locomotivemtl / charcoal-user
User definition, authentication and authorization.
Installs: 13 586
Dependents: 3
Suggesters: 0
Security: 0
Stars: 0
Watchers: 12
Forks: 0
Open Issues: 0
pkg:composer/locomotivemtl/charcoal-user
Requires
- php: >7.1
- laminas/laminas-permissions-acl: ^2.7
- locomotivemtl/charcoal-config: ~0.10
- locomotivemtl/charcoal-core: ~0.4
- locomotivemtl/charcoal-factory: ~0.4
- locomotivemtl/charcoal-object: ~0.7
- locomotivemtl/charcoal-translator: ~0.3
- psr/log: ^1.0
Requires (Dev)
- cache/void-adapter: ^1.0
- php-coveralls/php-coveralls: ^2.2
- phpunit/phpunit: ^7.5
- seld/jsonlint: ^1.7
- squizlabs/php_codesniffer: ^3.3
- tedivm/stash: ~0.14
- dev-master / 0.7.x-dev
- 0.7.0.2
- 0.7.0.1
- 0.7.0
- 0.6.4
- 0.6.3
- 0.6.2
- 0.6.1
- 0.6.0.3
- 0.6.0.2
- 0.6.0.1
- 0.6.0
- 0.5.2
- 0.5.1.1
- 0.5.1
- 0.5.0
- 0.4.1.1
- 0.4.1
- 0.4.0.2
- 0.4.0.1
- 0.4
- 0.3.2
- 0.3.1
- 0.3.0
- 0.2.2
- 0.2.1
- 0.2
- 0.1.6
- 0.1.5.1
- 0.1.5
- 0.1.4
- 0.1.3
- 0.1.2
- 0.1.1
- 0.1
- dev-feature/camelizePropertiesAndUseArrayAccess
- dev-acl-manager-refactor
- dev-mducharme-camelcase
- dev-mducharme-jwt
This package is auto-updated.
Last update: 2025-10-07 04:28:00 UTC
README
User defintion (as Charcoal Model), authentication and authorization (with Laminas ACL).
Table of content
How to install
The preferred (and only supported) way of installing charcoal-user is with composer:
★ composer require locomotivemtl/charcoal-user
Dependencies
- PHP 7.1+
laminas/laminas-permissions-acllocomotivemtl/charcoal-object
The User object
At the core of this module is the definition of a "User" object. The contract can be found as \Charcoal\User\UserInterface. This interfaces extends \Charcoal\Object\ContentInterface (from locomotivemtl/charcoal-object), which extends \Charcoal\Model\ModelInterface (from locomotivemtl/charcoal-core).
The preferred way of using this module is by defining your own User class in your project and extending the provided \Charcoal\User\AbstractUser class.
For quick prototypes or small projects, a full concrete class is provided as \Charcoal\User\GenericUser.
User properties
| Property | Type | Default | Description |
|---|---|---|---|
| username | string |
true |
… |
| password | string |
null |
… |
string |
null |
… | |
| roles | string[] |
[] |
ACL roles, which define user permissions. |
| last_login_date | date-time |
null |
… |
| last_login_ip | string |
'' |
… |
| last_password_date | date-time |
null |
… |
| last_password_ip | string |
'' |
… |
| login_token | string |
null |
… |
Note that the
keyof the User is theusername. Therefore,id()returns the username. It must be unique.
Properties inherited from Content-Interface:
| Property | Type | Default | Description |
|---|---|---|---|
| active | boolean |
true |
… |
| position | number |
null |
… |
| created | date-time |
null |
… |
| created_by | string |
'' |
… |
| last_modified | date-time |
null |
… |
| last_modified_by | string |
'' |
… |
Authentication
...
Authentication Examples
...
Authorization
User authorization is managed with a role-based Access Control List (ACL). Internally, it uses laminas/laminas-permissions-acl for the ACL logic. It is recommended to read the Laminas ACL documentation to learn more about how it all works.
There are 2 main concepts that must be managed, either from JSON config files or in the database (which works well with locomotivemtl/charcoal-admin), roles and permissions.
ACL Configuration
To set up ACL, it is highly recommended to use the \Charcoal\User\Acl\Manager.
ACL Example
{
"acl": {
"permissions": {
"superuser": {
"superuser": true
},
"author": {
"allowed": {},
"denied": {}
}
}
}
}
use Laminas\Permissions\Acl\Acl; use Laminas\Permissions\Acl\Resource\GenericResource as AclResource; // Dependencies from `charcoal-user` use Charcoal\User\Acl\Manager as AclManager; $acl = new Acl(); // Add resource for ACL $acl->addResource(new AclResource($resourceName)); $aclManager = new AclManager([ 'logger' => $logger, ]); $aclManager->loadPermissions($acl, $config['acl.permissions'], $resourceName); $authorizer = new Authorizer([ 'logger' => $logger, 'acl' => $acl, 'resource' => $resourceName, ]); $isAllowed = $authorizer->userAllowed($user, [ 'permssion' ]);
Development
To install the development environment:
★ composer install --prefer-source
To run the scripts (phplint, phpcs and phpunit):
★ composer test
API documentation
- The auto-generated
phpDocumentorAPI documentation is available at https://locomotivemtl.github.io/charcoal-user/docs/master/ - The auto-generated
apigenAPI documentation is available at https://codedoc.pub/locomotivemtl/charcoal-user/master/
Development dependencies
phpunit/phpunitsquizlabs/php_codesniffersatooshi/php-coveralls
Continuous Integration
| Service | Badge | Description |
|---|---|---|
| Travis | Runs code sniff check and unit tests. Auto-generates API documentation. | |
| Scrutinizer | Code quality checker. Also validates API documentation quality. | |
| Coveralls | Unit Tests code coverage. | |
| Sensiolabs | Another code quality checker, focused on PHP. |
Coding Style
The charcoal-user module follows the Charcoal coding-style:
- PSR-1
- PSR-2
- PSR-4, autoloading is therefore provided by Composer.
- phpDocumentor comments.
- Read the phpcs.xml file for all the details on code style.
Coding style validation / enforcement can be performed with
composer phpcs. An auto-fixer is also available withcomposer phpcbf.
This module should also throw no error when running
phpstan analyse -l7 src/👍.
Authors
- Mathieu Ducharme, mat@locomotive.ca
- Chauncey McAskill
- Locomotive, a Montreal Web agency
License
Charcoal is licensed under the MIT license. See LICENSE for details.