on 26 June 2014 by in
The library is still under development, but the major pieces are all now in place:
services for login, logout, and resuming sessions
service integration idioms (including HTTP
Authorization: Basic login integration)
Note that the library is purposely limited in scope. It does not do roles, groups, access control, or account management. You give it some credentials, it tells you if the credentials are valid or not, and starts/stops sessions.
As with all Aura libraries, the measurable code quality is very high. It has 100% test coverage, is fully decoupled from all other libraries, and scores very well on Scrutinizer-CI. It is PHP 5.3 compatible, although if you want to use the new and more-secure password_hash() functionality, you will need PHP 5.5 (or a userland implementation such as ircmaxell/password-compat.)
If you are interested in the project, try it out and get in your suggestions on what’s needed. We already have a TODO list, but there may be things we haven’t thought of. Now is the time to make your voice heard – and, of course, pull requests are always welcome for review.blog comments powered by Disqus