hogus/api-signature

laravel api signature

Maintainers

Details

github.com/hogus2037/api-signature

Source

Issues

Installs: 2

Dependents: 0

Suggesters: 0

Security: 0

Stars: 0

Watchers: 1

Forks: 0

Open Issues: 0

1.0 2024-05-13 04:54 UTC

Requires

MIT f400880a0ee4b65d0338922ea5560b2ab8cd2133

  • hogus <hogus2037.woop@gmail.com>

This package is auto-updated.

Last update: 2024-10-13 05:54:36 UTC

README

Install

composer require hogus/api-signature

Publish Config

php artisan vendor:publish --provider=Hogus\\ApiSignature\\ApiSignatureServiceProvider

Env

#sign
API_SIGN_ENABLED=true
API_SIGN_SECRET=secret
#API_SIGN_KEY=sign
#API_SIGN_TIMESTAMP_KEY=timestamp
#API_SIGN_TIMEOUT=60

Http Middleware

Add the API signature middleware to the middleware aliases in your Kernel.php file:

protected $middlewareAliases = [
    //...,
    'sign' => \Hogus\ApiSignature\Middleware\ApiSignature::class,
]

Router

Apply the sign middleware to the desired routes or route groups:

Route::middleware('sign:api')->group(function () {
    // your routes
});

This ensures that the API signature will be verified for all requests to these routes.

Custom Exceptions (options)

If you want to handle API signature verification exceptions in a custom way, you can define a renderable closure in your app/Exceptions/Handler.php file. For example, to return a JSON response containing the error message:

use Hogus\ApiSignature\ApiSignatureException;
$this->renderable(function (ApiSignatureException $exception, $request) {
    return response()->json(['message' => $exception->getMessage()]);
});

Supports

  • MD5
  • Hash(sha256)