t73biz/cakephp2-jwt-auth

Cakephp 2 JWT Authentication

Maintainers

Details

github.com/t73biz/cakephp2-jwt-auth

Homepage

Source

Issues

Installs: 3 103

Dependents: 0

Suggesters: 0

Security: 0

Stars: 7

Watchers: 4

Forks: 13

Type:cakephp-plugin

1.1.0 2016-05-23 01:32 UTC

Requires

Requires (Dev)

MIT 3693b238b30951774a0557e2d56c4102bab75fe1

  • Ronald Chaplin <rchaplin.woop@t73biz.com>
  • Florian Krämer

Authenticationcakephpjwtauthenticate

This package is not auto-updated.

Last update: 2024-04-13 15:11:55 UTC

README

This project is no longer being actively developed.

This plugin is a CakePHP 2.x Authentication component and view helper for JWT.

Components

  • Auth/JwtTokeAuthenticate - A JSON Web Token implementation for CakePHP 2.6.x

Helpers

  • AuthHelper - Utility functions for helping with the authentication of users.

Requirements

  • PHP version: PHP 5.3+
  • CakePHP version: 2.6 Stable

Support

For support and feature request, please visit the JWT Authentication Plugin Support section.

License

Copyright 2011 - 2014, Florian Krämer Copyright 2015, Ronald Chaplin

Licensed under The MIT License
Redistributions of files must retain the above copyright notice.

Copyright

Copyright 2011 - 2014 Florian Krämer http://github.com/burzum

Copyright 2015 Ronald Chaplin http://github.com/t73biz

Version

1.0.6

Installation

composer require t73biz/cakephp2-jwt-auth 1.0.6

This will install into the Plugin directory (in the JwtAuth folder). To run the tests, simply navigate to your webroot/test.php and follow the links for the test cases for the Authentication Adapter.

Usage

Configuration

You can either declare this in your Controller's $components array, or on the fly in an action (if you need to load any configuration values, which you can't do when declaring in the $components array, for example).

public $components = array(
    'Auth' => array(
        'authenticate' => array(
            'JwtAuth.JwtToken' => array(
                'fields' => array(
                    'username' => 'username',
                    'password' => 'password',
                    'token' => 'public_key',
                ),
                'parameter' => '_token',
                'userModel' => 'User',
                'scope' => array('User.active' => 1),
                'pepper' => 'sneezing',
            ),
        ),
    ),
);

Or

$this->Auth->authenticate['JwtAuth.JwtToken'] = array(
    'fields' => array(
        'username' => 'username',
        'password' => 'password',
        'token' => 'public_key',
    ),
    'parameter' => '_token',
    'userModel' => 'User',
    'scope' => array('User.active' => 1),
    'pepper' => Configure::read('API.token.pepper'),
);

Where (excluding common authentication items):

  • fields is an array containing the details of which passed values (POSTed) contain the username, password and token
    • token is used to hold a unique key against the user once authenticated and is also stored in the JWT
  • parameter is the query string parameter that could hold the JWT
  • header is the HTTP header that could hold the JWT
  • pepper is the salt to use when encrypting your JWT (keep this super secret!)

Defaults

array(
    'fields' => array(
        'username' => 'username',
        'token' => 'token'
    ),
    'parameter' => '_token',
    'header' => 'X_JSON_WEB_TOKEN',
    'userModel' => 'User',
    'scope' => array(),
    'recursive' => 0,
    'contain' => null,
    'pepper' => '123'
);

Authentication

You can authenticate by passing a valid JWT as either:

  • The query string parameter defined as parameter in the config array (defaults to _token)
  • The contents of the header defined as header in the config array (defaults to X_JSON_WEB_TOKEN)

TODO

Implement an end to end example for inside clients and 3rd party client usage.