README

This documentation follows the project's Coding Standards and PHPDoc Style Guide.

Project Overview

ometra/caronte-client is a Laravel package that integrates any Laravel host application with the Caronte centralised authentication server. It handles:

• JWT user authentication (login, logout, 2FA, password recovery)
• Automatic token validation and renewal on every request
• Role-based access control tied to a central role registry
• A ready-to-use management UI for users and roles
• Server-to-server inter-app communication via application tokens

Primary audience: Internal development teams adding Caronte authentication to a Laravel application.

Project Type & Tech Summary

Quick Start

1. Install the package

   composer require ometra/caronte-client

2. Publish the configuration

   php artisan vendor:publish --tag=caronte:config

3. Add the three required environment variables

   CARONTE_URL=https://your-caronte-server.example.com
   CARONTE_APP_CN=your-app-canonical-name
   CARONTE_APP_SECRET=a-secret-at-least-32-characters-long

4. Run migrations (creates local user cache tables)

   php artisan migrate

5. Protect routes with the provided middleware:

   Route::middleware(['caronte.session', 'caronte.roles:admin'])->group(...);

6. Sync your configured roles with the Caronte server:

   php artisan caronte:roles:sync

7. Visit the management UI at /caronte/management (default).

See Deployment Instructions for the full setup guide.

Documentation Index

• Deployment Instructions
• API Documentation
• Routes Documentation
• Artisan Commands
• Tests Documentation
• Architecture Diagrams
• Monitoring
• Business Logic & Core Processes
• Open Questions & Assumptions