wearesho-team / yii2-authentication
Yii2 authentication integration
1.3.3
2023-12-07 13:48 UTC
Requires
- php: >=7.4
- horat1us/yii2-migration-bootstrap: ^1.3
- wearesho-team/token-generator: ^1.2
- wearesho-team/yii-http: ^1.14
- wearesho-team/yii2-authorization: ^1.3 | ^2.0
- wearesho-team/yii2-tokens: ^1.1
- yiisoft/yii2: ^2.0.47
Requires (Dev)
- horat1us/yii2-asset-free: ^1.0
- phpunit/phpunit: ^9.6
- squizlabs/php_codesniffer: ^3.7
README
Simple Yii2 library to authenticate API users and generate authorization tokens using wearesho-team/yii2-authorization
Installation
Using composer
composer require wearesho-team/yii2-authentication:^1.0
Usage
First, you need to implement IdentityInterface. Then, you can use Controller in your applications.
Configuration
<?php // config.php use Wearesho\Yii2\Authentication; use Wearesho\Yii2\Authorization; return [ 'controllerMap' => [ 'auth' => [ 'class' => Authentication\Controller::class, 'identityClass' => YourIdentityClass::class, 'repository' => Authorization\Repository::class, ], ], ];
HTTP Routes
There is only one action declared in controllers: index. It can be called using different HTTP methods. There is a description for each action in controllers below.
Base controller
POST
Tries to login with passed credentials
- Body params
{ "LoginForm": { "login": "login value", "password": "password value" } }
- Response 202 - When credentials are correct and access token is created
{ "id": "returned user id, integer value", "access": "access token", "refresh": "refresh token" }
- Response 400 - When you passed invalid login/password or one of this attributes is empty
{ "errors": [ { "attribute": "login", "details": "Login is required" }, { "attribute": "password", "details": "password is invalid." } ] }
DELETE
Action for logout
- Query params
?refresh=*refresh token value*
- Response 205 - When token is successfully deleted
[]
- Response 400 - When passed token is invalid or empty
{ "errors": [ { "attribute": "refresh", "details": "Refresh is required" } ] }
PUT
This action interprets token refreshment. Current access token will be deleted, new one will be created and returned.
- Query params:
?refresh=*refresh token value*
- Response 205 - Current token is being deleted and new one is created
{ "id": "returned user id, integer value", "access": "access token", "refresh": "refresh token" }
- Response 400 - When passed token is invalid or empty
{ "errors": [ { "attribute": "refresh", "details": "Refresh is required" } ] }
Two Factor Authentication
There is also and implementation of two-factor authentication in this library.