Free PHP Login Library [closed]

As it currently stands, this question is not a good fit for our Q&A format. We expect answers to be supported by facts, references, or expertise, but this question will likely solicit de开发者_运维问答bate, arguments, polling, or extended discussion. If you feel that this question can be improved and possibly reopened, visit the help center for guidance. Closed 9 years ago.

I'm designing a new website and I need a login system (Preferably in PHP and mySQL). I've written ad-hoc login systems before and I'm aware of all the security involved, etc. But as Jeff Atwood said, Never design what you can steal. So I'm wondering if there are any good PHP login/sign-in libraries. Can you recommend any?

some specifics

• I am trying to avoid php frameworks if at all possible (there is no reason to import one just for the login function)
• Also, I am aware I could simply use a social login or open-id, unless you are aware of a REALLY good library for this I would also prefer to not have to have to use something (open-id) I've never dealt with before
• Finally I need to be able to edit the user information in the mySQL database

---

UserCake

http://usercake.com/

• Login Register Lost password recovery
• Update password Update user email
• Email templates (optional) SHA1
• security + Salt / Hash Account
• activation (optional) Resend
• activation email (optional) User
• groups (Basic, id - group_name)
• Multilingual support

Or

You can try http://phpuserclass.com/

---

Some points before the answer.

1. You may rethink your strategy on frameworks. Modern frameworks like Zend Framework and also Symfony2 are loosely coupled. This means: you dont need to download/use the whole framework.

2. Another reason to rethink it, is that these frameworks are often robust, widely tested and used. In terms of performance they are not always of huge impact, especially with apc and other optimization methods, so are you affraid you will use too much harddisk space?

3. Your question is about something specific but easily done. This is exactly the type of stuff that frameworks are good at. Codeigniter, Zend Framework, Symfony, Symfony2 (am I missing one?), all offer code that will allow you to do this in maximum a matter of hours.

Libraries I would consider

1. Zend_Auth (has only zend_exception as hard depencencies). It's lightweight and has many options for integration with openauth and such. (requires about 10 php files) http://framework.zend.com/manual/en/zend.auth.html

2. Apache ZetaComponents (before ezcomponents) http://incubator.apache.org/zetacomponents/documentation/trunk/Authentication/tutorial.html

3. Pear LiveUser http://pear.php.net/package/LiveUser/download/

4. If you were to consider codeigniter, check this out: http://codeigniter.com/wiki/Category:Libraries::Authentication/

---

This tutorial is a bit on the old side, but it is one of the best out there and is very well done. There's no framework, it's just plain old good OOP PHP.]1 The code is available for download on the Tut.

It's well written, includes Cookies, and has a robust back end for user admin.

---

If the libraries you find do not apply, many of the concepts I presume you'll look into involve either combining PHP and LDAP, and/or PHP and the Apache authentication modules.

Your authentication requirements should also respect the principles of defense in depth.

Also, you might need to discover if your project requires authentication for JSON, XML-RPC, or REST APIs that could be operated by non-browser clients.