custom-d/api-authentication
最新稳定版本:v2.2.4
Composer 安装命令:
composer require custom-d/api-authentication
包简介
A api authentication
关键字:
README 文档
README
Package description: Quick start api authentication for Laravel & Passport / Airlock
Installation
Install via composer
composer require custom-d/api-authentication
Publish Configuration File
Publishing configuration file is optional, but allows you to set a defaults such as whether your Laravel instance is using username vs email field for authentication.
php artisan vendor:publish --provider="CustomD\ApiAuthentication\ServiceProvider" --tag="config"
Alternatively, you can use the following environment variables.
| Environment Variable | Default | Description |
|---|---|---|
| CD_API_AUTH_COOKIE_NAME | 'cd-api-token' | cookie to parse from request — recommended to set different values when you have multiple environments under a single domain, e.g. www.xxx, testing.xxx |
| CD_API_AUTH_TOKEN_LIFETIME | 2 | hours |
| CD_API_AUTH_TOKEN_REFRESH | 12 | hours |
| CD_API_AUTH_TOKEN_REMEMBER | 120 | hours |
| CD_API_AUTH_THROTTLE_ATTEMPTS | 10 | no of attemps |
| CD_API_AUTH_THROTTLE_LOCKOUT | 1 | minutes |
| CD_API_AUTH_USERNAME_FIELD | 'email' | database field to use for login |
Add Middlewares
Add the following update to the App\Http\Kernel.php file: under middlewareGroups.api
'api' => [
...
\CustomD\ApiAuthentication\Http\Middleware\CheckHTTPS::class, //Optional if you want to enforce ssl on all the api routes.
\CustomD\ApiAuthentication\Http\Middleware\BearerToken::class,
\Phpsa\LaravelApiController\Http\Middleware\SnakeCaseInputs::class,
],
and (before the authentication middleware) (Laravel 7 only)
protected $middlewarePriority = [
\App\Http\Middleware\EncryptCookies::class,
\CustomD\ApiAuthentication\Http\Middleware\BearerToken::class,
...
and add into the $routeMiddlware array:
'checkHTTPS' => \CustomD\ApiAuthentication\Http\Middleware\CheckHTTPS::class,
'cookie.token' => \CustomD\ApiAuthentication\Http\Middleware\BearerToken::class,
Usage
Add to your routes/api.php (or alternatively overwrite and point the routes to your local versions).
<?php
use CustomD\ApiAuthentication\Http\Controller\ApiVerificationController;
use CustomD\ApiAuthentication\Http\Controller\ApiLoginController;
use CustomD\ApiAuthentication\Http\Controller\ApiRegisterController;
use CustomD\ApiAuthentication\Http\Controller\ApiResetPasswordController;
use CustomD\ApiAuthentication\Http\Controller\ApiForgotPasswordController;
/*
|--------------------------------------------------------------------------
| API Routes
|--------------------------------------------------------------------------
|
| Here is where you can register API routes for your application. These
| routes are loaded by the RouteServiceProvider within a group which
| is assigned the "api" middleware group. Enjoy building your API!
|
*/
Route::group([
'middleware' => ['checkHTTPS', 'cookie.token'],
'as' => 'api.',
'namespace' => 'Api',
], function () {
Route::group(
[
'prefix' => 'auth',
'as' => 'auth.',
'namespace' => 'Auth',
],
function () {
Route::post('login', [ApiLoginController::class, 'login'])->name('login');
Route::post('reset', [ApiResetPasswordController::class, 'reset'])->name('resetpassword');
Route::post('forgotten', [ApiForgotPasswordController::class, 'sendResetLinkEmail'])->name('forgotpassword');
Route::get('verify_email', [ApiVerificationController::class, 'verify'])->name('email.verify');
Route::post('register', [ApiRegisterController::class, 'register'])->name('register');
Route::group([
'middleware' => 'auth:api',
], function () {
Route::get('logout', [ApiLoginController::class, 'logout'])->name('logout');
});
}
);
});
you will now have the following routes available:
- POST api/auth/forgotten
- POST api/auth/login
- GET api/auth/logout
- POST api/auth/register
- POST api/auth/reset
- GET api/auth/verify_email
Password hashing
This package provides a HashPassword trait for use in models with a password attribute. This will automatically hash passwords using Hash::make. In your model:
<?php
namespace App\Models;
use CustomD\ApiAuthentication\Models\Contracts\HashPassword;
use Illuminate\Foundation\Auth\User as Authenticatable;
class User extends Authenticatable
{
// ...
use HashPassword;
}
Extending
Simply in your own app/Http/Controllers/Api folder add your own method extending the default ones to override.
Security
If you discover any security related issues, please email instead of using the issue tracker.
Credits
This package is bootstrapped with the help of melihovv/laravel-package-generator.
统计信息
- 总下载量: 11.54k
- 月度下载量: 0
- 日度下载量: 0
- 收藏数: 0
- 点击次数: 0
- 依赖项目数: 0
- 推荐数: 0
其他信息
- 授权协议: MIT
- 更新时间: 2019-11-17