onetechasia / cognito
User manage / login / register / forgot password with aws cognito
Requires
- php: ^8.1
- aws/aws-sdk-php: ^3.268
- guzzlehttp/guzzle: ^7.5
Requires (Dev)
- phpunit/phpunit: >=9.0
This package is auto-updated.
Last update: 2024-12-27 10:26:47 UTC
README
You can install the package via composer.
composer require onetechasia/cognito
Next you can publish the config
php artisan vendor:publish --provider="Onetech\Cognito\Providers\CognitoServiceProvider"
Configure
Add config to environment file: .env
# AWS Cognito configurations AWS_ACCESS_KEY_ID="" AWS_SECRET_ACCESS_KEY="" AWS_COGNITO_CLIENT_ID="" AWS_COGNITO_CLIENT_SECRET="" AWS_COGNITO_USER_POOL_ID="" AWS_COGNITO_REGION="us-east-1" AWS_COGNITO_VERSION="latest"
Last but not least you want to change the auth driver: config/auth.php
'guards' => [ 'cognito-token' => [ 'driver' => 'cognito-token', // This line is important for using AWS Cognito as API Driver 'provider' => 'users', ], ],
Add to middleware for authentication: app/Http/Kernel.php
protected $routeMiddleware = [ 'onetech.cognito' => \Onetech\Cognito\Http\Middleware\CognitoAuthenticate::class, ];
Usage
Our package is providing you these traits you can just add to your Auth Controllers to get our package running.
- Onetech\Cognito\Auth\AuthenticatesUsers
- Onetech\Cognito\Auth\RegistersUsers
- Onetech\Cognito\Auth\RefreshToken
use Onetech\Cognito\Auth\RegistersUsers; use Onetech\Cognito\Auth\AuthenticatesUsers; use Onetech\Cognito\Auth\RefreshToken; class UserController { use CognitoAuthenticatesUsers, RegistersUsers, RefreshToken; }
Using in code.
- Registering to cognito:
Payload: username = email or custom username, password belong to policy of cognito need validation
{
"name": "Le Duy",
"username": "duy@onetech.vn",
"email": "duy@onetech.vn",
"password": "123456",
"any attributes": "add more if needed"
}
//Registering user $bool = $this->createCognitoUser($request); //return boolean
- Login cognito
Payload: username and password is required
{
"username": "duy@onetech.vn",
"password": "password",
"remember": true
}
//Login user $check = $this->attemptLogin($request); //Response using AccessToken for call API //Response using RefreshToken to fetch new AccessToken //Response using IdToken to get user information
- Fetch new token
Payload: username and refresh_token is required
{
"username": "duy@onetech.vn",
"refresh_token": "refresh token"
}
//Fetch new AccessToken and IdToken $response = $this->refreshCoginitoToken($request); //Same API login
- Set user password use for reset password
Payload: username and refresh_token is required
{
"username": "duy@onetech.vn",
"password": "password"
}
$check = $this->setUserPassword($request);
- Change user password
API call need add header. Authorization: Bearer AccessToken
Payload: old_password and new_password is required
{
"old_password": "old password",
"new_password": "new password"
}
$accessToken = Auth::guard('cognito-token')->getTokenForRequest(); $oldPassword = $request->old_password; $newPassword = $request->new_password; $check = $this->changeUserPassword($accessToken, $oldPassword, $newPassword);
- Get User Info
You can using IdToken parse user info or call api to get information
API call need add header. Authorization: Bearer AccessToken
$userInfo = Auth::guard('cognito-token')->user();
- Sign out user
API call need add header. Authorization: Bearer AccessToken
$accessToken = Auth::guard('cognito-token')->getTokenForRequest(); $check = $this->signOut($accessToken);