定制 madesimple/slim-auth 二次开发

按需修改功能、优化性能、对接业务系统,提供一站式技术支持

邮箱:yvsm@zunyunkeji.com | QQ:316430983 | 微信:yvsm316

madesimple/slim-auth

Composer 安装命令:

composer require madesimple/slim-auth

包简介

Authentication and authorisation middleware for Slim framework

README 文档

README

Build Status

An authentication and authorisation middleware for Slim 4 framework.

Installation

composer require madesimple/slim-auth

Authentication

A middleware to determine whether the request contains valid authentication token. The middleware has been designed so that it can easily be extended to:

  • handle any type of token retrieval;
  • handle any type of validation method; and,
  • perform any set of actions if authentication was successful.

To use an Authentication middleware to your Slim application simply:

use Slim\Middleware\Authentication\SimpleTokenAuthentication;
/** @var \Slim\App $app The Slim application */
/** @var string $pattern Pattern for either the group or a route */
/** @var callable $callable A callable for a route */

// Add to all routes:
$app->add(new SimpleTokenAuthentication($app->getContainer(), $options));

// Add to a group of routes:
$app->group($pattern, function () {})
    ->add(new SimpleTokenAuthentication($app->getContainer(), $options));

// Add to a specific route:
$app->get($pattern, $callable)
    ->add(new SimpleTokenAuthentication($app->getContainer(), $options));

Side node: We recommend that if you are going to be adding same authentication to more than more groups/routes to put the middleware in dependencies.php.

Default options for authentication are:

[
    // boolean - whether to enforce an https connection
    'secure'      => true,
    // array - list of hostnames/IP addresses to ignore the secure flag
    'relaxed'     => ['localhost', '127.0.0.1'],
    // array - list of environment variables to check for the token (set to an empty array to skip)
    'environment' => ['HTTP_AUTHORIZATION', 'REDIRECT_HTTP_AUTHORIZATION'],
    // string - the header to check for the token (set to false, null, or '' to skip)
    'header'      => 'X-Auth',
    // string - the regex to match the token ($match[$options['index']] is used as the token)
    'regex'       => '/(.*)/',
    // integer - the regex index to use as the token
    'index'       => 1,
    // string - the cookie to check for the token (set to false, null, or '' to skip)
    'cookie'      => 'X-Auth',
    // string - the identifier for the token in the payload
    'payload'     => null,
    // string - the name to store the token in the request attributes
    'attribute'   => 'token',
    // object - an instance of a Psr\LoggerInterface
    'logger'      => null,
];

When authentication fails the middleware throws an HttpUnauthorizedException is thrown.

SimpleTokenAuthentication

Simple token authentication is an implementation of Authentication which allows the user to provide a callable to validate a token. The callable is passed to Simple token authentication using the option:

[
    // callable - function to validate the token [required]
    'validate' => null,
];

The callable should have the following signature:

function ($token): bool {
    /** @var bool $isValid Populated by this function, true if the token is valid */
    return $isValid;
}

JwtAuthentication

JWT authentication is an implementation of Authentication which allows the user to use JWT as authentication tokens. JWT authentication overrides the default regex, and adds two extra options:

[
    // string - Overrides the default regex
    'regex' => '/Bearer\s+(.*)$/i',

    // string - JWT secret [required]
    'secret' => '',
    // array - list of JWT algorithms [optional]
    'algorithm' => ['HS256', 'HS512', 'HS384'],

];

Authorisation

A middleware to determine whether an authenticated request has authorisation to access the requested route.

When Authorisation fails the middleware throws an HttpForbiddenException exception.

Note: If you need to access the route from within your app middleware you will need to add the Middleware\RoutingMiddleware middleware to your application just before you call run().

madesimple/slim-auth 适用场景与选型建议

madesimple/slim-auth 是一款 基于 PHP 开发的 Composer 扩展包,目前已累计 10.71k 次下载、GitHub Stars 达 17, 最近一次更新时间为 2017 年 09 月 13 日, 在 PHP 生态内属于活跃度较高的组件。

我们在过去多个企业项目中使用过 madesimple/slim-auth 或与其功能相近的方案,如果你在选型或落地过程中遇到问题,例如 版本兼容、二次改造、私有化封装、与内部系统对接、生产 BUG 排查,欢迎联系我们协助评估。

围绕 madesimple/slim-auth 我们能提供哪些服务?
定制开发 / 二次开发

基于 madesimple/slim-auth 在你已有业务上做功能扩展、字段裁剪、UI 适配、与内部账号 / 权限 / 日志系统的深度对接。

BUG 修复 & 性能优化

线上偶发问题、内存泄漏、慢查询、并发异常等排查修复;针对高流量场景做缓存、队列、索引层面的调优。

项目外包 & 长期维护

承接完整的项目从需求 → 设计 → 开发 → 上线 → 长期运维;也可按月提供技术保姆服务。

yvsm@zunyunkeji.com QQ:316430983 微信:yvsm316 西安尊云信息科技 · 专注 PHP / Go / 分布式系统研发

统计信息

  • 总下载量: 10.71k
  • 月度下载量: 0
  • 日度下载量: 0
  • 收藏数: 17
  • 点击次数: 0
  • 依赖项目数: 0
  • 推荐数: 0

GitHub 信息

  • Stars: 17
  • Watchers: 2
  • Forks: 4
  • 开发语言: PHP

其他信息

  • 授权协议: MIT
  • 更新时间: 2017-09-13