exodusanto/laravel-concierge

Api token authentication for laravel projects

v0.5.0 2020-09-15 17:04 UTC

This package is auto-updated.

Last update: 2022-09-15 21:35:32 UTC


README

Latest Version on Packagist Build Status Total Downloads

Extend the base solution from Laravel with some new features

  • Auto refresh user token on GET requests
  • Refresh/Revoke methods
  • Blade directive

Installation

You can install the package via composer:

composer require exodusanto/laravel-concierge

Usage

1. Migration

Migrate your user table with api_token and api_token_refreshed_at.

Schema::table('users', function (Blueprint $table) {
    $table->string('api_token')->nullable();
    $table->timestamp('api_token_refreshed_at')->nullable();
});

api_token_refreshed_at

This attribute is use to store the timestamp of api_token update

2. Model

Add RefreshApiToken trait and RefreshApiTokenContract contract to your model

class User extends BaseUser implements RefreshApiTokenContract
{
    use RefreshApiToken;
}

3. Config

Publish concierge config

php artisan vendor:publish --tag=concierge-config

Use the same key to identify the right model in auth.providers and concierge.tokens_lifetime

// config/auth.php
'providers' => [
    'users' => [
        'driver' => 'eloquent',
        'model' => App\User::class,
    ],
]

// config/concierge.php
'tokens_lifetime' => [
    'users' => 10800 // 3h
]

4. Middleware

Append RefreshApiToken to your application web middleware group

// app/Http/Kernel.php
protected $middlewareGroups = [
    'web' => [
        ...
        \Exodusanto\Concierge\Http\Middleware\RefreshApiToken::class,
    ],

@Concierge

Concierge is shipped with a custom Blade directive, it will render the token of the authenticated user

@concierge

<!-- Rendered to -->
<script>
    __CONCIERGE__ = { "api_token": "XXXXXXXXXXXX" }
</script>

@Concierge options

@concierge($guard, $attributeName)

@concierge('other_guard', 'my_token')

<!-- Rendered to -->
<script>
    <!-- Token of other_guard authenticated user -->
    __CONCIERGE__ = { "my_token": "XXXXXXXXXXXX" }
</script>

Testing

composer test

Changelog

Please see CHANGELOG for more information what has changed recently.

Contributing

Please see CONTRIBUTING for details.

Security

If you discover any security related issues, please email info@antoniodalsie.com instead of using the issue tracker.

Credits

License

The MIT License (MIT). Please see License File for more information.

Laravel Package Boilerplate

This package was generated using the Laravel Package Boilerplate.