yiisoft / auth-jwt
Yii auth JWT method
Fund package maintenance!
Open Collective
yiisoft
Installs: 1 442
Dependents: 0
Suggesters: 0
Security: 0
Stars: 31
Watchers: 18
Forks: 10
Open Issues: 2
Requires
- php: ^7.4|^8.0
- psr/http-message: ^1.0
- web-token/jwt-checker: ~2.2|~3.0
- web-token/jwt-core: ~2.2|~3.0
- web-token/jwt-key-mgmt: ~2.2|~3.0
- web-token/jwt-signature: ~2.2|~3.0
- web-token/jwt-signature-algorithm-ecdsa: ~2.2|~3.0
- web-token/jwt-signature-algorithm-hmac: ~2.2|~3.0
- web-token/jwt-signature-algorithm-rsa: ~2.2|~3.0
- yiisoft/auth: ^3.0
- yiisoft/http: ^1.2
- yiisoft/json: ^1.0
Requires (Dev)
- maglnet/composer-require-checker: ^3.8|^4.2
- nyholm/psr7: ^1.3
- phpunit/phpunit: ^9.5
- rector/rector: ^0.18.2
- roave/infection-static-analysis-plugin: ^1.16
- spatie/phpunit-watcher: ^1.23
- vimeo/psalm: ^4.30|^5.6
- yiisoft/di: ^1.1
- yiisoft/injector: ^1.1
README
Yii Auth JWT
The package provides JWT authentication method for Yii Auth.
Requirements
- PHP 7.4 or higher.
Installation
The package could be installed with composer:
composer require yiisoft/auth-jwt
General usage
Configuring within Yii
-
Set JWT parameters in your
params.phpconfig file:'yiisoft/auth-jwt' => [ 'algorithms' => [ // your signature algorithms ], 'serializers' => [ // your token serializers ], 'key' => [ 'secret' => 'your-secret', 'file' => 'your-certificate-file', ], ],
-
Setup definitions, required for
\Yiisoft\Auth\Middleware\Authenticationmiddleware in a config, for example, inconfig/web/auth.php:<?php declare(strict_types=1); /** @var array $params */ use Yiisoft\Auth\Jwt\TokenManagerInterface; use Yiisoft\Auth\Jwt\TokenManager; use Yiisoft\Auth\AuthenticationMethodInterface; use Yiisoft\Auth\Jwt\JwtMethod; return [ KeyFactoryInterface::class => [ 'class' => FromSecret::class, '__construct()' => [ $params['yiisoft/auth-jwt']['key']['secret'] ], ], AuthenticationMethodInterface::class => JwtMethod::class, ];
Note: Don't forget to declare your implementations of
\Yiisoft\Auth\IdentityInterfaceand\Yiisoft\Auth\IdentityRepositoryInterface. -
Use
Yiisoft\Auth\Middleware\Authenticationmiddleware. Read more about middlewares in the middleware guide.
Configuring independently
You can configure Authentication middleware manually:
/** @var \Yiisoft\Auth\IdentityRepositoryInterface $identityRepository */ $identityRepository = getIdentityRepository(); $tokenRepository = $container->get(\Yiisoft\Auth\Jwt\TokenRepositoryInterface::class); $authenticationMethod = new \Yiisoft\Auth\Jwt\JwtMethod($identityRepository, $tokenRepository); $middleware = new \Yiisoft\Auth\Middleware\Authentication( $authenticationMethod, $responseFactory, // PSR-17 ResponseFactoryInterface. $failureHandler // Optional, \Yiisoft\Auth\Handler\AuthenticationFailureHandler by default. );
Unit testing
The package is tested with PHPUnit. To run tests:
./vendor/bin/phpunit
Mutation testing
The package tests are checked with Infection mutation framework with Infection Static Analysis Plugin. To run it:
./vendor/bin/roave-infection-static-analysis-plugin
Static analysis
The code is statically analyzed with Psalm. To run static analysis:
./vendor/bin/psalm
License
The Yii Auth JWT is free software. It is released under the terms of the BSD License.
Please see LICENSE for more information.
Maintained by Yii Software.