atlance / jwt-auth
Symfony JWT Authentication
Installs: 9
Dependents: 0
Suggesters: 0
Security: 0
Stars: 0
Watchers: 1
Forks: 0
Open Issues: 0
Type:symfony-bundle
Requires
- php: ^8.2
- atlance/jwt-core: ^0.3
- symfony/clock: ^7.0
- symfony/security-bundle: ^7.0
- symfony/yaml: ^7.0
Requires (Dev)
- brianium/paratest: @dev
- ergebnis/composer-normalize: @dev
- fakerphp/faker: @dev
- friendsofphp/php-cs-fixer: @dev
- overtrue/phplint: @dev
- phpstan/extension-installer: @dev
- phpstan/phpstan: @dev
- phpstan/phpstan-deprecation-rules: @dev
- phpstan/phpstan-phpunit: @dev
- phpstan/phpstan-strict-rules: @dev
- phpstan/phpstan-symfony: @dev
- psalm/plugin-symfony: @dev
- rector/rector: @dev
- squizlabs/php_codesniffer: @dev
- symfony/browser-kit: @dev
- symfony/framework-bundle: ^7.0
- symfony/validator: @dev
- vimeo/psalm: @dev
This package is auto-updated.
Last update: 2024-10-25 21:16:27 UTC
README
Installation
- Generate keys.
- Install package via composer:
composer require atlance/jwt-auth ^7.0. - Configure:
- Copy/paste configuration to
config/packages/atlance_jwt_auth.yaml. - Copy/paste environments to your
.envand configure.
- Copy/paste configuration to
Use Case
Create:
- Implemened:
Atlance\JwtAuth\Security\UseCase\Create\Token\Handler. - Example:
<?php declare(strict_types=1); namespace App\Controller\Login; use Atlance\JwtAuth\Security\UseCase; use Symfony\Bundle\FrameworkBundle\Controller\AbstractController; use Symfony\Component\HttpFoundation\JsonResponse; use Symfony\Component\HttpFoundation\Request; use Symfony\Component\HttpFoundation\Response; use Symfony\Component\PasswordHasher\Hasher\UserPasswordHasherInterface; use Symfony\Component\Routing\Annotation\Route; use Symfony\Component\Security\Core\Exception\UserNotFoundException; use Symfony\Component\Security\Core\User\UserProviderInterface; #[Route('/login', methods: ['POST'])] final class Controller extends AbstractController { public function __invoke( Request $request, UserProviderInterface $provider, UserPasswordHasherInterface $hasher, UseCase\Create\Token\HandlerInterface $handler, ): JsonResponse { /** @var array{username:string,password:string} $dataset */ $dataset = json_decode($request->getContent(), true); try { $user = $provider->loadUserByIdentifier($dataset['username']); $hasher->isPasswordValid($user, $hasher->hashPassword($user, $dataset['password'])); return new JsonResponse(['token' => $handler->handle($user)]); } catch (UserNotFoundException) { return new JsonResponse(status: Response::HTTP_BAD_REQUEST); } } }
Access:
Implemened:
Atlance\JwtAuth\Security\UseCase\Access\Token\HandlerAtlance\JwtAuth\Security\Factory\UserBadgeFactory
# config/packages/security.yaml security: firewalls: main: access_token: token_handler: Atlance\JwtAuth\Security\Factory\UserBadgeFactory
- And Symfony automatically used JWT for authentication.
- More: How to use Access Token Authentication.
- Example:
<?php declare(strict_types=1); namespace App\Controller\Profile; use Symfony\Bundle\FrameworkBundle\Controller\AbstractController; use Symfony\Component\HttpFoundation\JsonResponse; use Symfony\Component\Routing\Annotation\Route; use Symfony\Component\Security\Core\User\UserInterface; use Symfony\Component\Security\Http\Attribute\CurrentUser; use Symfony\Component\Security\Http\Attribute\IsGranted; #[IsGranted('ROLE_USER')] #[Route('/profile', methods: ['GET'])] class ProfileController extends AbstractController { public function __invoke(#[CurrentUser] ?UserInterface $user = null): JsonResponse { return new JsonResponse(['username' => $user->getUserIdentifier()]); } }