keron-digital/auth-redis-storage-bundle

Redis-backed storage solution for Symfony applications to manage token lifecycles. Provides services for blacklisting invalidated tokens and tracking currently active tokens via their unique IDs (JTI, UUID)

Maintainers

Package info

github.com/keron-digital/symfony-auth-redis-storage-bundle

Type:symfony-bundle

pkg:composer/keron-digital/auth-redis-storage-bundle

Statistics

Installs: 10

Dependents: 0

Suggesters: 0

Stars: 0

Open Issues: 0

Security

Advisories: 0

Aikido package health analysis

v1.0.4 2025-05-05 15:29 UTC

Requires

Requires (Dev)

MIT 053beb44240b30e9ea61d3701518f22acf765048

  • Keron Digital <kerondigital.developing.woop@gmail.com>
  • Alvaro Miguel Lorente <a.miguel.lorente.woop@gmail.com>

redissymfonysecurityAuthenticationbundlesessiontokenblacklistjwtstatelessjti

This package is auto-updated.

Last update: 2026-04-05 17:18:10 UTC

README

Latest Stable Version License Provides Redis-based services for token blacklisting and active token tracking in Symfony applications, using unique token identifiers (e.g., JTI, UUID).

Quick Start

1. Installation

Install the bundle using Composer:

composer require keron-digital/auth-redis-storage-bundle

Enable the bundle in your config/bundles.php:

<?php
// config/bundles.php

return [
    // ... other bundles
    KeronDigital\AuthRedisStorageBundle\KeronDigitalAuthRedisStorageBundle::class => ['all' => true],
];

2. Configuration

Ensure you have a Redis client service already configured in your Symfony application. Then, create the bundle's configuration file and specify your client service ID:

# config/packages/keron_digital_auth_redis_storage.yaml
keron_digital_auth_redis_storage:
    # REQUIRED: Point this to your application's Redis service ID
    # The client service must provide e.g. \Redis, \Predis\ClientInterface, or a PSR Cache Pool using Redis
    redis_client_service_id: 'snc_redis.default' # Example ID, change as needed

The bundle uses default key prefixes (auth:bl: for blacklist, auth:active: for active tokens).

See docs/configuration.md for details on customizing prefixes and other options.

3. Basic Usage

Inject the interfaces into your services where needed:

  • KeronDigital\AuthRedisStorageBundle\Domain\Contract\TokenBlacklistInterface
  • KeronDigital\AuthRedisStorageBundle\Domain\Contract\ActiveTokenStorageInterface

Example: Checking if a token is blacklisted

<?php

namespace App\Security; // Your application's namespace

use KeronDigital\AuthRedisStorageBundle\Domain\Contract\TokenBlacklistInterface;
use Symfony\Component\Security\Core\Exception\AuthenticationException;

class TokenValidator
{
    public function __construct(private readonly TokenBlacklistInterface $blacklist) {}

    /**
     * @throws AuthenticationException
     */
    public function validateTokenId(string $tokenId): void
    {
        if ($this->blacklist->isBlacklisted($tokenId)) {
            // Consider logging this attempt
            throw new AuthenticationException('Token is blacklisted.');
        }
        // ... other validation ...
    }
}

See docs/usage.md for more examples on blacklisting, marking tokens active, checking active status, and revoking.

Documentation

For detailed information, please refer to the docs/ directory:

  • [configuration.md](docs/CONFIGURATION.md): Detailed configuration options.
  • [usage.md](docs/USAGE.md): Comprehensive usage examples.
  • [testing.md](docs/TESTING.md): Information on running the bundle's tests (for contributors).

License

This bundle is released under the MIT License. See the LICENSE file for details.