🔐 SecStore

Secure authentication boilerplate for PHP web applications

Production-ready authentication framework that saves you weeks of development. Features enterprise-grade security: 2FA/TOTP, LDAP integration, intelligent rate limiting, session fingerprinting, brute-force protection, security analytics dashboard, comprehensive audit logging, and granular role-based access control. Start building features, not infrastructure.

📚 Documentation • 🧑‍💻 Developer Documentation • 🐛 Bug Reports • 💬 Discussions

---

✨ Why SecStore?

🛡️ Security first Zero-Trust architecture with session fingerprinting 2FA support (TOTP) with QR code setup and backup codes Advanced rate limiting with intelligent scopes IP-Whitelisting with admin interface Security dashboard Login Ananlytics, Security Events,	⚡ Developer Experience One-click installation with automatic setup script PSR-12 compliant with code quality tools GitHub Hooks with automatic CHANGELOG.md update Modern PHP 8.3+ with type declarations Latte templates for clean, secure views
🌐 Enterprise-Ready LDAP integration for corporate environments Azure / Entra ID SSO Granular role management (RBAC) Comprehensive audit logging of all actions Multi-language support (DE/EN) DSGVO Compliant Art. 15, Art. 17	🎨 Modern UI/UX Bootstrap 5 design Dark/Light mode with user preferences Mobile first

---

🚀 Quick Start

🐳 Docker Installation (Recommended)

The easiest way to run SecStore - Production-ready in under 60 seconds:

# Clone repository
git clone https://github.com/madcoda9000/SecStore.git
cd SecStore

# Configure environment (optional - adjust database passwords)
cp .env.example .env

# Start containers
docker-compose up -d

# Open browser
http://localhost:8000

🎉 Done! Follow the web-based setup wizard to configure your database and admin account.

What you get:

• ✅ PHP 8.3 with all required extensions
• ✅ MySQL 8.0 database
• ✅ phpMyAdmin for database management
• ✅ Persistent storage for config, cache, and logs
• ✅ Automatic setup with one command

Full Docker documentation: 📖 README_DOCKER.md

---

⚙️ Manual Installation (Alternative)

For custom environments or when Docker is not available:

# Clone repository
git clone https://github.com/madcoda9000/SecStore.git
cd SecStore

# Run automatic setup script
chmod +x secstore_setup.sh && ./secstore_setup.sh

# Configure application
cp config.php_TEMPLATE config.php
# -> Edit config.php with your database credentials

# Start development server
php -S localhost:8000 -t public

🎉 Done! SecStore is running at http://localhost:8000

Default Login: super.admin / Test1000! (⚠️ Change password immediately!)

For detailed manual installation: 📖 INSTALL.md

---

🧑‍💻 Extend SecStore

SecStore is designed as a boilerplate for building custom web applications with modern security features built-in.

Learn to extend SecStore with custom pages, controllers, and features
Complete step-by-step guide with practical examples

What you'll learn:

• 🔧 Development environment setup
• 📄 Creating Latte templates and controllers
• 🛣️ Adding routes and navigation
• 💾 JavaScript integration (CSP-compliant)
• 🌍 Multilingual support implementation

---

🌟 Feature Highlights

🔐 Authentication & Security

• ✅ Multi-Factor Authentication (MFA/2FA) with TOTP standard
• ✅ LDAP integration for enterprise connectivity
• ✅ Azure / Entra ID SSO for enterprise connectivity
• ✅ Session security with fingerprinting and auto-regeneration
• ✅ Brute-force protection with intelligent blocking mechanisms
• ✅ Password security with BCRYPT hashing (60 characters)
• ✅ CSRF protection for all forms
• ✅ Content Security Policy (CSP) against XSS attacks

⚡ Rate Limiting & DOS Protection

• ✅ Granular rate limiting with scope-based limits
• ✅ Real-time statistics and violation tracking
• ✅ Intelligent throttling based on action sensitivity
• ✅ Admin whitelist functions
• ✅ Automatic cleanup and block management

👥 User Management

• ✅ Role-based access control (RBAC)
• ✅ Flexible user management with admin interface
• ✅ Bulk actions (Enforce and Unenforce 2fa, delete, Enable and Disable)
• ✅ Self-service profile management
• ✅ Password reset via email (can be enabled/disbaled)
• ✅ Registration system (can be enabled/disabled)
• ✅ 2FA enforcement per user by admins

📊 Monitoring & Logging

• ✅ Security dashboard with Login Analytics (Heatmap, Hourly, Weekly, Pattern detection)
• ✅ Comprehensive logging (Audit, Security, System, Mail, DB)
• ✅ Log categories with granular configuration
• ✅ Violation tracking and threat intelligence
• ✅ Performance metrics and system health

🎨 User Experience

• ✅ Dark/Light theme with automatic detection
• ✅ Multi-language (German/English)
• ✅ Intuitive admin interface
• ✅ Mobile first every page is mobile optimized

---

📱 Screenshots

🔑 Login & Authentication

👤 User Dashboard & Profile

🖼️ Show more screenshots

Admin Area	Security Dashboard

Rate Limiting	Audit Logs

Settings	Registration

---

🏗️ Technology Stack

Backend
Frontend
Database
Security
Tools

🔧 System Requirements

🐳 Using Docker? Skip these requirements! Docker handles everything automatically.
See README_DOCKER.md for Docker installation.

For manual installation:

Component	Minimum	Recommended
PHP	8.3+	8.3+ (latest)
MySQL/MariaDB	8.0+ / 10.4+	8.0+ / 10.6+
Webserver	Apache 2.4 / Nginx 1.18	Apache 2.4+ / Nginx 1.20+
RAM	512 MB	1 GB+
Storage	100 MB	500 MB+

---

📂 Project Architecture

SecStore follows a Model-View-Controller (MVC) architecture with additional middleware and utility layers for enhanced security.

SecStore/
├── 📁 app/                    # Core Application
│   ├── Controllers/           # MVC Controllers
│   ├── Models/               # Data Models (Paris ORM)
│   ├── Utils/                # Helper Classes (Session, Log, Security, etc.)
│   ├── Middleware/           # Request Middleware (CSRF, Auth, Rate Limiting)
│   ├── views/                # Latte Templates
│   └── lang/                 # Translations (DE/EN)
├── 📁 public/                # Web Root (Entry Point)
│   ├── index.php            # Application Bootstrap
│   ├── css/                  # Stylesheets
│   └── js/                   # JavaScript Files
├── 📁 Documentation/         # Project Documentation
│   ├── ARCHITECTURE.md      # Complete architecture documentation
│   ├── INSTALL.md           # Installation Guide
│   ├── DEVDOC.md            # Developer Guide
│   ├── SECURITY.md          # Security Policy
│   └── CHANGELOG.md         # Version History
├── 📁 database/              # Database Schema Files
├── 📁 tests/                 # PHPUnit Tests (Unit & Integration)
├── 📁 cache/                 # Template Cache
├── config.php               # Main Configuration
└── composer.json            # Dependencies

🏗️ Architecture Highlights

• MVC Pattern - Clean separation of concerns
• Middleware Stack - Rate Limiting → CSRF → Authentication → Authorization
• Security-First - Session fingerprinting, CSRF tokens, input validation
• Extensible - Easy to add custom controllers, models, and utilities
• CSP-Compliant - No inline scripts or styles

📖 For complete architecture details, request lifecycle, and extension guide:
👉 ARCHITECTURE.md

---

🛠️ Development

SecStore is designed as a boilerplate for building custom web applications with modern security features built-in.

Quick Start

# Install dependencies with dev tools
composer install

# Install Git hooks for code quality
./setup-hooks.sh

# Start development server
php -S localhost:8000 -t public

📖 Complete Developer Guide

Everything you need to extend SecStore:

👉 DEVDOC.md - Complete step-by-step developer documentation

What's inside:

• 🔧 Development environment setup & tools
• 📄 Creating custom pages, controllers, and models
• 🛣️ Adding routes and navigation
• 💾 CSP-compliant JavaScript integration
• 🌍 Multilingual support implementation
• 🧪 Testing strategies and best practices
• 📚 Code quality guidelines and Git workflow

Contributing

We welcome contributions! 🎉

1. Fork the repository
2. Create a feature branch
3. Follow the guidelines in DEVDOC.md
4. Open a Pull Request

Coding Standards:

• ✅ PSR-12 compliant PHP code
• ✅ Conventional Commits (use ./quick-commit.sh)
• ✅ Tests for new features
• ✅ Update documentation

---

📖 Documentation

Document	Description
🏗️ ARCHITECTURE.md	Complete technical architecture and request lifecycle
📖 INSTALL.md	Complete manual installation and setup guide
🐳 README_DOCKER.md	Docker installation guide (recommended)
📘 HANDBOOK.md	Complete Handbook for Users & Adminstrators
🧑‍💻 DEVDOC.md	Developer guide for extending SecStore
🧪 TESTING.md	Testing strategy and pragmatic approach
🔒 SECURITY.md	Security policies and vulnerability reporting
📝 CHANGELOG.md	Version history and release notes
🔍 GIT_HOOKS.md	Git hooks setup and usage guide

---

🤝 Community & Support

💬 Get Help

❓ Frequently Asked Questions

Can SecStore be used in production?

Yes! SecStore was built for production environments and implements modern security standards. See SECURITY.md for details.

Does SecStore support Single Sign-On (SSO)?

Through LDAP integration, you can connect SecStore to existing SSO solutions. Native SAML/OAuth2 support is planned.

How can I contribute to the project?

We welcome issues, pull requests, documentation, and feature suggestions! See our contributing guidelines above.

---

📊 Project Stats

---

⭐ Give us a Star!

If you like SecStore, give us a ⭐ on GitHub! This motivates us to continue working on the project.

🙏 Thank you for your interest in SecStore!

Built with ❤️ for the open-source community

---

⬆️ Back to top