cegrent / auth0-laravel
Laravel plugin that helps authenticate with the auth0 service
Requires
- php: ^7.1
- auth0/auth0-php: ^7.2.0
- illuminate/contracts: 5.* | ^6.0 | ^7.0 | ^8.0
- illuminate/support: 5.* | ^6.0 | ^7.0 | ^8.0
Requires (Dev)
- dealerdirect/phpcodesniffer-composer-installer: ^0.5.0
- orchestra/testbench: ^3.8|^4.0|^5.0
- phpcompatibility/php-compatibility: ^8.1
- phpunit/phpunit: ^7|^8|^9
- squizlabs/php_codesniffer: ^3.2
This package is auto-updated.
Last update: 2024-11-13 02:52:23 UTC
README
This plugin helps you integrate your Laravel WebApp with Auth0 to achieve Single Sign On with a few simple steps.
- Master targets Laravel 6 compatibility.
- The 3.x branch (not maintained) targets Laravel 5.2 compatibility.
- The 2.x branch (not maintained) targets Laravel 5.0 and 5.1 compatibility.
- If you are working with an older version (Laravel 4.x), use version 1.0.* (not maintained)
Documentation
Please see the Laravel webapp quickstart for a complete guide on how to install this in an existing project or to download a pre-configured sample project. Additional documentation on specific scenarios is below.
Setting up a JWKs cache
In the register
method of your AppServiceProvider
add:
// app/Providers/AppServiceProvider.php use Illuminate\Support\Facades\Cache; // ... public function register() { // ... $this->app->bind( '\Auth0\SDK\Helpers\Cache\CacheHandler', function() { static $cacheWrapper = null; if ($cacheWrapper === null) { $cache = Cache::store(); $cacheWrapper = new LaravelCacheWrapper($cache); } return $cacheWrapper; }); }
You can implement your own cache strategy by creating a new class that implements the Auth0\SDK\Helpers\Cache\CacheHandler
contract, or just use the cache strategy you want by picking that store with Cache::store('your_store_name')
;
Storing users in your database
You can customize the way you handle the users in your application by creating your own UserRepository
. This class should implement the Auth0\Login\Contract\Auth0UserRepository
contract. Please see the Custom User Handling section of the Laravel Quickstart for the latest example.
Using auth guard
To protect APIs using an access token generated by Auth0, there is an auth0
API guard provided (Laravel documentation on guards). To use this guard, add it to config/auth.php
with the driver auth0
:
'guards' => [
...
'auth0' => [
'driver' => 'auth0',
'provider' => 'auth0',
],
],
'providers' => [
...
'auth0' => [
'driver' => 'auth0',
],
],
Once that has been added, add the guard to the middleware of any API route and check authentication during the request:
// get user
auth('auth0')->user();
// check if logged in
auth('auth0')->check();
// protect routes via middleware use
Route::group(['middleware' => 'auth:auth0'], function () {});
Installation
Install this plugin into a new or existing project using Composer:
$ composer require auth0/login:"~5.0"
Additional steps to install can be found in the quickstart.
Contributing
We appreciate feedback and contribution to this repo! Before you get started, please see the following:
Support + Feedback
Include information on how to get support. Consider adding:
What is Auth0?
Auth0 helps you to easily:
- implement authentication with multiple identity providers, including social (e.g., Google, Facebook, Microsoft, LinkedIn, GitHub, Twitter, etc), or enterprise (e.g., Windows Azure AD, Google Apps, Active Directory, ADFS, SAML, etc.)
- log in users with username/password databases, passwordless, or multi-factor authentication
- link multiple user accounts together
- generate signed JSON Web Tokens to authorize your API calls and flow the user identity securely
- access demographics and analytics detailing how, when, and where users are logging in
- enrich user profiles from other data sources using customizable JavaScript rules
License
The Auth0 Laravel Login plugin is licensed under MIT - LICENSE