Added new components security-bundle and security-http

CHANGELOG-2.0.md

@@ -6,4 +6,5 @@
 
 - [#53](https://github.com/mineadmin/components/pull/53) Splitting components http-server
 - [#55](https://github.com/mineadmin/components/pull/55) Splitting the crontab component
-- [#56](https://github.com/mineadmin/components/pull/56) Splitting modular components
+- [#56](https://github.com/mineadmin/components/pull/56) Splitting modular components
+- [#58](https://github.com/mineadmin/components/pull/58) New base Secure Authentication Component

CHANGELOG-2.0.zh_CN.md

@@ -6,4 +6,5 @@
 
 - [#53](https://github.com/mineadmin/components/pull/53) 拆分组件 http-server
 - [#55](https://github.com/mineadmin/components/pull/55) 拆分优化组件 crontab
-- [#56](https://github.com/mineadmin/components/pull/56) 拆分`模块化`组件
+- [#56](https://github.com/mineadmin/components/pull/56) 拆分`模块化`组件
+- [#58](https://github.com/mineadmin/components/pull/58) 新增基础的 安全认证组件

composer.json

@@ -22,7 +22,9 @@
       "Mine\\NextCoreX\\": "src/next-core-x/src",
       "Mine\\HttpServer\\": "src/HttpServer/src",
       "Mine\\Crontab\\": "src/Crontab/src",
-      "Mine\\Module\\": "src/Module/src"
+      "Mine\\Module\\": "src/Module/src",
+      "Mine\\SecurityBundle\\": "src/SecurityBundle/src",
+      "Mine\\Security\\Http\\": "src/SecurityHttp/src"
     },
     "files": [
       "src/mine-helpers/src/functions.php"
@@ -36,7 +38,9 @@
       "Mine\\NextCoreX\\Tests\\": "src/next-core-x/tests",
       "Mine\\HttpServer\\Tests\\": "src/HttpServer/tests",
       "Mine\\Crontab\\Tests\\": "src/Crontab/tests",
-      "Mine\\Module\\Tests\\": "src/Module/tests"
+      "Mine\\Module\\Tests\\": "src/Module/tests",
+      "Mine\\SecurityBundle\\Tests\\": "src/SecurityBundle/tests",
+      "Mine\\Security\\Http\\Tests\\": "src/SecurityHttp/tests"
     }
   },
   "authors": [
@@ -46,7 +50,7 @@
       "role": "Developer"
     },
     {
-      "name": "DeathSatan",
+      "name": "zds",
       "email": "2771717608@qq.com",
       "role": "Developer"
     }
@@ -61,7 +65,10 @@
     "xmo/mine-genertor": "*",
     "xmo/app-store": "*",
     "mine/next-core-x": "*",
-    "mineadmin/http-server": "*"
+    "mineadmin/http-server": "*",
+    "mineadmin/security-bundle": "*",
+    "mineadmin/security-http": "*",
+    "mineadmin/module": "*"
   },
   "require": {
     "php": ">=8.1",
@@ -74,6 +81,7 @@
     "ext-swoole": ">=5.0",
     "ext-zip": "*",
     "doctrine/dbal": "^3.1",
+    "friendsofhyperf/encryption": "^3.1",
     "hyperf/amqp": "~3.1.0",
     "hyperf/async-queue": "~3.1.0",
     "hyperf/cache": "~3.1.0",
@@ -106,7 +114,9 @@
     "hyperf/validation": "~3.1.0",
     "hyperf/websocket-server": "~3.1.0",
     "lcobucci/jwt": "~5.2.0",
+    "mine/next-core-x": "dev-2.0-dev",
     "nesbot/carbon": "^1.0 || ^2.0",
+    "nette/utils": "dev-master",
     "overtrue/flysystem-cos": "^5.0",
     "overtrue/flysystem-qiniu": "^3.0",
     "phpoffice/phpspreadsheet": "^1.24",
@@ -116,9 +126,7 @@
     "symfony/var-exporter": "*",
     "tangwei/apidocs": "^3.0",
     "yurunsoft/phpmailer-swoole": "^1.0",
-    "zoujingli/ip2region": "2.0.*",
-    "nette/utils": "dev-master",
-    "mine/next-core-x": "dev-2.0-dev"
+    "zoujingli/ip2region": "2.0.*"
   },
   "require-dev": {
     "friendsofphp/php-cs-fixer": "^3.0",

phpunit.xml

@@ -3,6 +3,8 @@
   <coverage/>
   <testsuites>
     <testsuite name="Tests">
+      <directory suffix="Test.php">./src/SecurityHttp/tests</directory>
+      <directory suffix="Test.php">./src/SecurityBundle/tests</directory>
       <directory suffix="Test.php">./src/Module/tests</directory>
       <directory suffix="Test.php">./src/Crontab/tests</directory>
       <directory suffix="Test.php">./src/HttpServer/tests</directory>

src/Module/composer.json

@@ -33,7 +33,7 @@
       "Mine\\Module\\Tests": "tests"
     }
   },
-  "config": {
+  "extra": {
     "hyperf": {
       "config": "Mine\\Module\\ConfigProvider"
     }

src/SecurityBundle/.github/workflows/close-pull-request.yml

@@ -0,0 +1,13 @@
+name: Close Pull Request
+
+on:
+  pull_request_target:
+    types: [ opened ]
+
+jobs:
+  run:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: superbrothers/close-pull-request@v3
+        with:
+          comment: "Hi, this is a READ-ONLY repository, please submit your PR on the https://github.com/mineadmin/components repository.<br><br> This Pull Request will close automatically.<br><br> Thanks! "

src/SecurityBundle/.github/workflows/release.yml

@@ -0,0 +1,24 @@
+on:
+  push:
+    tags:
+      - 'v*' # Push events to matching v*, i.e. v1.0, v20.15.10
+
+name: Release
+
+jobs:
+  release:
+    name: Release
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+      - name: Create Release
+        id: create_release
+        uses: actions/create-release@v1
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        with:
+          tag_name: ${{ github.ref }}
+          release_name: Release ${{ github.ref }}
+          draft: false
+          prerelease: false

src/SecurityBundle/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2024 MineAdmin
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

src/SecurityBundle/README.md

@@ -0,0 +1,3 @@
+# Hyperf Security Bundle
+
+像 Symfony/security 那样提供用户认证、授权、协程/请求安全上下文等功能

src/SecurityBundle/composer.json

@@ -0,0 +1,38 @@
+{
+  "name": "mineadmin/security-bundle",
+  "description": "MineAdmin Security bundle,类似 Symfony/Security 组件，提供用户认证、授权、安全上下文等功能。",
+  "license": "MIT",
+  "type": "library",
+  "authors": [
+    {
+      "name": "xmo",
+      "email": "root@imoi.cn",
+      "role": "Developer"
+    },
+    {
+      "name": "zds",
+      "email": "2771717608@qq.com",
+      "role": "Developer"
+    }
+  ],
+  "require": {
+    "php": ">=8.1",
+    "hyperf/framework": "^3.1",
+    "friendsofhyperf/encryption": "^3.1"
+  },
+  "autoload": {
+    "psr-4": {
+      "Mine\\SecurityBundle\\": "src"
+    }
+  },
+  "autoload-dev": {
+    "psr-4": {
+      "Mine\\SecurityBundle\\Tests\\": "tests"
+    }
+  },
+  "extra": {
+    "hyperf": {
+      "config": "Mine\\SecurityBundle\\ConfigProvider"
+    }
+  }
+}

src/SecurityBundle/src/AbstractUserProvider.php

@@ -0,0 +1,100 @@
+<?php
+
+declare(strict_types=1);
+/**
+ * This file is part of MineAdmin.
+ *
+ * @link     https://www.mineadmin.com
+ * @document https://doc.mineadmin.com
+ * @contact  root@imoi.cn
+ * @license  https://github.com/mineadmin/MineAdmin/blob/master/LICENSE
+ */
+
+namespace Mine\SecurityBundle;
+
+use Hyperf\Database\Model\Builder;
+use Mine\SecurityBundle\Contract\UserInterface;
+use Mine\SecurityBundle\Contract\UserProviderInterface;
+use Mine\SecurityBundle\Event\Login;
+use Mine\SecurityBundle\Event\Validated;
+use Mine\SecurityBundle\Event\Verified;
+use Mine\SecurityBundle\Exception\NotFoundUserEntityException;
+use Psr\EventDispatcher\EventDispatcherInterface;
+
+use function Hyperf\Support\value;
+
+abstract class AbstractUserProvider implements UserProviderInterface
+{
+    public function __construct(
+        private readonly EventDispatcherInterface $dispatcher,
+        private readonly Config $config
+    ) {}
+
+    public function retrieveByToken(string $token): ?object
+    {
+        return value(function (Builder $builder, UserInterface $user, string $token) {
+            return $builder->where($user->getRememberTokenName(), $token)->first();
+        }, $this->getUserEntity()->getSecurityBuilder(), $this->getUserEntity(), $token);
+    }
+
+    public function updateRememberToken(UserInterface $user, string $token): bool
+    {
+        return value(function (Builder $builder, UserInterface $user, string $token) {
+            return $builder->update([
+                $user->getRememberTokenName() => $token,
+            ]);
+        }, $user->getSecurityBuilder(), $user, $token);
+    }
+
+    public function retrieveById(mixed $identifier): ?object
+    {
+        return value(
+            function (Builder $builder, UserInterface $entity, mixed $identifier) {
+                return $builder->where($entity->getIdentifierName(), $identifier)->first();
+            },
+            $this->getUserEntity()->getSecurityBuilder(),
+            $this->getUserEntity(),
+            $identifier
+        );
+    }
+
+    public function credentials(array $credentials): false|UserInterface
+    {
+        $userEntity = $this->getUserEntity();
+        $builder = $userEntity->getSecurityBuilder();
+        $identifierName = $userEntity->getIdentifierName();
+        if (isset($credentials[$identifierName])) {
+            /**
+             * @var UserInterface $entity
+             */
+            $entity = $builder->where($identifierName, $credentials[$identifierName])->first();
+            if ($entity === null) {
+                return false;
+            }
+            if ($this->verifyPassword($entity, $credentials['password'])) {
+                $this->dispatcher->dispatch(new Login($entity));
+                return $entity;
+            }
+        }
+        return false;
+    }
+
+    protected function verifyPassword(UserInterface $user, string $password): bool
+    {
+        if (password_verify($password, $user->getPassword())) {
+            $this->dispatcher->dispatch(new Verified($user));
+            return true;
+        }
+        $this->dispatcher->dispatch(new Validated($user));
+        return false;
+    }
+
+    protected function getUserEntity(): UserInterface
+    {
+        $entityClass = $this->config->get('entity', '\\App\\Model\\User');
+        if (! class_exists($entityClass)) {
+            new NotFoundUserEntityException();
+        }
+        return new $entityClass();
+    }
+}

src/SecurityBundle/src/Config.php

@@ -0,0 +1,29 @@
+<?php
+
+declare(strict_types=1);
+/**
+ * This file is part of MineAdmin.
+ *
+ * @link     https://www.mineadmin.com
+ * @document https://doc.mineadmin.com
+ * @contact  root@imoi.cn
+ * @license  https://github.com/mineadmin/MineAdmin/blob/master/LICENSE
+ */
+
+namespace Mine\SecurityBundle;
+
+use Hyperf\Contract\ConfigInterface;
+
+class Config
+{
+    public const PREFIX = 'security';
+
+    public function __construct(
+        private readonly ConfigInterface $config
+    ) {}
+
+    public function get(string $key, mixed $default = null): mixed
+    {
+        return $this->config->get(self::PREFIX . '.' . $key, $default);
+    }
+}

src/SecurityBundle/src/ConfigProvider.php

@@ -0,0 +1,21 @@
+<?php
+
+declare(strict_types=1);
+/**
+ * This file is part of MineAdmin.
+ *
+ * @link     https://www.mineadmin.com
+ * @document https://doc.mineadmin.com
+ * @contact  root@imoi.cn
+ * @license  https://github.com/mineadmin/MineAdmin/blob/master/LICENSE
+ */
+
+namespace Mine\SecurityBundle;
+
+class ConfigProvider
+{
+    public function __invoke(): array
+    {
+        return [];
+    }
+}