zainburfat/rbac

This package allows you to manage user permissions and roles in a database and authentication and authorization

Maintainers

Details

github.com/Zainulabdin-burfat/rbac

Source

Issues

Installs: 0

Dependents: 0

Suggesters: 0

Security: 0

Stars: 0

Watchers: 1

Forks: 0

Open Issues: 0

v1.0.12 2023-01-09 09:49 UTC

Requires

MIT 8d81cfc0b652665b64828cd420077380ce7c8b19

  • Zain ul abdin <zainburfat112.woop@gmail.com>

This package is auto-updated.

Last update: 2024-04-19 17:21:30 UTC

README

Total Downloads License

Laravel - Role Based Access Control

Custom Route Wise Access Control
This package allows you to manage user permissions and roles in a database and Authentication and Authorization
  1. Custom RBAC user based roles and permissions package
  2. Custom RBAC provides flexibility to use Laravel/Passport in a manner of minutes.
Prerequisites
Laravel ^8.0 Php ^7.3 Laravel/Passport ^10.4
Commands
composer require zainburfat/rbac
Run migrations:
php artisan migrate
Install Passport:
php artisan passport:install
Use trait in the "User" model:
use HasApiTokens

use UserPermissionTrait
To exclude some methods/class from creating permissions of them just add "@exclude-permission" in the docs block of class/method you want to exclude.
/**
 *...
 *@exclude-permission
 *...
 */
class SomeController extends Controller
{
    /**
     *...
     *@exclude-permission
     *...
     */
    public function index()
    {
        ...
    }
}
Permissions are created dynamically through command according to the controllers having methods:
php artisan create:permission
Define an api authentication guard and set the driver option to passport in config/auth.php:
'guards' => [
    'web' => [
        'driver' => 'session',
        'provider' => 'users',
    ],
 
    'api' => [
        'driver' => 'passport',
        'provider' => 'users',
    ],
],
Publish config file
php artisan vendor:publish --tag=custom-rbac
Set token expirations inside config\customrbac.php:
    'tokensExpireIn' => now()->addDays(15),
    'refreshTokensExpireIn' => now()->addDays(30),
    'personalAccessTokensExpireIn' => now()->addMonths(6)
Use PermissionsApi middleware to authorize user to specific Api route and for web routes use PermissionsWeb middleware

app/http/kernel.php under protected $routeMiddleware:

'permissionsApi' => \Zainburfat\Rbac\Middleware\PermissionsApi::class,
'permissionsWeb' => \Zainburfat\Rbac\Middleware\PermissionsWeb::class,
Login and register using package's route

For Login use paramenters ('email', 'passport')

For Register use paramenters ('name', 'email', 'passport')

http://yourdomain/rbac_login
http://yourdomain/rbac_register