keron-digital / auth-redis-storage-bundle
Redis-backed storage solution for Symfony applications to manage token lifecycles. Provides services for blacklisting invalidated tokens and tracking currently active tokens via their unique IDs (JTI, UUID)
Installs: 10
Dependents: 0
Suggesters: 0
Security: 0
Stars: 0
Watchers: 0
Forks: 0
Open Issues: 0
Type:symfony-bundle
Requires
- php: >=8.1
- ext-redis: *
- symfony/config: ^6.4
- symfony/dependency-injection: ^6.4
- symfony/framework-bundle: ^6.4
- symfony/http-kernel: ^6.4
- symfony/yaml: ^6.4
Requires (Dev)
- ergebnis/composer-normalize: ^2.47
- friendsofphp/php-cs-fixer: ^3.75
- phpmd/phpmd: ^2.15
- phpstan/extension-installer: ^1.4
- phpstan/phpstan: ^2.1
- phpstan/phpstan-phpunit: ^2.0
- phpstan/phpstan-symfony: ^2.0
- phpunit/phpunit: ^10.5
README
Provides Redis-based services for token blacklisting and active token tracking in Symfony applications, using unique token identifiers (e.g., JTI, UUID).
Quick Start
1. Installation
Install the bundle using Composer:
composer require keron-digital/auth-redis-storage-bundle
Enable the bundle in your config/bundles.php:
<?php // config/bundles.php return [ // ... other bundles KeronDigital\AuthRedisStorageBundle\KeronDigitalAuthRedisStorageBundle::class => ['all' => true], ];
2. Configuration
Ensure you have a Redis client service already configured in your Symfony application. Then, create the bundle's configuration file and specify your client service ID:
# config/packages/keron_digital_auth_redis_storage.yaml keron_digital_auth_redis_storage: # REQUIRED: Point this to your application's Redis service ID # The client service must provide e.g. \Redis, \Predis\ClientInterface, or a PSR Cache Pool using Redis redis_client_service_id: 'snc_redis.default' # Example ID, change as needed
The bundle uses default key prefixes (auth:bl: for blacklist, auth:active: for active tokens).
See docs/configuration.md for details on customizing prefixes and other options.
3. Basic Usage
Inject the interfaces into your services where needed:
KeronDigital\AuthRedisStorageBundle\Domain\Contract\TokenBlacklistInterfaceKeronDigital\AuthRedisStorageBundle\Domain\Contract\ActiveTokenStorageInterface
Example: Checking if a token is blacklisted
<?php namespace App\Security; // Your application's namespace use KeronDigital\AuthRedisStorageBundle\Domain\Contract\TokenBlacklistInterface; use Symfony\Component\Security\Core\Exception\AuthenticationException; class TokenValidator { public function __construct(private readonly TokenBlacklistInterface $blacklist) {} /** * @throws AuthenticationException */ public function validateTokenId(string $tokenId): void { if ($this->blacklist->isBlacklisted($tokenId)) { // Consider logging this attempt throw new AuthenticationException('Token is blacklisted.'); } // ... other validation ... } }
See docs/usage.md for more examples on blacklisting, marking tokens active, checking active status, and revoking.
Documentation
For detailed information, please refer to the docs/ directory:
[configuration.md](docs/CONFIGURATION.md): Detailed configuration options.[usage.md](docs/USAGE.md): Comprehensive usage examples.[testing.md](docs/TESTING.md): Information on running the bundle's tests (for contributors).
License
This bundle is released under the MIT License. See the LICENSE file for details.