middlewares / http-authentication
Middleware to implement Basic and Digest Http authentication
Installs: 289 284
Dependents: 2
Suggesters: 0
Security: 0
Stars: 36
Watchers: 3
Forks: 4
Open Issues: 0
Requires
- php: ^7.2 || ^8.0
- middlewares/utils: ^3.0 || ^4.0
- psr/http-server-middleware: ^1.0
Requires (Dev)
- friendsofphp/php-cs-fixer: ^2.0
- laminas/laminas-diactoros: ^2.2 || ^3.0
- oscarotero/php-cs-fixer-config: ^1.0
- phpstan/phpstan: ^0.12
- phpunit/phpunit: ^8 || ^9
- squizlabs/php_codesniffer: ^3.0
README
Middleware to implement RFC 2617 Http Authentication. Contains the following components:
Requirements
- PHP >= 7.2
- A PSR-7 http library
- A PSR-15 middleware dispatcher
Installation
This package is installable and autoloadable via Composer as middlewares/http-authentication.
composer require middlewares/http-authentication
BasicAuthentication
The Basic access authentication is the simplest technique.
You have to provide an Array
or ArrayAccess
with the usernames and passwords of all available users. The keys are the usernames and the values the passwords.
Dispatcher::run([ new Middlewares\BasicAuthentication([ 'username1' => 'password1', 'username2' => 'password2' ]) ]);
Optionally, you can provide a Psr\Http\Message\ResponseFactoryInterface
as the second argument, that will be used to create the error responses (401
). If it's not defined, Middleware\Utils\Factory will be used to detect it automatically.
$responseFactory = new MyOwnResponseFactory(); $route = new Middlewares\BasicAuthentication($users, $responseFactory);
realm
The realm value. By default is "Login".
attribute
The attribute name used to save the username of the user. If it's not defined, it wont be saved. Example:
Dispatcher::run([ (new Middlewares\BasicAuthentication([ 'username1' => 'password1', 'username2' => 'password2' ]))->attribute('username'), function ($request) { $username = $request->getAttribute('username'); return new Response('Hello '.$username); } ]);
verifyHash
This option verifies the password using password_verify
. Useful if you don't want to provide the passwords in plain text.
$users = [ 'username' => password_hash('secret-password', PASSWORD_DEFAULT); ] Dispatcher::run([ (new Middlewares\BasicAuthentication($users)) ->attribute('username') ->verifyHash(), function ($request) { $username = $request->getAttribute('username'); return new Response('Hello '.$username); } ]);
DigestAuthentication
The Digest access authentication is more secure than basic.
The constructor signature is the same than BasicAuthentication
:
$users = [ 'username1' => 'password1', 'username2' => 'password2' ]; $responseFactory = new MyOwnResponseFactory(); Dispatcher::run([ new Middlewares\DigestAuthentication($users, $responseFactory) ]);
realm
The realm value. By default is "Login".
attribute
The attribute name used to save the username of the user. If it's not defined, it wont be saved.
nonce
To configure the nonce value. If its not defined, it's generated with uniqid
Please see CHANGELOG for more information about recent changes and CONTRIBUTING for contributing details.
The MIT License (MIT). Please see LICENSE for more information.