Skip to content


Folders and files

Last commit message
Last commit date

Latest commit


Repository files navigation

CAS Server

Build status on GitHub Uses XP Framework BSD Licence Requires PHP 7.4+ Supports PHP 8.0+ Less than 1000 lines

Minimalistic CAS Server in PHP supporting MySQL / MariaDB or MongoDB persistence.



For use with MySQL / MariaDB, create a database with the following tables (the following uses MySQL syntax, adopt if necessary!):

# Create database and tables
$ cat src/main/sql/mysql-schema.ddl | mysql -u root

# Create user
$ mysql -u root -e "grant all on IDENTITIES.* to 'cas'@'%' identified by '...'"

MongoDB collections are created automatically when the first document is inserted - so the only thing necessary is to create the user for the respective database, as shown in the following Mongo CLI commands:

mongo> use admin;
mongo> db.createUser({
  user: "cas",
  pwd: "...",
  roles: [ { role: "readWrite", db: "cas" } ]

Run composer:

$ composer install
# ...

Export environment:

$ export CAS_DB_PASS=... # The one you used when creating the database user above
$ export REDIS_PASS=...  # Sessions use filesystem during development, redis only in prod
$ export CRYPTO_KEY=...  # Must have 32 characters, generate with `openssl rand -base64 24`

You can also put these variables into a file named credentials, if you wish:

$ cat > credentials


Start the server:

# For MySQL / MariaDB
$ xp serve -p dev -c src/main/etc/sql

# For MongoDB
$ xp serve -p dev -c src/main/etc/mongo

Now open http://localhost:8080/login in your browser.

To change the address and port the server runs on, add -a to the above command line.

User management

All of the following use the sql configuration. For use with MongoDB, use src/main/etc/mongo instead!

# Create a new user; generating a random password if necessary
$ xp cmd -c src/main/etc/sql NewUser <user> [--password=<password>]

# Change a user's password
$ xp cmd -c src/main/etc/sql ChangePassword <user> [--password=<password>]

# Remove an existing user
$ xp cmd -c src/main/etc/sql RemoveUser <user>

# List all users
$ xp cmd -c src/main/etc/sql ListUsers

# Filter users on their username. Use * to match any character
$ xp cmd -c src/main/etc/sql ListUsers 't*'

Setting up MFA

# Create a new token
$ xp cmd -c src/main/etc/sql NewToken <user> [--name=<name>]

# List existing tokens
$ xp cmd -c src/main/etc/sql ListTokens <user>

# Remove an existing token
$ xp cmd -c src/main/etc/sql RemoveToken <user> <name>