Prisma PHP Logo Prisma PHP
 

Authentication

Authentication is a crucial aspect of web applications, ensuring that users are who they claim to be and have the necessary permissions to access resources. Prisma PHP simplifies the authentication process by providing a built-in authentication system that supports various authentication methods—email/password, social logins, and third-party services.

Introduction

By integrating authentication into the development workflow, Prisma PHP streamlines securing applications, making it easier for developers to implement user authentication and authorization features.

Authentication Modes

Prisma PHP supports two authentication modes:

  • Public by default: All routes are public unless explicitly protected.
  • Private by default: Require authentication for all routes. Set IS_ALL_ROUTES_PRIVATEtrue in src/Lib/Auth/AuthConfig.php.

Use the mode that best fits your application: - If you have more public routes, keep the default. - If you want most of your app to be protected, use private-by-default.

JWT Authentication

By default, Prisma PHP uses the firebase/php-jwt package to generate JSON Web Tokens (JWTs).

More info: jwt.io.

Getting Started Steps

  1. Set AUTH_SECRET in .env.
  2. Use Authsrc/Lib/Auth/Auth.php
  3. Configure AuthConfig.
  4. Use AuthMiddleware to protect routes.
  5. Validate JWTs + enforce roles.

Environment Configuration

The AUTH_SECRET is used to sign and verify JWTs.

  • openssl rand -base64 33
  • Use a key generator site
  • npm exec auth secret

Auth Class Usage

  • getInstance()
  • signIn()
  • isAuthenticated()
  • getPayload()
  • verifyToken()
  • refreshToken()
  • signOut()

Examples


<?php
use Lib\Auth\Auth;

$auth = Auth::getInstance();
$userData = [
  'id' => 1,
  'username' => 'john.doe',
  'email' => 'john.doe@example.com'
];

try &#123;
    $jwt = $auth->signIn($userData);
    echo "JWT: " . $jwt;
&#125; catch (\InvalidArgumentException $e) &#123;
    echo "Error: " . $e->getMessage();
&#125;

?>



<?php
use Lib\Auth\Auth;
use Lib\StateManager;

$auth = Auth::getInstance();
$user = StateManager::getState('user');

if ($auth->isAuthenticated()) &#123;
    StateManager::setState('user', $auth->getPayload());
&#125;

function login() &#123;
    $auth = Auth::getInstance();
    $jwt = $auth->signIn(['name' => 'admin'], '1m');
    echo "JWT: $jwt";
&#125;

?>

<button onclick="login()">Login</button>
<p><?= $user->name ?? '' ?></p>



<?php
use Lib\Auth\Auth;
use Lib\Auth\AuthRole;

$auth = Auth::getInstance();

try &#123;
    $jwt = $auth->signIn(AuthRole::Admin, '1m');
    echo "JWT: " . $jwt;
&#125; catch (\InvalidArgumentException $e) &#123;
    echo "Error: " . $e->getMessage();
&#125;

?>

Logout Example


<?php
use Lib\Auth\Auth;

function logout() &#123;
    Auth::getInstance()->signOut('/');
&#125;
?>

<button onclick="logout()">Logout</button>



<?php
use Lib\Auth\Auth;
use Lib\Request;

$auth = Auth::getInstance();

if (Request::$isGet && isset(Request::$params->logout)) &#123;
    $auth->signOut('/');
&#125;

?>

<a href="?logout">Logout</a>

Authentication Middleware

Handles route protection, auth validation and role enforcement.

Security Considerations

Validate tokens on every request and restrict access using roles defined in AuthConfig.

Conclusion

Prisma PHP provides a simple and powerful authentication system based on JWTs, middleware and optional role-based access control.