Basic authentication and session management library for PHP?

Prophonouperb

New Member
I know questions like this have been asked numerous times, but not quite this one. Forgive me if I overlooked an obvious duplicate.In the core of many of my web applications is a self-written user/session management class that in its origins dates back to 2002.I have decided that it is time for a fundamental re-write or, preferably, the introduction of a ready-made standard library.My requirements for that library would be:
  • Object oriented, clean, excellent code
  • Full session management: Wrapper to session_start() and consorts
  • Would ideally provide various storage methods (PHP Standard /tmp, database based)
  • Would ideally be able to connect to different types of user data storage, but mySQL will do fine
  • Would ideally provide convenient functions for supporting OpenID, but that's a fancy thought, no requirement right now
  • Methods: Verify session, get user data, get session data, log in user, log out user
  • Settings: Session lifetime, password encryption
  • Must be Open Source
And if it's very generic, a user management API or a generic connector to the user management of the surrounding application would be nice:
  • Create/Update/delete user records
  • Fetch and modify data of currently logged in user
this is so basic, and so security relevant, that I would expect that there is a standard solution to this, however I don't know of any, and all the big CMSs and blogs seem to be rolling their own. My two questions:
  • Do you know such a component as a generic, stand-alone library?
  • Could somebody with deep knowledge in Zend Framework tell me whether it is possible to use Zend_auth and/or Zend_session standalone, at the core of a big application that has otherwise nothing to do with ZF, without running in to trouble?
 
Back
Top