CommonPHP Security is the standalone security package for CommonPHP applications and plain PHP projects. It provides authorization decisions, policies, role and permission helpers, security context objects, password hashing, and CSRF token management.
Security is intentionally explicit. Expected authorization denials can be represented as AuthorizationResult objects, while invalid configuration, malformed CSRF state, and failed assertions throw package-specific exceptions.
Entry points:
CommonPHP\Security\AuthorizerCommonPHP\Security\PolicyRegistryCommonPHP\Security\SecurityContextCommonPHP\Security\CsrfTokenManagerCommonPHP\Security\SessionCsrfTokenStorageCommonPHP\Security\NativePasswordHasher
Authorization objects:
CommonPHP\Security\AuthorizationResultCommonPHP\Security\PermissionCommonPHP\Security\RoleCommonPHP\Security\Enums\AccessDecision
CSRF objects:
CommonPHP\Security\CsrfToken
Contracts:
CommonPHP\Security\Contracts\AuthorizerInterfaceCommonPHP\Security\Contracts\PolicyInterfaceCommonPHP\Security\Contracts\SecurityContextInterfaceCommonPHP\Security\Contracts\CsrfTokenManagerInterfaceCommonPHP\Security\Contracts\CsrfTokenStorageInterfaceCommonPHP\Security\Contracts\PasswordHasherInterface
Exceptions:
CommonPHP\Security\Exceptions\SecurityExceptionCommonPHP\Security\Exceptions\AuthorizationExceptionCommonPHP\Security\Exceptions\AccessDeniedExceptionCommonPHP\Security\Exceptions\InvalidCsrfTokenExceptionCommonPHP\Security\Exceptions\PasswordHashExceptionCommonPHP\Security\Exceptions\PolicyNotFoundException