User Module

The User module demonstrates Bus Mode (CQRS) for authentication flows, including login, logout, and session management with domain events.

Domain Layer

Entity: User

class User extends EntityAbstract
{
    public function __construct(
        private readonly IdInterface $id,
        private readonly Email $email,
        private readonly Password $password,
        private readonly UserGroup $group
    ) {}
}

Value Objects

• Email - Validates email format
• Password - Handles hashing and verification

UserGroup Enum

enum UserGroup: string
{
    case Admin = 'admin';
    case User = 'user';
}

Commands and Queries

Domain Events

• UserAuthenticatedEvent - When login succeeds
• UserLogoutEvent - When user logs out

Authentication Flow

Login

1. User submits credentials
2. AuthenticateUserCommand dispatched
3. Handler verifies credentials
4. Session created, event dispatched
5. Redirect to protected area

Logout

1. LogoutUserCommand dispatched
2. Session destroyed
3. Event dispatched
4. Redirect to login

Security Features

• Password hashing via framework plugin
• Session regeneration on login
• Session destruction on logout
• Domain events for audit trails

Integration with RBAC

User's UserGroup maps to permissions in config/demo/permissions.php. The RbacMiddlewareFactory checks permissions on protected routes.

See Also

• Bus Mode - Architectural pattern used
• CQRS - Commands for auth flow
• Entities - User entity
• Value Objects - Email, Password
• Domain Events - UserAuthenticatedEvent, UserLogoutEvent
• Authentication - Authentication flow details
• Password Hasher - Password hashing
• RBAC Permissions - UserGroup to permissions mapping