This package allows you to manage user permissions and roles in a database and authentication and authorization

v1.0.12 2023-01-09 09:49 UTC

This package is auto-updated.

Last update: 2024-10-11 08:34:00 UTC


README

Total Downloads License

Laravel - Role Based Access Control

Custom Route Wise Access Control
This package allows you to manage user permissions and roles in a database and Authentication and Authorization
  1. Custom RBAC user based roles and permissions package
  2. Custom RBAC provides flexibility to use Laravel/Passport in a manner of minutes.
Prerequisites
  • Laravel ^8.0
  • Php ^7.3
  • Laravel/Passport ^10.4
  • Commands
    composer require zainburfat/rbac
    Run migrations:
    php artisan migrate
    Install Passport:
    php artisan passport:install
    Use trait in the "User" model:
    use HasApiTokens
    
    use UserPermissionTrait
    To exclude some methods/class from creating permissions of them just add "@exclude-permission" in the docs block of class/method you want to exclude.
    /**
     *...
     *@exclude-permission
     *...
     */
    class SomeController extends Controller
    {
        /**
         *...
         *@exclude-permission
         *...
         */
        public function index()
        {
            ...
        }
    }
    Permissions are created dynamically through command according to the controllers having methods:
    php artisan create:permission
    Define an api authentication guard and set the driver option to passport in config/auth.php:
    'guards' => [
        'web' => [
            'driver' => 'session',
            'provider' => 'users',
        ],
     
        'api' => [
            'driver' => 'passport',
            'provider' => 'users',
        ],
    ],
    Publish config file
    php artisan vendor:publish --tag=custom-rbac
    Set token expirations inside config\customrbac.php:
        'tokensExpireIn' => now()->addDays(15),
        'refreshTokensExpireIn' => now()->addDays(30),
        'personalAccessTokensExpireIn' => now()->addMonths(6)
    Use PermissionsApi middleware to authorize user to specific Api route and for web routes use PermissionsWeb middleware

    app/http/kernel.php under protected $routeMiddleware:

    'permissionsApi' => \Zainburfat\Rbac\Middleware\PermissionsApi::class,
    'permissionsWeb' => \Zainburfat\Rbac\Middleware\PermissionsWeb::class,
    Login and register using package's route

    For Login use paramenters ('email', 'passport')

    For Register use paramenters ('name', 'email', 'passport')

    http://yourdomain/rbac_login
    http://yourdomain/rbac_register