A simple role/permission authentication bundle for Laravel
- Secure password storage with salt
- Role/permission based authentication
- Exceptions for intelligent handling of errors
- Configurable/extendable
NOTE: Full docs will be available soon(ish) from my portfolio.
Run these commands on the CLI:
php artisan bundle:install verify
php artisan migrate verify
You should now have all the tables imported, complete with a sample user, called admin, with a password of password.
Place the following code in application/bundles.php
:
'verify' => array(
auto => true
)
Then change your Auth driver to 'verify'
in application/config/auth.php
:
'driver' => 'verify',
The bundle is intentionally lightweight. You add Users, Roles and Permissions like any other Model.
$user = Verify\Models\User::create(array(...));
$role = Verify\Models\User::create(array(...));
etc.
All models are in the namespace 'Verify\Models'.
The relationships are as follows:
- Roles have many Users
- A User belongs to a Role
- Roles have many and belongs to Permissions
- Permissions have many and belongs to Roles
They are added via the ORM, too:
$role->permissions->sync(array($permission->id));
More information on relationships can be found in the Laravel Eloquent docs.
The main functions are supposed to be used with a User object.
$user = Auth::retrieve($user_id);
// Roles
$user->is('Super Admin'); // Does the user have the role 'Super Admin'
$user->is(array('Super Admin', 'Admin')); // Does the user have the role 'Super Admin' OR 'Admin'
// Permissions
$user->can('delete_users'); // Does the user have the permission 'delete_users'
$user->can(array('delete_users', 'create_users')); // Does the user have the permission 'delete_users' OR 'create_users'
// Levels
$user->level(7); // Is the user a level 7 or above?
$user->level(5, '<='); // Is the user a level 5 or below
// All the standard operators are valid (<, <=, =, >=, >)
NOTE: Salts are automatically applied when setting a password:
$user->password = 'password'; // Salt will automatically be generated and applied to the user
The Verify library has the same permission functions as the User model, the only difference being it tests the logged in user by default, or you can pass a user in as a parameter.
// Roles
Auth::is(array('Super Admin', 'Admin');
Auth::is('Admin', $different_user);
// Permissions
Auth::can(array('create_users', 'delete_users');
Auth::can('create_users', $different_user);
// Levels
Auth::level(7);
Auth::level(5, '<');
Auth::level(9, '<=', $different_user);
It also has these public functions, like the normal Auth driver.
Retrieves a user via their ID
$user = Auth::retrieve($user_id);
Attempts to log in a user
$ok = Auth::attempt(array(
'username' => 'Todd',
'password' => 'password',
'remember' => true
));
The only real difference between this and the normal attempt
Auth method, is it throws an exception on error:
UserNotFoundException - User can't be found
UserUnverifiedException - User isn't verified
UserDisabledException - User has been disabled
UserDeletedException - User has been deleted
A separate config file is provided to keep configuration separate from other Auth libraries.
A string or array of the database columns to authenticate against
array('username', 'email')
The model to use for a User
'Verify\Models\User'
The name of the super admin, who returns true on all permission checks
'Super Admin'
The prefix to use for the database tables. e.g 'verify' for 'verify_users'
''