Security

MightyPHP comes with built in functions to easily keep track of user's authenticated sessions.

Create Auth Session

To authenticate a user, you may call the security class and call its setAuth() method.

use MightyCore\Security;
‚Äč
Security::setAuth();

Besides that, the setAuth() method accepts an optional array parameter:

Security::setAuth([
"id" => 1,
"role" => 2
]);

The parameters passed in via an array will be used to set the session variables upon setAuth() based on key value pair.

Encrypting Password

Before the auth method can be used, it is crucial that the user passwords in the database to be used for comparison are encrypted with the encryptPassword method of the security class.

Security::encryptPassword('123abc');

This will encrypt the string using PHP's PASSWORD_DEFAULT algorithm.

Check for an Auth Session

If you wish to check if a valid session is ongoing, you may access the checkAuth method from the Security class.

Security::checkAuth() // returns true if Authenticated.

Compare Password

If for some reason, you wish to just check the authenticity of the user's password, you may call the comparePassword method.

// Returns true if compared successfully.
Security::comparePassword('hashed_password', 'user_input_string');

Logout

If you wish to terminate the user's session, you may call the logout method to destroy the session.

Security::logout();