ramosisw/cakephp-jwt-claims

CakePHP plugin for read claims on jwt token

1.0.0 2018-05-04 17:34 UTC

This package is not auto-updated.

Last update: 2022-05-19 20:42:26 UTC


README

Build Status Coverage Total Downloads License

CakePHP 3.6+ Component to read claims of JWT on Authorization

Installation

composer require ramosisw/cakephp-jwt-claims

Configuration:

Setup ClaimsComponent:

    // In your controller, for e.g. src/Controller/AppController.php
    public function initialize()
    {
        parent::initialize();
        //Config JWT with ADmad Plugin for more info see https://github.com/ADmad/cakephp-jwt-auth
        $this->loadComponent('Auth', [/*..*/]);
        //Load Claims component
        $this->loadComponent('RamosISW/Jwt.Claims',[
            'claims_key' => 'data', //name where is claims on JWT Payload
            //Wath claims be read
            'data' => [
                'user_id', 'user_email', 'user_name'
            ]
        ]);
    }

Working

To read claims on route that user can access

    public function index(){
        //read user email sends on token
        $this->log($this->Claims->user_email);
        
        //set claims to use on view
        $this->set('Claims', $this->Claims);
    }

Token Generation

You can use \Firebase\JWT\JWT::encode() of the firebase/php-jwt lib, which this plugin depends on, to generate tokens.

The payload should have the "sub" (subject) claim whos value is used to query the Users model and find record matching the "id" field.

Generate Claims

    public function generateToken($user){
        $token = \Firebase\JWT\JWT::encode([
                'sub' => $user['id'],
                'exp' => time() + 604800,
                'data' => [
                    'user_id' => $user['id'],
                    'user_email' => $user['email'],
                    'user_name' => $user['username']
                ]
        ], \Cake\Utility\Security::getSalt());
        
        return $token;
    }