aist/authentication-middleware

This package is not installable via Composer 1.x, please make sure you upgrade to Composer 2+. Read more about our Composer 1.x deprecation policy.

PSR-7 Authentication Middleware

dev-master 2018-01-17 18:52 UTC

This package is not auto-updated.

Last update: 2021-10-16 12:15:59 UTC


README

Build status Coverage Status Code Climate Sensio Packagist

Minimum PHP Version License

PSR-7 Authentication Middleware.

Installation

Install via composer:

$ composer require aist/authentication-middleware

Configuration

Add configuration file

copy authentication-middleware.global.php.dist to authentication-middleware.global.php

// authentication-middleware.global.php.dist
return [
    'authentication-middleware' => [
        'identity_key' => 'identity',
        'default_redirect_route' => 'login',
        'success_redirect_route' => 'home',
        'success_role_redirect_route' => [
            'admin' => 'admin/dashboard',
            'user' => 'home',
        ],
        'whitelist' => [
            'login',
            'logout',
        ],
    ],
];

Register your own authentication adapter

by invokables

'invokables' => [
    'authentication.adapter' => \App\Authentication\Adapter\YourAdapter::class,
],

or by factories

'factories' => [
    'authentication.adapter' => \App\Authentication\Adapter\YourAdapterFactory::class,
],

Register your own login action

'factories'  => [
    \Aist\AuthenticationMiddleware\Action\LoginAction::class => LoginFactory::class,
],

Register your own login form

'form_elements' => [
    'factories'  => [
        'Aist\AuthenticationMiddleware\Form\LoginForm' => \App\Form\LoginCompanyFormFactory::class,
    ],
],

Add pipe

to protect whole app

// Add more middleware here that needs to introspect the routing results; this
// might include:
//
// - route-based authentication
// - route-based validation
// - etc.

// Authentication middleware
$app->pipe(\Aist\AuthenticationMiddleware\Middleware\AuthenticationMiddleware::class);

// Permission middleware
// At this point, if no identity is set by authentication middleware, the
// UnauthorizedHandler kicks in; alternately, you can provide other fallback
// middleware to execute.
//$app->pipe(\Aist\AuthorizationMiddleware\Middleware\UnauthorizedHandler::class);
// Authorization
$app->pipe(\Aist\AuthorizationMiddleware\Middleware\AuthorizationMiddleware::class);

or use for specific route

$app->get(
    '/',
    [
        \Aist\AuthenticationMiddleware\Middleware\AuthenticationMiddleware::class,
        \Aist\AuthorizationMiddleware\Middleware\AuthorizationMiddleware::class,
        App\Action\DashboardAction::class,
    ],
    'dashboard'
);

Add authentication routes

$app->route('/login', \Aist\AuthenticationMiddleware\Action\LoginAction::class, ['GET', 'POST'], 'login');
$app->get('/logout', Aist\AuthenticationMiddleware\Action\LogoutAction::class, 'logout');