intervention/httpauth

HTTP Authentication Management for PHP

4.0.1 2023-06-13 15:43 UTC

README

Library to manage HTTP authentication with PHP.

Latest Version build Monthly Downloads

Installation

You can install this package quick and easy with Composer.

Require the package via Composer:

$ composer require intervention/httpauth

Usage

The workflow is easy. Just create an authentication instance in the first step and secure your resource with a second step.

Create authentication instance

To create HTTP authentication instances you can choose between different methods.

Create instance by using static factory method

use Intervention\HttpAuth\Authenticator;

$auth = Authenticator::basic('Secured Realm');
$auth->withUsername('admin');
$auth->withPassword('secret');

Create instance by using static universal factory method

use Intervention\HttpAuth\Authenticator;

// create basic auth by array
$auth = Authenticator::make([
    'type' => 'basic',
    'realm' => 'Secure Resource',
    'username' => 'admin',
    'password' => 'secret',
]);

Create instance by using class constructor

use Intervention\HttpAuth\Authenticator;

$auth = new Authenticator(
   'basic',
   'Secure Resource',
   'admin',
   'secret'
);

// alternatively use methods to set properties
$auth = new Authenticator();
$auth->withType('digest');
$auth->withRealm('Secure');
$auth->withCredentials('admin', 'secret');

Ask user for credentials

After you created a HTTP authentication instance, you have to call secure() to secure the resource. This results in a 401 HTTP response and the browser asking for credentials.

$auth->secure();

Server Configuration

Apache

If you are using Apache and running php with fast-cgi, check setting headers: https://support.deskpro.com/en/kb/articles/missing-authorization-headers-with-apache

License

Intervention HttpAuth Class is licensed under the MIT License.