定制 apex/armor 二次开发

按需修改功能、优化性能、对接业务系统,提供一站式技术支持

邮箱:yvsm@zunyunkeji.com | QQ:316430983 | 微信:yvsm316

apex/armor

Composer 安装命令:

composer require apex/armor

包简介

User and session management

README 文档

README

Designed to provide a solid base foundation for development of a custom user management system, and provides highly configurable base functionality including collection and management of basic user info (username, password, e-mail, phone, geo-location data, et al), e-mail / phone verification, authenticated sessions, 2FA e-mail / SMS requests, user segregated AES256 bit encryption, and more. This is not meant to be a user management system in and of itself, but instead is intended to be extended by one to provide a base foundation. It supports:

  • Easy implementation with only one eight method adapter interface, along with the templates / views.
  • Easy storage and management of username, password, e-mail, phone number, and basic registration info (date created, geo-location data, et al).
  • Multiple user groups, providing central management of different groups of users that may exist throughout your back-end application (eg. admins, customers, developers with API access, support staff, et al).
  • Highly configurable with support for multiple policies, each of which consists of 21 different settings allowing for hundreds of different configurations.
  • E-mail address and phone verification with built-in support for Vonage / Nexmo for sending SMS messages.
  • Easy one-line of code to secure any requests / code behind two factor e-mail / SMS authentication.
  • 4096 bit RSA key-pair automatically generated for every user, allowing for segregated user-based AES256 encryption including multi-recipient encryption.
  • User device management for both, "remember me" feature and mobile apps / Firebase messages.
  • Optional per-user IP based restrictions.
  • Historical activity log showing all actions taken against a user's account.
  • Full login and session history for each user.
  • Fully tested with mySQL, PostgreSQL, and SQLite.

Extensions and Demo

Several extensions are available providing functionality for different authentication schemas:

An example implementation using the Syrus template engine can be found at:

Installation

Install via Composer with:

composer require apex/armor

Please see the implementation guide linked below.

Table of Contents

  1. Implementation Guide
    1. Setup Database Connection
    2. Install Database
    3. AdapterInterface Class
    4. Example Syrus Implementation
  2. Armor Class
    1. Container Definitions
    2. ArmorPolicy Configuration
    3. Brute Force Policy
    4. Policy Manager
  3. User Profiles (create, load, remove users)
    1. ArmorUser Class
    2. Registration Info
    3. Validator
    4. Devices
    5. Pending Password Changes
    6. IP Restrictions
    7. Activity Log
    8. Login History
  4. Verifying users
    1. E-Mail
    2. E-Mail via OTP
    3. Phone via SMS
    4. Reset Password
    5. Define Password After Registration
    6. Define Phone After Registration
  5. Login and Auth Sessions
    1. Login and Request Authentication
    2. Auto Login
    3. AuthSession Class
    4. Encrypt / Decrypt Data
    5. Session Attributes
    6. CSRF
    7. reCaptcha
  6. Two Factor Requests
    1. E-Mail
    2. E-Mail via OTP
    3. Phone via SMS
  7. AES Encryption
    1. User Based Encryption
    2. Password Based Encryption

Basic Usage

use Apex\Armor\Armor;

// Create user
$armor = new Armor();
$user = $armor->createUser('', 'password12345', 'jsmith', 'jsmith@domain.com', '14165551234');
$uuid = $user->getUuid();

// Get user by UUID
$user = $armor->getUuid($uuid);

// Update e-mail address
$user->updateEmail('new@domain.com');


// Check if request is authenticated session
if (!$session = $armor->checkAuth()) { 
    die("You are not logged in");
}

// Require two factor authentication
$session->requireTwoFactor();

// Code below this line will not be executed until authenticated via e-mail / phone.

// Encrypt data to user's RSA key
$data_id = $session->encryptData('some sensitive data');

// Decrypt data at a later date
$text = $session->decryptData($data_id);

Support

If you have any questions, issues or feedback, please feel free to drop a note on the ApexPl Reddit sub for a prompt and helpful response.

Follow Apex

Loads of good things coming in the near future including new quality open source packages, more advanced articles / tutorials that go over down to earth useful topics, et al. Stay informed by joining the mailing list on our web site, or follow along on Twitter at @mdizak1.

统计信息

  • 总下载量: 925
  • 月度下载量: 0
  • 日度下载量: 0
  • 收藏数: 3
  • 点击次数: 0
  • 依赖项目数: 5
  • 推荐数: 0

GitHub 信息

  • Stars: 3
  • Watchers: 1
  • Forks: 0
  • 开发语言: PHP

其他信息

  • 授权协议: MIT
  • 更新时间: 2021-05-05

承接程序开发

PHP开发

VUE

Vue开发

前端开发

小程序开发

公众号开发

系统定制

数据库设计

云部署

网站建设

安全加固