yiisoft/auth-jwt

Yii auth JWT method

1.0.3 2021-07-27 10:00 UTC

This package is auto-updated.

Last update: 2022-01-12 15:43:22 UTC


README

68747470733a2f2f796969736f66742e6769746875622e696f2f646f63732f696d616765732f7969695f6c6f676f2e737667

Yii Auth JWT


Latest Stable Version Total Downloads Build status Scrutinizer Code Quality Code Coverage Mutation testing badge static analysis type-coverage

The package provides JWT authentication method for Yii Auth.

Requirements

  • PHP 7.4 or higher.

Installation

The package could be installed with composer:

composer require yiisoft/auth-jwt --prefer-dist

General usage

Configuring within Yii

  1. Set JWT parameters in your params.php config file:

    'yiisoft/auth-jwt' => [
        'algorithms' => [
            // your signature algorithms
        ],
        'serializers' => [
            // your token serializers
        ],
        'key' => [
            'secret' => 'your-secret',
            'file' => 'your-certificate-file',
        ],
    ],
  2. Setup definitions, required for \Yiisoft\Auth\Middleware\Authentication middleware in a config, for example, in config/web/auth.php:

    <?php
    
    declare(strict_types=1);
    
    /** @var array $params */
    
    use Yiisoft\Auth\Jwt\TokenManagerInterface;
    use Yiisoft\Auth\Jwt\TokenManager;
    use Yiisoft\Auth\AuthenticationMethodInterface;
    use Yiisoft\Auth\Jwt\JwtMethod;
    
    return [
        KeyFactoryInterface::class => [
            'class' => FromSecret::class,
            '__construct()' => [
                $params['yiisoft/auth-jwt']['key']['secret']
            ],
        ],
        
        AuthenticationMethodInterface::class => JwtMethod::class,
    ];

    Note: Don't forget to declare your implementations of \Yiisoft\Auth\IdentityInterface and \Yiisoft\Auth\IdentityRepositoryInterface.

  3. Use Yiisoft\Auth\Middleware\Authentication middleware. Read more about middlewares in the middleware guide.

Configuring independently

You can configure Authentication middleware manually:

/** @var \Yiisoft\Auth\IdentityRepositoryInterface $identityRepository */
$identityRepository = getIdentityRepository();

$tokenRepository = $container->get(\Yiisoft\Auth\Jwt\TokenRepositoryInterface::class);

$authenticationMethod = new \Yiisoft\Auth\Jwt\JwtMethod($identityRepository, $tokenRepository);

$middleware = new \Yiisoft\Auth\Middleware\Authentication(
    $authenticationMethod,
    $responseFactory, // PSR-17 ResponseFactoryInterface.
    $failureHandler // Optional, \Yiisoft\Auth\Handler\AuthenticationFailureHandler by default.
);

Unit testing

The package is tested with PHPUnit. To run tests:

./vendor/bin/phpunit

Mutation testing

The package tests are checked with Infection mutation framework with Infection Static Analysis Plugin. To run it:

./vendor/bin/roave-infection-static-analysis-plugin

Static analysis

The code is statically analyzed with Psalm. To run static analysis:

./vendor/bin/psalm

License

The Yii Auth JWT is free software. It is released under the terms of the BSD License. Please see LICENSE for more information.

Maintained by Yii Software.