mvanduijker / laravel-mercure-broadcaster
Mercure broadcaster
Installs: 21 159
Dependents: 1
Suggesters: 0
Security: 0
Stars: 118
Watchers: 6
Forks: 13
Open Issues: 2
Requires
- php: ^7.4|^8.0
- illuminate/broadcasting: ~6.0|~7.0|~8.0|~9.0|~10.0|~11.0
- lcobucci/jwt: ~4.0
- symfony/mercure: ~0.4
Requires (Dev)
- larapack/dd: ^1.0
- orchestra/testbench: ~4.0|~5.0|~6.0|~7.0|~8.0|~9.0
- phpunit/phpunit: ^9.4|^10.0
- symfony/process: ~4.4|~5.0|~6.0|~7.0
README
Laravel broadcaster for Mercure for doing Server Sent Events in a breeze.
Installation
Make sure you have installed Mercure and have it running. Check their docs how to do it. (It's pretty easy)
Configure laravel to use the Mercure broadcaster by editing config/broadcasting.php for example:
<?php return [ 'default' => env('BROADCAST_DRIVER', 'mercure'), 'connections' => [ // ... 'mercure' => [ 'driver' => 'mercure', 'url' => env('MERCURE_URL', 'http://localhost:3000/.well-known/mercure'), 'secret' => env('MERCURE_SECRET', 'aVerySecretKey'), ], ], ];
Usage
Add an event which implements ShouldBroadcast interface like in https://laravel.com/docs/master/broadcasting#defining-broadcast-events
<?php namespace App\Events; use Duijker\LaravelMercureBroadcaster\Broadcasting\Channel; use Illuminate\Contracts\Broadcasting\ShouldBroadcast; class NewsItemCreated implements ShouldBroadcast { /** * @var NewsItem */ public $newsItem; public function __construct(NewsItem $newsItem) { $this->newsItem = $newsItem; } public function broadcastOn() { return new Channel('http://example/news-items'); } }
In your frontend do something like:
var es = new EventSource('http://localhost:3000/.well-known/mercure?topic=' + encodeURIComponent('http://example/news-items')); es.addEventListener('message', (messageEvent) => { var eventData = JSON.parse(messageEvent.data); console.log(eventData); });
Private channels go a bit differently than with broadcasting through sockets. Private channels are baked in Mercure and are secured with a jwt token.
First create a http middleware, so we can generate the Mercure authentication cookie with the token. Don't forget to add the middleware to your route!
Example:
<?php namespace App\Http\Middleware; use Closure; use Illuminate\Http\Request; use Illuminate\Http\Response; use Illuminate\Support\Facades\Cookie; use Lcobucci\JWT\Configuration; use Lcobucci\JWT\Signer\Hmac\Sha256; use Lcobucci\JWT\Signer\Key\InMemory; class MercureBroadcasterAuthorizationCookie { public function handle(Request $request, Closure $next) { /** @var Response $response */ $response = $next($request); if (!method_exists($response, 'withCookie')) { return $response; } return $response->withCookie($this->createCookie($request->user(), $request->secure())); } private function createCookie($user, bool $secure) { // Add topic(s) this user has access to // This can also be URI Templates (to match several topics), or * (to match all topics) $subscriptions = [ "http://example/user/{$user->id}/direct-messages", ]; $jwtConfiguration = Configuration::forSymmetricSigner( new Sha256(), InMemory::plainText(config('broadcasting.connections.mercure.secret')) ); $token = $jwtConfiguration->builder() ->withClaim('mercure', ['subscribe' => $subscriptions]) ->getToken($jwtConfiguration->signer(), $jwtConfiguration->signingKey()) ->toString(); return Cookie::make( 'mercureAuthorization', $token, 15, '/.well-known/mercure', // or which path you have mercure running parse_url(config('app.url'), PHP_URL_HOST), $secure, true ); } }
Because Laravel encrypts and decrypts cookies by default, don't forget to add an exception for the mercureAuthorization cookie in App\Http\Middleware\EncryptCookies.
Example event:
<?php namespace App\Events; use Duijker\LaravelMercureBroadcaster\Broadcasting\Channel; use Illuminate\Contracts\Broadcasting\ShouldBroadcast; class DirectMessageCreated implements ShouldBroadcast { /** * @var DirectMessage */ public $directMessage; public function __construct(DirectMessage $directMessage) { $this->directMessage = $directMessage; } public function broadcastOn() { return new Channel( "http://example/user/{$this->directMessage->user_id}/direct-messages", true ); } }
Example Frontend:
var es = new EventSource('http://localhost:3000/.well-known/mercure?topic=' + encodeURIComponent('http://example/user/1/direct-messages'), { withCredentials: true }); es.addEventListener('message', (messageEvent) => { var eventData = JSON.parse(messageEvent.data); console.log(eventData); });
Advanced usage
If you want to generate your own JWT, you can do it by overriding the mvanduijker.mercure_broadcaster.publisher_jwt service.
You want to do this if you want to have custom claims, using other signing algorithms, etc. It expects a string back containing the JWT.
Example how the default JWT is generated: https://github.com/mvanduijker/laravel-mercure-broadcaster/blob/master/src/LaravelMercureBroadcasterServiceProvider.php#L32
Make sure you also make the changes in the cookie middleware.
Further reading
Make sure you read the documentation of Mercure and how to run it securely (behind https).
Testing
composer test
Changelog
Please see CHANGELOG for more information on what has changed recently.
Contributing
Please see CONTRIBUTING for details.
Credits
License
The MIT License (MIT). Please see License File for more information.