orisai / auth
Authentication and authorization
Installs: 18 908
Dependents: 3
Suggesters: 0
Security: 0
Stars: 7
Watchers: 3
Forks: 1
Open Issues: 0
Requires
- php: 7.4 - 8.3
- orisai/clock: ^1.2.0
- orisai/exceptions: ^1.0.0
- orisai/translation-contracts: ^1.1.0
- orisai/utils: ^1.0.0
- symfony/polyfill-php80: ^1.20.0
Requires (Dev)
- ext-sodium: *
- brianium/paratest: ^6.3.0
- infection/infection: ^0.26.0|^0.27.0|^0.28.0|^0.29.0
- orisai/coding-standard: ^3.0.0
- phpstan/extension-installer: ^1.0.0
- phpstan/phpstan: ^1.0.0
- phpstan/phpstan-deprecation-rules: ^1.0.0
- phpstan/phpstan-phpunit: ^1.0.0
- phpstan/phpstan-strict-rules: ^1.0.0
- phpunit/phpunit: ^9.5.0
- staabm/annotate-pull-request-from-checkstyle: ^1.7.0
README
Auth
Authentication and authorization
📄 Check out our documentation.
💸 If you like Orisai, please make a donation. Thank you!
This package is inspired by nette/security from David Grudl. Thank you, David!
namespace App\Admin\Article\View; use Orisai\Auth\Authentication\Identity; use Orisai\Auth\Authentication\SimpleFirewall; final class ArticleEditController { private SimpleFirewall $firewall; public function __construct(SimpleFirewall $firewall) { $this->firewall = $firewall; } public function run(): void { if (!$this->firewall->isAllowed('administration.entry')) { // Not allowed } $article = /* get article by ID from request */; if (!$this->firewall->isAllowed('article.edit', $article)) { // Not allowed } // Is allowed } } use App\Core\Article\Article; use Orisai\Auth\Authorization\Policy; use Orisai\Auth\Authorization\PolicyContext; /** * @implements Policy<Article> */ final class ArticleEditPolicy implements Policy { public static function getPrivilege(): string { return 'article.edit'; } public static function getRequirementsClass(): string { return Article::class; } /** * @param Article $requirements */ public function isAllowed(Identity $identity, object $requirements, PolicyContext $context): bool { $authorizer = $context->getAuthorizer(); return $authorizer->hasPrivilege($identity, self::getPrivilege()) && $requirements->getAuthor()->getId() === $identity->getId(); } }