Developer documentation for the initphp/auth package. The project
README gives a one-page overview; this directory goes
deeper.
- Getting started — install, instantiate, and read your first segment.
- Permissions — case-insensitive permission set, magic accessors, serialization.
- Adapters
- SessionAdapter —
$_SESSION-backed storage. - CookieAdapter — signed-cookie storage,
salt generation,
SameSite/Secureguidance, custom writers. - Custom adapters — implement
AdapterInterfacefor databases, Redis, JWT, anything. - NullAdapter — no-op adapter for tests and feature flags.
- SessionAdapter —
- Recipes
- Multiple segments per request — auth, cart, and CSRF state side by side.
- Basic-auth credential cache — the PDO-backed example from the v1 README, rewritten without SQL injection.
- Upgrading from v1 — BC notes for v2.
Every page is structured as Goal → Working example → Expected output → Common mistakes. Snippets are copy-paste ready against the released package; outputs were generated against the test suite.