Based on ZfcUser by Evan Coury and the ZF-Commons team
LmcUser is a user registration and authentication module for Laminas. LmcUser provides the foundations for adding user authentication and registration to your Laminas site. It is designed to be very simple and easy to extend.
More information and examples are available on the LmcUser Wiki
Add this project in your composer.json:
"require": {
"lm-commons/lmc-user": "^3.1"
}
Now tell composer to download LmcUser by running the command:
$ php composer.phar update
Enabling it in your application.config.php
file.
<?php
return [
'modules' => [
// ...
'LmcUser',
],
// ...
];
./config/autoload/database.local.php
:<?php
return [
'db' => [
'driver' => 'PdoMysql',
'hostname' => 'changeme',
'database' => 'changeme',
'username' => 'changeme',
'password' => 'changeme',
],
'service_manager' =>[
'factories' => [
\Laminas\Db\Adapter\Adapter::class => \Laminas\Db\Adapter\AdapterServiceFactory::class,
],
],
];
Navigate to http://yourproject/user and you should land on a login page.
If using Zend DB update table name to lmc_user
Replace all namespace references to ZfcUser to LmcUser
Update references to the lowercase key zfcuser to lmcuser
DO NOT CHANGE THE PASSWORD HASH SETTINGS FROM THEIR DEFAULTS unless A) you have done sufficient research and fully understand exactly what you are changing, AND B) you have a very specific reason to deviate from the default settings.
If you are planning on changing the default password hash settings, please read the following:
The password hash settings may be changed at any time without invalidating existing user accounts. Existing user passwords will be re-hashed automatically on their next successful login.
WARNING: Changing the default password hash settings can cause serious problems such as making your hashed passwords more vulnerable to brute force attacks or making hashing so expensive that login and registration is unacceptably slow for users and produces a large burden on your server(s). The default settings provided are a very reasonable balance between the two, suitable for computing power in 2013.
The LmcUser module has some options to allow you to quickly customize the basic
functionality. After installing LmcUser, copy
./vendor/lm-commons/lmc-user/config/lmcuser.global.php.dist
to
./config/autoload/lmcuser.global.php
and change the values as desired.
The following options are available:
LmcUser\Entity\User
.false
.false
.true
.true
.false
. (Note,
right now this only utilizes a weak Laminas\Text\Figlet CAPTCHA.)true
.lmcuser
.lmcuser/login
.14
.false
.1
.null
and 1
.NOTICE These instructions are currently out of date.
By default, the user registration uses the Figlet captcha engine. This is because it's the only one that doesn't require API keys. It's possible to change out the captcha engine with DI. For example, to change to Recaptcha, you would add this to one of your configuration files (global.config.php, module.config.php, or a dedicated recaptcha.config.php):
<?php
// ./config/autoload/recaptcha.config.php
return [
'di'=> [
'instance'=> [
'alias'=> [
// OTHER ELEMENTS....
'recaptcha_element' => \Laminas\Form\Element\Captcha::class,
],
'recaptcha_element' => [
'parameters' => [
'spec' => 'captcha',
'options'=> [
'label' => '',
'required' => true,
'order' => 500,
'captcha' => [
'captcha' => 'ReCaptcha',
'privkey' => RECAPTCHA_PRIVATE_KEY,
'pubkey' => RECAPTCHA_PUBLIC_KEY,
],
],
],
],
\LmcUser\Form\Register::class => [
'parameters' => [
'captcha_element'=>'recaptcha_element',
],
],
],
],
];