elzdave / benevolent
A custom user provider to authenticate users to REST API within Laravel framework.
Requires
- guzzlehttp/guzzle: ^7.0
- illuminate/support: ^8.0
Requires (Dev)
- nunomaduro/collision: ^5.10
- orchestra/testbench: ^6.0
- phpunit/phpunit: ~9.0
- roave/no-leaks: ^1.3
README
Use Case
Imagine you built a Laravel-powered website, which needs to communicates to your external API server using REST API. Some of the HTTP requests needs to be authenticated by including access token to the Authorization header. To get the access token, you first authenticate the user to the API server, and then the server return the access token and user data in exchange. You store the access token to use it on every authenticated HTTP requests. All is well until you realize, that default Laravel authentication middleware cannot authenticate user to another server leveraging REST API, and you need to write new authentication logics to cover those requirements...
That's why this package exist. Just install this package, set the config, and you all done!
Installation
Laravel
Require this package in the project.
$ composer require elzdave/benevolent
Publish the config after installation.
$ php artisan vendor:publish --tag=benevolent-config
Usage
User Authentication
- At the
config/auth.php
, change theprovider
entry onguards.web
tobenevolent
- Add the new entry on
.env
and.env.example
, change<your-external-API-base-URI>
to your authentication server's base URI, eg: https://server.api/v1
EXT_API_BASE_URI=<your-external-API-base-URI>
- Optional: adjust some settings to suit your API server design at
config/benevolent.php
Making Authenticated HTTP Request using Authorization header
If you want to make authenticated HTTP requests using the user's access token, use the Elzdave\Benevolent\Http\Http
facade with useAuth()
method
<?php use Elzdave\Benevolent\Http\Http; $data = [ 'data' => 'some-data-to-store' ]; $apiRelativeUrl = 'path/relative/to/base-uri'; $apiResponse = Http::useAuth()->post($apiRelativeUrl, $data);
Change log
Please see the changelog for more information on what has changed recently.
Testing
$ composer test
Contributing
Please see contributing.md for details and a todolist.
Security
If you discover any security related issues, please email the author instead of using the issue tracker.
Credits
License
MIT. Please see the license file for more information.