middlewares/http-authentication

Middleware to implement Basic and Digest Http authentication

v1.1.0 2018-08-04 10:41 UTC

README

Latest Version on Packagist Software License Build Status Quality Score Total Downloads SensioLabs Insight

Middleware to implement RFC 2617 Http Authentication. Contains the following components:

Requirements

Installation

This package is installable and autoloadable via Composer as middlewares/http-authentication.

composer require middlewares/http-authentication

BasicAuthentication

The Basic access authentication is the simplest technique.

__construct(array|ArrayAccess $users)

Array or ArrayAccess with the usernames and passwords of all available users. The keys are the usernames and the values the passwords.

realm(string $realm)

The realm value. By default is "Login".

attribute(string $attribute)

The attribute name used to save the username of the user. If it's not defined, it wont be saved. Example:

$dispatcher = new Dispatcher([
    (new Middlewares\BasicAuthentication([
        'username1' => 'password1',
        'username2' => 'password2'
    ]))->attribute('username'),

    function ($request) {
        $username = $request->getAttribute('username');

        return new Response('Hello '.$username);
    }
]);

$response = $dispatcher->dispatch(new ServerRequest());

responseFactory(Psr\Http\Message\ResponseFactoryInterface $responseFactory)

A PSR-17 factory to create 401 responses.

DigestAuthentication

The Digest access authentication is more secure than basic.

__construct(array|ArrayAccess $users)

Array or ArrayAccess with the usernames and passwords of all available users. The keys are the usernames and the values the passwords.

realm(string $realm)

The realm value. By default is "Login".

attribute(string $attribute)

The attribute name used to save the username of the user. If it's not defined, it wont be saved. Example:

nonce(string $nonce)

To configure the nonce value. If its not defined, it's generated with uniqid

$dispatcher = new Dispatcher([
    (new Middlewares\DigestAuthentication([
        'username1' => 'password1',
        'username2' => 'password2'
    ]))->attribute('username'),

    function ($request) {
        $username = $request->getAttribute('username');

        return new Response('Hello '.$username);
    }
]);

$response = $dispatcher->dispatch(new ServerRequest());

responseFactory(Psr\Http\Message\ResponseFactoryInterface $responseFactory)

A PSR-17 factory to create 401 responses.

Please see CHANGELOG for more information about recent changes and CONTRIBUTING for contributing details.

The MIT License (MIT). Please see LICENSE for more information.