulu Core framework that implements the functionality of the Sulu content management system 1.3k1.3M152](/packages/sulu-sulu)[contao/core-bundle Contao Open Source CMS 1231.6M2.3k](/packages/contao-core-bundle)[ec-cube/ec-cube EC-CUBE EC open platform. 78527.0k1](/packages/ec-cube-ec-cube)[prestashop/prestashop PrestaShop is an Open Source e-commerce platform, committed to providing the best shopping cart experience for both merchants and customers. 9.0k15.4k](/packages/prestashop-prestashop)[open-dxp/opendxp Content & Product Management Framework (CMS/PIM) 7310.3k29](/packages/open-dxp-opendxp) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)