Armor - User and Session Management

Overview

Armor - User and Session Management

Designed to provide a solid base foundation for development of a custom user management system, and provides highly configurable base functionality including collection and management of basic user info (username, password, e-mail, phone, geo-location data, et al), e-mail / phone verification, authenticated sessions, 2FA e-mail / SMS requests, user segregated AES256 bit encryption, and more. This is not meant to be a user management system in and of itself, but instead is intended to be extended by one to provide a base foundation. It supports:

  • Easy implementation with only one eight method adapter interface, along with the templates / views.
  • Easy storage and management of username, password, e-mail, phone number, and basic registration info (date created, geo-location data, et al).
  • Multiple user groups, providing central management of different groups of users that may exist throughout your back-end application (eg. admins, customers, developers with API access, support staff, et al).
  • Highly configurable with support for multiple policies, each of which consists of 21 different settings allowing for hundreds of different configurations.
  • E-mail address and phone verification with built-in support for Vonage / Nexmo for sending SMS messages.
  • Easy one-line of code to secure any requests / code behind two factor e-mail / SMS authentication.
  • 4096 bit RSA key-pair automatically generated for every user, allowing for segregated user-based AES256 encryption including multi-recipient encryption.
  • User device management for both, "remember me" feature and mobile apps / Firebase messages.
  • Optional per-user IP based restrictions.
  • Historical activity log showing all actions taken against a user's account.
  • Full login and session history for each user.
  • Fully tested with mySQL, PostgreSQL, and SQLite.

Extensions and Demo

Several extensions are available providing functionality for different authentication schemas:

An example implementation using the Syrus template engine can be found at:

Installation

Install via Composer with:

composer require apex/armor

Please see the implementation guide linked below.

Table of Contents

  1. Implementation Guide
    1. Setup Database Connection
    2. Install Database
    3. AdapterInterface Class
    4. Example Syrus Implementation
  2. Armor Class
    1. Container Definitions
    2. ArmorPolicy Configuration
    3. Brute Force Policy
    4. Policy Manager
  3. User Profiles (create, load, remove users)
    1. ArmorUser Class
    2. Registration Info
    3. Validator
    4. Devices
    5. Pending Password Changes
    6. IP Restrictions
    7. Activity Log
    8. Login History
  4. Verifying users
    1. E-Mail
    2. E-Mail via OTP
    3. Phone via SMS
    4. Reset Password
    5. Define Password After Registration
    6. Define Phone After Registration
  5. Login and Auth Sessions
    1. Login and Request Authentication
    2. Auto Login
    3. AuthSession Class
    4. Encrypt / Decrypt Data
    5. Session Attributes
    6. CSRF
    7. reCaptcha
  6. Two Factor Requests
    1. E-Mail
    2. E-Mail via OTP
    3. Phone via SMS
  7. AES Encryption
    1. User Based Encryption
    2. Password Based Encryption

Basic Usage

requireTwoFactor(); // Code below this line will not be executed until authenticated via e-mail / phone. // Encrypt data to user's RSA key $data_id = $session->encryptData('some sensitive data'); // Decrypt data at a later date $text = $session->decryptData($data_id); ">
use Apex\Armor\Armor;

// Create user
$armor = new Armor();
$user = $armor->createUser('', 'password12345', 'jsmith', '[email protected]', '14165551234');
$uuid = $user->getUuid();

// Get user by UUID
$user = $armor->getUuid($uuid);

// Update e-mail address
$user->updateEmail('[email protected]');


// Check if request is authenticated session
if (!$session = $armor->checkAuth()) { 
    die("You are not logged in");
}

// Require two factor authentication
$session->requireTwoFactor();

// Code below this line will not be executed until authenticated via e-mail / phone.

// Encrypt data to user's RSA key
$data_id = $session->encryptData('some sensitive data');

// Decrypt data at a later date
$text = $session->decryptData($data_id);

Support

If you have any questions, issues or feedback, please feel free to drop a note on the ApexPl Reddit sub for a prompt and helpful response.

Follow Apex

Loads of good things coming in the near future including new quality open source packages, more advanced articles / tutorials that go over down to earth useful topics, et al. Stay informed by joining the mailing list on our web site, or follow along on Twitter at @mdizak1.

You might also like...
Helps you securely setup a master password and login into user accounts with it.
Helps you securely setup a master password and login into user accounts with it.

🔑 Make your Login form smart in a minute! Built with ❤️ for every smart laravel developer Helps you set a master password in .env file and login into

this is a semester project using Laravel, this app allow user to keep and shear their note with other users.

About Laravel Laravel is a web application framework with expressive, elegant syntax. We believe development must be an enjoyable and creative experie

Log user authentication details and send new device notifications.
Log user authentication details and send new device notifications.

Laravel Authentication Log is a package which tracks your user's authentication information such as login/logout time, IP, Browser, Location, etc. as well as sends out notifications via mail, slack, or sms for new devices and failed logins.

Quickly create `User` models with Artisan. ⚡️

Quickly create User models with Artisan. Installation You can install the package via composer: composer require ryangjchandler/laravel-make-user Usag

Instantly login as user via a single button tap on dev environments.
Instantly login as user via a single button tap on dev environments.

Getting tired of always entering login details in local dev environments? This package adds a button to instantly login a user! Installation You can i

Easy, native Laravel user authorization.

An easy, native role / permission management system for Laravel. Index Installation Migration Customization Model Customization Usage Checking Permiss

User Authentication Managment With Laravel 8

About Laravel Laravel is a web application framework with expressive, elegant syntax. We believe development must be an enjoyable and creative experie

Redirects any user which hasn't setup two factor authentication yet to /2fa/

force-two-factor Redirects any user which hasn't setup two factor authentication yet to /2fa/. Use together with the forked two-factor plugin at https

Auth is a module for the Yii PHP framework that provides a web user interface for Yii's built-in authorization manager

Auth is a module for the Yii PHP framework that provides a web user interface for Yii's built-in authorization manager (CAuthManager). You can read more about Yii's authorization manager in the framework documentation under Authentication and Authorization.

Owner
Matt Dizak
Matt Dizak
It's a Laravel 8 authentication markdown that will help you to understand and grasp all the underlying functionality for Session and API Authentication

About Auth Starter It's a Laravel 8 authentication markdown that will help you to understand and grasp all the underlying functionality for Session an

Sami Alateya 10 Aug 3, 2022
UserFrosting is a secure, modern user management system written in PHP and built on top of the Slim Microframework, Twig templating engine, and Eloquent ORM.

UserFrosting is a secure, modern user management system written in PHP and built on top of the Slim Microframework, Twig templating engine, and Eloquent ORM.

UserFrosting 1.6k Jan 1, 2023
Tech-Admin is Laravel + Bootstrap Admin Panel With User Management And Access Control based on Roles and Permissions.

Tech-Admin | Laravel 8 + Bootstrap 4 Tech-Admin is Admin Panel With Preset of Roles, Permissions, ACL, User Management, Profile Management. Features M

TechTool India 39 Dec 23, 2022
User role and Permission Management system with Paticie package

User role and Permission Management system with Paticie package Installation instruction Download or git clone https://github.com/KKOO727/User-role-ma

Ninja 2 Mar 4, 2022
A user, group, role and permission management for Codeigniter 4

CI4-Auth CI4-Auth is a user, group, role and permission management library for Codeigniter 4. CI4-Auth is based on the great Myth-Auth library for Cod

George Lewe 15 Dec 16, 2022
Example of user management in Nette

User Authentication (Nette example) Example of user management. User login, registration and logout (SignPresenter) Command line registration (bin/cre

null 8 Nov 6, 2022
PHP library to verify and validate Apple IdentityToken and authenticate a user with Apple ID.

Sign-in with Apple SDK Installation Recommended and easiest way to installing library is through Composer. composer require azimolabs/apple-sign-in-ph

Azimo Labs 79 Nov 8, 2022
User registration and login form with validations and escapes for total security made with PHP.

Login and Sign Up with PHP User registration and login form with validations and escapes for total security made with PHP. Validations Required fields

Alexander Pérez 2 Jan 26, 2022
PHP package built for Laravel 5.* to easily handle a user email verification and validate the email

jrean/laravel-user-verification is a PHP package built for Laravel 5.* & 6.* & 7.* & 8.* to easily handle a user verification and validate the e-mail.

Jean Ragouin 802 Dec 29, 2022
Kaiju is an open source verification bot based on Discord's OAuth written in C# and PHP, with the functionality of being able to integrate the user to a new server in case yours is suspended.

What is Kaiju? Kaiju is an open source verification bot for Discord servers, based on OAuth and with permission for the server owner, to be able to mi

in the space 10 Nov 20, 2022