Text Adapter

This adapter can be used to authenticate users based on credentials stored in an htpasswd file or from an array of usernames and passwords. Passwords can be stored as hashes using PHP's password_hash() function, or by Apache's APR1-MD5 algorithm. The APR1-MD5 check is made possible thanks to the APR1-MD5 package by Jeremy Ebler [https://github.com/whitehat101/apr1-md5].

Apache htpasswd files can easily be created using Apache's htpasswd command. For example, to create a password file and add a user, you would issue the following:

1
$ htpasswd -c /path/to/.htpasswd juser

To add another user to the same file, issue the following noting the omission of the -c switch:

1
$ htpasswd /path/to/.htpasswd otheruser

By default, Apache will hash the password using a custom md5 hashing algorithm. You can also use the bcrypt algorithm by using the -B option.

1
$ htpasswd -B /path/to/.htpasswd jdoe

The resulting password file may look something like this:

1
2
3
juser:$apr1$Y.cxiqTt$4SPe4SHcbX6yzrIMlYtJJ0
otheruser:$apr1$kn0MShZv$RCvYu/wezJ2nAA9mH6BNE0
jdoe:$2y$05$CpZSkygbkm5HHoYYF2lnx..qB4dGywQpIT5GsqWeO26mkPnNzzu8G

Now we can create the Text adapter passing the full path of the file to the constructor.

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
use Vespula\Auth\Session\Session;
use Vespula\Auth\Auth;
use Vespula\Auth\Adapter\Text;

<?php
$session = new Session();
$passwordfile = '/path/to/.htpasswd';
$adapter = new Text($passwordfile);

// This data is returned by the getUserdata() method
$adapter->setUserdata('juser', [
    'fullname'=>'Joe User',
    'email'=>'juser@vespula.com'
]);

$auth = new Auth($adapter, $session);

if ('login button pushed logic') {
    $username = filter_input(INPUT_POST, 'username', FILTER_SANITIZE_STRING);
    $password = filter_input(INPUT_POST, 'password', FILTER_DEFAULT);
    $credentials = [
        'username'=>$username,
        'password'=>$password
    ];
    $auth->login($credentials);
    if ($auth->isValid()) {
        // display message, redirect, etc.
        $userdata = $auth->getUserdata();
        echo 'Hello, ' . $auth->getUsername();
        echo 'Your fullname is ' . $userdata['fullname'];
        // Or...
        echo 'Your fullname is ' . $auth->getUserdata('fullname');

    } else {
        // no luck, bad password or username
    }
}

if ('logout link clicked') {
    $auth->logout();
    // bye bye
    // $auth->isAnon() should return true
}

You may also pass an array of users and passwords to the Text adapter constructor. Passwords may be hashed using Apache's APR1-MD5 algorithm, Apache's bcrypt algorithm, or PHP's password_hash() function. For example:

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
<?php

use Vespula\Auth\Session\Session;
use Vespula\Auth\Auth;
use Vespula\Auth\Adapter\Text;

$session = new Session();

$passwords = [
    'juser'=>'$apr1$Y.cxiqTt$4SPe4SHcbX6yzrIMlYtJJ0',
    'jsmith'=>'$2y$10$XNbpIsW6zI1QIR1tdCXr5.7DuE8Jpfd8yAdQ8czcjDbUrykCBDYXm'
];

$adapter = new Text($passwords);

// This data is returned by the getUserdata() method
$adapter->setUserdata('juser', [
    'fullname'=>'Joe User',
    'email'=>'juser@vespula.com'
]);

$auth = new Auth($adapter, $session);

Loading User Data

You may want to load user data, such as email, full name, etc., into the auth object. This can be done in one of two ways.

Load data as an array

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
<?php

use Vespula\Auth\Session\Session;
use Vespula\Auth\Auth;
use Vespula\Auth\Adapter\Text;

$session = new Session();

$passwords = [
    'juser'=>'$apr1$Y.cxiqTt$4SPe4SHcbX6yzrIMlYtJJ0',
    'jsmith'=>'$2y$10$XNbpIsW6zI1QIR1tdCXr5.7DuE8Jpfd8yAdQ8czcjDbUrykCBDYXm'
];

$adapter = new Text($passwords);

$userdata = [
    'juser'=>[
        'fullname'=>'Joe User',
        'email'=>'juser@example.com'
    ],
    'jsmith'=>[
        'fullname'=>'John Smith',
        'email'=>'jsmith@example.com'
    ],
];

$adapter->loadUserData($userdata);

$auth = new \Vespula\Auth\Auth($adapter, $session);

// Now you can get userdata by username

$info = $auth->getUserdata();

// Or get a specific key

$email = $auth->getUserdata('email');

Set data for individual username

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
<?php

use Vespula\Auth\Session\Session;
use Vespula\Auth\Auth;
use Vespula\Auth\Adapter\Text;

$session = new Session();

$passwords = [
    'juser'=>'$apr1$Y.cxiqTt$4SPe4SHcbX6yzrIMlYtJJ0',
    'jsmith'=>'$2y$10$XNbpIsW6zI1QIR1tdCXr5.7DuE8Jpfd8yAdQ8czcjDbUrykCBDYXm'
];

$adapter = new Text($passwords);

$adapter->setUserdata('juser', [
    'fullname'=>'Joe User',
    'email'=>'juser@example.com'
]);


$auth = new Auth($adapter, $session);

// Now you can get userdata by username

$info = $auth->getUserdata();

// Or get a specific key

$email = $auth->getUserdata('email');