Search by 
tunaaoguzhann / php-auth-api
Modern PHP Authentication API with JWT and Redis
dev-main
2025-01-02 11:25 UTC
Requires
- php: ^8.1
- firebase/php-jwt: ^6.0
- predis/predis: ^2.0
- vlucas/phpdotenv: ^5.5
Requires (Dev)
- phpunit/phpunit: ^10.0
This package is auto-updated.
Last update: 2025-04-30 12:18:34 UTC
README
Modern PHP Authentication API with JWT, Redis, and Request/Response handling.
Features
- JWT based authentication
- Redis token management
- MySQL database integration
- Modern Request/Response handling
- Router with middleware support
- Easy integration
Requirements
- PHP 8.1+
- MySQL/MariaDB
- Redis
- Composer
Installation
- Install via Composer:
composer require tunaaoguzhann/php-auth-api
- Create
.envfile in your project root:
# Application APP_DEBUG=true # Database DB_HOST=localhost DB_PORT=3306 DB_DATABASE=auth_api DB_USERNAME=your_db_username DB_PASSWORD=your_db_password # Redis REDIS_HOST=localhost REDIS_PORT=6379 # JWT Settings JWT_SECRET=your-secret-key-here JWT_EXPIRES_IN=3600
- Create the users table in your database:
CREATE TABLE users ( id INT AUTO_INCREMENT PRIMARY KEY, email VARCHAR(255) UNIQUE NOT NULL, password VARCHAR(255) NOT NULL, created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP );
Usage
Basic Setup
Create an index.php file in your project root:
<?php require __DIR__ . '/vendor/autoload.php'; use Tunaaoguzhann\PhpAuthApi\Router\Router; $dotenv = Dotenv\Dotenv::createImmutable(__DIR__); $dotenv->load(); header('Content-Type: application/json'); header('Access-Control-Allow-Origin: *'); header('Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS'); header('Access-Control-Allow-Headers: Content-Type, Authorization'); $router = new Router(); $router->run();
Available Endpoints
Register
POST /api/auth/register Content-Type: application/json { "email": "user@example.com", "password": "password123" } Response: { "status": "success", "data": { "message": "User registered successfully", "user_id": 1 } }
Login
POST /api/auth/login Content-Type: application/json { "email": "user@example.com", "password": "password123" } Response: { "status": "success", "data": { "token": "your.jwt.token", "message": "Login successful" } }
Get Profile
GET /api/user/profile Authorization: Bearer your.jwt.token Response: { "status": "success", "data": { "id": 1, "email": "user@example.com", "created_at": "2024-01-01 00:00:00" } }
Custom Implementation
Adding New Routes
use Tunaaoguzhann\PhpAuthApi\Router\Router; $router = new Router(); $router->addRoute('/api/custom/route', ['GET'], [YourController::class, 'method']);
Using Request/Response
use Tunaaoguzhann\PhpAuthApi\Http\Request; use Tunaaoguzhann\PhpAuthApi\Http\Response; class YourController { public static function method(Request $request): Response { $data = $request->post('key'); return Response::success(['data' => $data]); } }
Using Authentication
use Tunaaoguzhann\PhpAuthApi\Http\Request; use Tunaaoguzhann\PhpAuthApi\Http\Response; use Tunaaoguzhann\PhpAuthApi\Controllers\AuthController; class YourController { public static function protectedMethod(Request $request): Response { $userId = AuthController::validateToken($request->bearerToken()); if (!$userId) { return Response::unauthorized(); } return Response::success(['user_id' => $userId]); } }
Security
- JWT tokens are securely generated and validated
- Redis token management prevents token reuse
- SQL injection protection through PDO
- CORS headers for API security
- Request validation and sanitization
Contributing
Contributions are welcome! Please feel free to submit a Pull Request.
License
This project is licensed under the MIT License.