PHP SDK
PHP integration using the built-in cURL extension. Works with PHP 7.4+.
No Composer packages required
Uses the built-in curl extension available in standard PHP installations.
Installation
Copy Authon.php into your project. Ensure the cURL extension is enabled in php.ini.
Project structure
text
my-app/
├── Authon.php ← SDK class
├── index.php ← Your app
└── composer.json (optional)Check cURL is available
bash
php -m | grep curlSDK Implementation
Authon.php
PHP
<?php
class Authon {
private string $appId;
private string $apiKey;
private string $apiUrl;
private string $sessionToken = '';
public array $user = [];
public array $app = [];
public string $lastError = '';
public bool $initialized = false;
public function __construct(string $appId, string $apiKey, string $apiUrl = 'https://api.authon.pro') {
$this->appId = $appId;
$this->apiKey = $apiKey;
$this->apiUrl = $apiUrl;
}
private function post(array $data): array {
$data['appId'] = $this->appId;
$data['apiKey'] = $this->apiKey;
$ch = curl_init($this->apiUrl . '/v1');
curl_setopt_array($ch, [
CURLOPT_RETURNTRANSFER => true,
CURLOPT_POST => true,
CURLOPT_HTTPHEADER => ['Content-Type: application/json'],
CURLOPT_POSTFIELDS => json_encode($data),
CURLOPT_TIMEOUT => 10,
CURLOPT_SSL_VERIFYPEER => true,
]);
$response = curl_exec($ch);
$error = curl_error($ch);
curl_close($ch);
if ($error) {
$this->lastError = $error;
return ['success' => false, 'message' => $error];
}
$result = json_decode($response, true);
if (!($result['success'] ?? false)) {
$this->lastError = $result['message'] ?? 'Unknown error';
}
return $result;
}
public function init(): bool {
$result = $this->post(['type' => 'init']);
if ($result['success'] ?? false) {
$this->app = $result['data'] ?? [];
$this->initialized = true;
return true;
}
return false;
}
public function login(string $username, string $password, string $hwid = ''): bool {
$data = ['type' => 'login', 'username' => $username, 'password' => $password];
if ($hwid) $data['hwid'] = $hwid;
$result = $this->post($data);
if ($result['success'] ?? false) {
$this->user = $result['data'] ?? [];
$this->sessionToken = $this->user['sessionToken'] ?? '';
return true;
}
return false;
}
public function register(string $username, string $password, string $licenseKey, string $hwid = ''): bool {
$data = [
'type' => 'register',
'username' => $username,
'password' => $password,
'licenseKey' => $licenseKey,
];
if ($hwid) $data['hwid'] = $hwid;
$result = $this->post($data);
if ($result['success'] ?? false) {
$this->user = $result['data'] ?? [];
return true;
}
return false;
}
public function license(string $licenseKey, string $hwid = ''): bool {
$data = ['type' => 'license', 'licenseKey' => $licenseKey];
if ($hwid) $data['hwid'] = $hwid;
$result = $this->post($data);
if ($result['success'] ?? false) {
$this->user = $result['data'] ?? [];
$this->sessionToken = $this->user['sessionToken'] ?? '';
return true;
}
return false;
}
public function check(): bool {
$result = $this->post(['type' => 'check', 'sessionToken' => $this->sessionToken]);
return $result['success'] ?? false;
}
public function getVar(string $key): string {
$result = $this->post([
'type' => 'var',
'sessionToken' => $this->sessionToken,
'key' => $key,
]);
if ($result['success'] ?? false) {
return $result['data']['value'] ?? '';
}
return '';
}
public function setVar(string $key, string $value): bool {
$result = $this->post([
'type' => 'setvar',
'sessionToken' => $this->sessionToken,
'key' => $key,
'value' => $value,
]);
return $result['success'] ?? false;
}
public function downloadFile(string $fileId): string {
$result = $this->post([
'type' => 'file',
'sessionToken' => $this->sessionToken,
'fileId' => $fileId,
]);
if ($result['success'] ?? false) {
$url = $this->apiUrl . ($result['data']['downloadUrl'] ?? '');
$ch = curl_init($url);
curl_setopt_array($ch, [
CURLOPT_RETURNTRANSFER => true,
CURLOPT_TIMEOUT => 30,
]);
$data = curl_exec($ch);
curl_close($ch);
return $data ?: '';
}
return '';
}
public function log(string $message): bool {
$result = $this->post([
'type' => 'log',
'sessionToken' => $this->sessionToken,
'message' => $message,
]);
return $result['success'] ?? false;
}
public static function getHWID(): string {
if (PHP_OS_FAMILY === 'Windows') {
$output = shell_exec('wmic baseboard get serialnumber 2>NUL');
$serial = trim(explode("\n", $output ?? '')[1] ?? 'UNKNOWN');
return 'HWID-' . strtoupper(substr(md5($serial), 0, 12));
}
$id = php_uname('n') . php_uname('m') . PHP_OS;
return 'HWID-' . strtoupper(substr(md5($id), 0, 12));
}
}
Quick Start
index.php
PHP
<?php
require_once 'Authon.php';
$APP_ID = 'your-app-id';
$API_KEY = 'your-api-key';
$auth = new Authon($APP_ID, $API_KEY);
// Initialize
echo "[*] Connecting...\n";
if (!$auth->init()) {
echo "[!] Failed: " . $auth->lastError . "\n";
exit(1);
}
echo "[+] Connected to {$auth->app['name']} v{$auth->app['version']}\n";
// Login
$hwid = Authon::getHWID();
echo "Username: ";
$username = trim(fgets(STDIN));
echo "Password: ";
$password = trim(fgets(STDIN));
if (!$auth->login($username, $password, $hwid)) {
echo "[!] Login failed: " . $auth->lastError . "\n";
exit(1);
}
echo "[+] Welcome {$auth->user['username']}!\n";
echo " Level: {$auth->user['level']}\n";
echo " Expires: {$auth->user['expiresAt']}\n";
// Verify session
if ($auth->check()) {
echo "[+] Session verified.\n";
}
// Log activity
$auth->log("User logged in from PHP app");
echo "\nApplication ready!\n";
License-Only Authentication
License key validation
PHP
<?php
require_once 'Authon.php';
$auth = new Authon('your-app-id', 'your-api-key');
$auth->init();
echo "Enter license key: ";
$key = trim(fgets(STDIN));
$hwid = Authon::getHWID();
if ($auth->license($key, $hwid)) {
echo "[+] License valid! Level: {$auth->user['level']}\n";
echo " Expires: {$auth->user['expiresAt']}\n";
} else {
echo "[!] Invalid: " . $auth->lastError . "\n";
}
Server Variables
Working with variables
PHP
// Get app-level variable
$downloadUrl = $auth->getVar('download_url');
$latestVersion = $auth->getVar('app_version');
// Set user-level variable
$auth->setVar('theme', 'dark');
$auth->setVar('last_used', date('Y-m-d'));
echo "Download URL: $downloadUrl\n";
echo "Latest version: $latestVersion\n";
File Download
Download a protected file
PHP
// Download file after authentication
$fileData = $auth->downloadFile('your-file-id');
if ($fileData) {
file_put_contents('downloaded_module.bin', $fileData);
echo "[+] File downloaded (" . strlen($fileData) . " bytes)\n";
} else {
echo "[!] Download failed: " . $auth->lastError . "\n";
}
Error Handling
Error handling pattern
PHP
if (!$auth->login($username, $password, $hwid)) {
$error = $auth->lastError;
if (str_contains($error, 'Invalid credentials')) {
echo "Wrong username or password\n";
} elseif (str_contains($error, 'Hardware ID mismatch')) {
echo "This account is locked to another device\n";
} elseif (str_contains($error, 'Account banned')) {
echo "Your account has been suspended\n";
} elseif (str_contains($error, 'Subscription expired')) {
echo "Your subscription has expired\n";
} else {
echo "Error: $error\n";
}
}
Full Working Example
app.php - Complete application
PHP
<?php
require_once 'Authon.php';
$APP_ID = 'your-app-id';
$API_KEY = 'your-api-key';
$auth = new Authon($APP_ID, $API_KEY);
// Initialize
echo "[*] Connecting to server...\n";
if (!$auth->init()) {
echo "[!] Connection failed: " . $auth->lastError . "\n";
exit(1);
}
echo "[+] {$auth->app['name']} v{$auth->app['version']}\n\n";
$hwid = Authon::getHWID();
echo "[*] HWID: $hwid\n\n";
// Menu
echo "[1] Login\n";
echo "[2] Register\n";
echo "[3] License Key\n\n";
echo "Choice: ";
$choice = trim(fgets(STDIN));
echo "\n";
$success = false;
switch ($choice) {
case '1':
echo "Username: ";
$user = trim(fgets(STDIN));
echo "Password: ";
$pass = trim(fgets(STDIN));
$success = $auth->login($user, $pass, $hwid);
if (!$success) echo "[!] Login failed: " . $auth->lastError . "\n";
break;
case '2':
echo "Username: ";
$user = trim(fgets(STDIN));
echo "Password: ";
$pass = trim(fgets(STDIN));
echo "License Key: ";
$key = trim(fgets(STDIN));
$success = $auth->register($user, $pass, $key, $hwid);
if (!$success) echo "[!] Registration failed: " . $auth->lastError . "\n";
break;
case '3':
echo "License Key: ";
$key = trim(fgets(STDIN));
$success = $auth->license($key, $hwid);
if (!$success) echo "[!] Invalid license: " . $auth->lastError . "\n";
break;
default:
echo "[!] Invalid choice\n";
exit(1);
}
if (!$success) exit(1);
echo "\n[+] Authenticated!\n";
echo " Level: " . ($auth->user['level'] ?? 'N/A') . "\n";
echo " Expires: " . ($auth->user['expiresAt'] ?? 'N/A') . "\n";
$auth->log("Application loaded successfully");
$version = $auth->getVar('app_version');
if ($version) echo " Server version: $version\n";
echo "\nApplication ready!\n";
Web Integration (Laravel/Slim)
Use Authon as a backend license validator in your web application:
Middleware example
PHP
<?php
// Validate a license key submitted via web form
require_once 'Authon.php';
$auth = new Authon('your-app-id', 'your-api-key');
$auth->init();
$key = $_POST['license_key'] ?? '';
if ($auth->license($key)) {
$_SESSION['authenticated'] = true;
$_SESSION['level'] = $auth->user['level'];
$_SESSION['expires'] = $auth->user['expiresAt'];
header('Location: /dashboard');
} else {
$error = urlencode($auth->lastError);
header("Location: /login?error=$error");
}
Notes
PHP Version
Requires PHP 7.4+ for typed properties. For PHP 7.0-7.3, remove type declarations from class properties.
cURL Extension
The cURL extension must be enabled. On most hosts it's enabled by default. Check with php -m | grep curl.
CLI vs Web
Works in both CLI scripts (using fgets for input) and web applications (using $_POST/$_GET for input).
Encoding
Uses json_encode/json_decode for all JSON handling. Ensure your PHP build includes the JSON extension (enabled by default since PHP 8.0).