tkhamez / slim-role-auth
Role-based authorization for the Slim framework
Installs: 9 108
Dependents: 0
Suggesters: 0
Security: 0
Stars: 13
Watchers: 3
Forks: 2
Open Issues: 0
Requires
- php: ^7.4|^8.0
- psr/http-factory: ^1.0
- psr/http-message: ^1.0 || ^2.0
- psr/http-server-handler: ^1.0
- psr/http-server-middleware: ^1.0
- slim/slim: ^4.0
Requires (Dev)
- friendsofphp/php-cs-fixer: ^3.0
- phpstan/phpstan: ^2.0
- phpunit/phpunit: ^9.5
- slim/psr7: ^1.4
Suggests
- ext-xdebug: Allows code coverage analysis with PHPUnit
README
Role-based authorization
Middleware for the Slim 4 framework.
For Slim 3 use the 1.0.0 release.
Installation
With Composer:
composer require tkhamez/slim-role-auth
Usage
Example:
use Tkhamez\Slim\RoleAuth\RoleMiddleware; use Tkhamez\Slim\RoleAuth\SecureRouteMiddleware; $app = Slim\Factory\AppFactory::create(); // Deny access if a required role is missing. $app->add(new SecureRouteMiddleware( new Slim\Psr7\Factory\ResponseFactory(), // Any implementation of Psr\Http\Message\ResponseFactoryInterface. [ // Route pattern -> roles, first "starts-with" match is used. '/secured/public' => ['any'], '/secured' => ['user'], ], ['redirect_url' => null] // Adds "Location" header instead of 403 status code if set. )); // Add roles to request attribute. $app->add(new RoleMiddleware( new App\RoleProvider(), // Any implementation of Tkhamez\Slim\RoleAuth\RoleProviderInterface. ['route_pattern' => ['/secured']] // Optionally limit to these routes. )); // Add routing middleware last, so the Slim router is available from the request. $app->addRoutingMiddleware();
- The
SecureRouteMiddleware
denies access to a route if the required role is missing in the request object. - The
RoleMiddleware
class adds roles provided by theRoleProvider
object to the request object. - You can add multiple role providers for different paths.
For more information, see the inline documentation of the classes.
Dev Env
docker build --tag slim-role-auth . docker run -it --mount type=bind,source="$(pwd)",target=/app --workdir /app slim-role-auth /bin/sh
Changelog
5.1.0 - 2024-11-23
- Compatibility with PHP 8.4.
5.0.0 - 2024-06-01
- Raised minimum required PHP version to 7.4.
4.0.0
- Raised minimum required PHP version to 7.3.
3.0.1
- Update PHP requirement to include version 8 (^7.2|^8.0).
3.0.0
- Raised minimum PHP version to 7.2
- Added a class constant for the name of the request attribute that holds the roles and changed its name.
2.0.1
- Compatibility with Slim 4.4
2.0.0
- Update for Slim 4.
1.0.0
- First stable release.