tkhamez/slim-role-auth

Role-based authorization for the Slim framework

5.0.0 2024-06-01 17:45 UTC

This package is auto-updated.

Last update: 2024-11-17 19:35:35 UTC


README

build Test Coverage Packagist Downloads

Role-based authorization

Middleware for the Slim 4 framework.

For Slim 3 use the 1.0.0 release.

Installation

With Composer:

composer require tkhamez/slim-role-auth

Usage

Example:

use Tkhamez\Slim\RoleAuth\RoleMiddleware;
use Tkhamez\Slim\RoleAuth\SecureRouteMiddleware;

$app = Slim\Factory\AppFactory::create();

// Deny access if a required role is missing.
$app->add(new SecureRouteMiddleware(
    new Slim\Psr7\Factory\ResponseFactory(), // Any implementation of Psr\Http\Message\ResponseFactoryInterface.
    [
        // Route pattern  -> roles, first "starts-with" match is used.
        '/secured/public' => ['any'],
        '/secured'        => ['user'],
    ],
    ['redirect_url' => null] // Adds "Location" header instead of 403 status code if set.
));

// Add roles to request attribute.
$app->add(new RoleMiddleware(
    new App\RoleProvider(), // Any implementation of Tkhamez\Slim\RoleAuth\RoleProviderInterface.
    ['route_pattern' => ['/secured']] // Optionally limit to these routes.
));

// Add routing middleware last, so the Slim router is available from the request.
$app->addRoutingMiddleware();
  • The SecureRouteMiddleware denies access to a route if the required role is missing in the request object.
  • The RoleMiddleware class adds roles provided by the RoleProvider object to the request object.
  • You can add multiple role providers for different paths.

For more information, see the inline documentation of the classes.

Dev Env

docker build --tag slim-role-auth .
docker run -it --mount type=bind,source="$(pwd)",target=/app --workdir /app slim-role-auth /bin/sh

Changelog

5.0.0 - 2024-06-01

  • Raised minimum required PHP version to 7.4.

4.0.0

  • Raised minimum required PHP version to 7.3.

3.0.1

  • Update PHP requirement to include version 8 (^7.2|^8.0).

3.0.0

  • Raised minimum PHP version to 7.2
  • Added a class constant for the name of the request attribute that holds the roles and changed its name.

2.0.1

  • Compatibility with Slim 4.4

2.0.0

  • Update for Slim 4.

1.0.0

  • First stable release.