sergeymakinen / yii2-jwt-user
JWT (JSON Web Token) User component for Yii 2
Installs: 546
Dependents: 0
Suggesters: 0
Security: 0
Stars: 16
Watchers: 2
Forks: 4
Open Issues: 0
Type:yii2-extension
Requires
- php: ^5.5 || ^7.0
- lcobucci/jwt: ~3.2.0
- yiisoft/yii2: ~2.0.9
Requires (Dev)
- firebase/php-jwt: ^4.0
- sergeymakinen/yii2-tests: ^2.1.1
README
JWT (JSON Web Token) based Yii 2 User component drop-in replacement.
Installation
The preferred way to install this extension is through composer.
Either run
composer require "sergeymakinen/yii2-jwt-user:^3.0"
or add
"sergeymakinen/yii2-jwt-user": "^3.0"
to the require section of your composer.json file.
Usage
Set the following Yii 2 configuration parameters:
[
'components' => [
'user' => [
'class' => 'sergeymakinen\yii\jwtuser\User',
'identityClass' => 'app\models\User',
'enableAutoLogin' => true, // Optional
'key' => 'random sign key (CHANGE IT!)',
],
],
]
Also set identityClass to whatever your identity class name is.
Don't forget: set key to some random value and make sure it's secret and long enough.
Configuration
You can choose between 3 different modes of sign key generation:
$useAuthKey value |
$appendAuthKey value |
Resulting key |
|---|---|---|
false |
false |
sergeymakinen\yii\jwtuser\User::$key |
true |
false |
yii\web\IdentityInterface::getAuthKey() |
true |
true |
sergeymakinen\yii\jwtuser\User::$keyconcatenated with yii\web\IdentityInterface::getAuthKey() |
Your choice depends on how you're going to use identities, revoke old/compromised keys.
It's also possible to specify "audience" and "issuer" claims (and validate against them) via corresponding $audience and $issuer properties. They both may be either strings or Closure returning a string.