Get support for yiisoft/auth

If you need help reviewing implementation, debugging, understanding undocumented features or anything in general with yiisoft/auth, you can see the list of people available to help below. Save yourself timme by talking directly to the owner, maintainers and contributors of yiisoft/auth. Who is better qualified to help you? You also get the added benefit of providing additional revenue to the projects you use, helping them remain sustainable.

Save yourself timme by talking directly to the owner, maintainers and contributors of yiisoft/auth. Who is better qualified to help you? You also get the added benefit of providing additional revenue to the projects you use, helping them remain sustainable.

If you're new to LTH, please see our FAQ for more information on what it is we do.

Support Options

Unfortunately, there are currently no active helpers for this repository on the platform. Until they become available, we reccomend the following actions:

View Open Issues

Take a look to see if anyone else has experienced the same issue as you and if they managed to solve it.

Open an Issue

Make sure to read any relevant guidelines for opening issues on this repo before posting a new issue.

Sponsor directly

Check out the page and see if there are any options to sponsor this project or it's developers directly.

yiisoft/auth

View on github

The package provides various authentication methods, a set of abstractions to implement in your application, and a PSR-15 middleware to authenticate an identity.

Requirements

PHP 8.0 or higher.

Installation

composer require yiisoft/auth

General usage

Configure a middleware and add it to your middleware stack:

$identityRepository = getIdentityWithTokenRepository(); // \Yiisoft\Auth\IdentityRepositoryInterface
$authenticationMethod = new \Yiisoft\Auth\Method\HttpBasic($identityRepository);

$middleware = new \Yiisoft\Auth\Middleware\Authentication(
    $authenticationMethod,
    $responseFactory, // PSR-17 ResponseFactoryInterface
    $failureHandler // optional, \Yiisoft\Auth\Handler\AuthenticationFailureHandler by default
);

$middlewareDispatcher->addMiddleware($middleware);

In order to get an identity instance in the following middleware use getAttribute() method of the request instance:

public function actionIndex(\Psr\Http\Message\ServerRequestInterface $request): \Psr\Http\Message\ResponseInterface
{
    $identity = $request->getAttribute(\Yiisoft\Auth\Middleware\Authentication::class);
    // ...
}

HTTP basic authentication

Basic HTTP authentication is typically used for entering login and password in the browser. Credentials are passed as $_SERVER['PHP_AUTH_USER'] and $_SERVER['PHP_AUTH_PW'].

$authenticationMethod = (new \Yiisoft\Auth\Method\HttpBasic($identityRepository))
    ->withRealm('Admin')
    ->withAuthenticationCallback(static function (
        ?string $username,
        ?string $password,
        \Yiisoft\Auth\IdentityWithTokenRepositoryInterface $identityRepository
    ): ?\Yiisoft\Auth\IdentityInterface {
        return $identityRepository->findIdentityByToken($username, \Yiisoft\Auth\Method\HttpBasic::class);
    });

Realm is typically what you will see in the browser prompt asking for a login and a password. Custom authentication callback set in the above is the same as default behavior when it is not specified.

HTTP bearer authentication

Bearer HTTP authentication is typically used in APIs. Authentication token is passed in WWW-Authenticate header.

$authenticationMethod = new \Yiisoft\Auth\Method\HttpBearer($identityRepository);

Custom HTTP header authentication

Custom HTTP header could be used if you do not want to leverage bearer token authentication:

 $authenticationMethod = (new \Yiisoft\Auth\Method\HttpHeader($identityRepository))
     ->withHeaderName('X-Api-Key')
     ->withPattern('/(.*)/'); // default

In the above we use full value of X-Api-Key header as token.

Query parameter authentication

This authentication method is mainly used by clients unable to send headers. In case you do not have such clients we advise not to use it.

$authenticationMethod = (new \Yiisoft\Auth\Method\QueryParameter($identityRepository))
    ->withParameterName('token');

Using multiple authentication methods

To use multiple authentication methods, use Yiisoft\Auth\Method\Composite:

$authenticationMethod = new \Yiisoft\Auth\Method\Composite([
    $bearerAuthenticationMethod,
    $basicAuthenticationMethod
]);

Extension and integration points

\Yiisoft\Auth\IdentityInterface should be implemented by your application identity class. Typically, that is User.
\Yiisoft\Auth\IdentityRepositoryInterface should be implemented by your application identity repository class. Typically, that is UserIdentity.
\Yiisoft\Auth\IdentityWithTokenRepositoryInterface could be additionally implemented by your application identity repository class in case token-based authentication is needed. Typically, that is UserIdentity.
\Yiisoft\Auth\AuthenticationMethodInterface could be implemented to provide your own authentication method.

Documentation

Internals

If you need help or have a question, the Yii Forum is a good place for that. You may also check out other Yii Community Resources.

License

The Yii Auth is free software. It is released under the terms of the BSD License. Please see LICENSE for more information.

Maintained by Yii Software.

Support the project

Follow updates

Our Mission

We want to make open source more sustainable. The entire platform was born from this and everything we do is in aid of this.

From the Blog

Interesting Articles

Generating income from open source

Jun 23 • 8 min read
2023 State of OSS

Apr 23 • 45 min read ★
A funding experiment...

Aug 19 • 10 min read
But You Said I could

Aug 19 • 2 min read

Company

p-e622a1a2