Downloads
Stars
Version
Takes care of the authorization and sets the roles and permissions for the user and consumer. Depends on the iMemento JWT package for JWT related tasks. Decrypting the tokens happens in the JWT package.
composer require imemento/guard-laravel
The package uses Service Discovery. Still, if necessary, you can add the service to config/app.php
:
iMemento\Guard\Laravel\AuthServiceProvider::class,
In config/auth.php
add a guard with jwt as the driver:
'api' => [
'driver' => 'jwt',
'provider' => 'users',
],
In config/auth.php
add a user provider with static as the driver.
The model needs to be an instance of iMemento\SDK\Auth\User::class
or an extension of it.
'users' => [
'driver' => 'static',
'model' => iMemento\SDK\Auth\User::class,
],
Since this package handles multiple operations in order to achieve the desired results, the following
.env
variables should be properly defined:
AUTH_KEY=
To use the JWT Guard for all the routes in your routes/api.php
file you just need to add it
to the api
middleware group in app/Http/Kernel.php
.
'api' => [
'throttle:60,1',
'bindings',
'auth:api', #this
],
If your API exposes public endpoints, the ones that should be guarded by the JWT Guard should be specifically grouped:
Route::group(['middleware' => 'auth:api'], function ()) {
//...
}
Once the Guard has been applied, the app will have access to an authenticated user through auth()->user()
.
The following fields are added to the current user and can be used in the application's policies.
{
"id": 13,
"agency_id": 2,
"roles": ["admin"],
"consumer_roles": ["user"],
"permissions": ["read","write"]
}
The fields id, agency_id can be null, roles can be empty.