Authava Laravel Client

A Laravel integration package for the Authava authentication service.

Installation

You can install the package via composer:

composer require authava/laravel

Configuration

1. Publish the configuration file:

php artisan vendor:publish --tag=authava-config

2. Add your Authava configuration to your .env file:

AUTHAVA_DOMAIN=auth.yourdomain.com
AUTHAVA_RESOLVER_DOMAIN=api.yourdomain.com # Optional
AUTHAVA_SECURE=true
AUTHAVA_AUTO_REFRESH=true
AUTHAVA_REFRESH_BUFFER=5
AUTHAVA_CACHE_TTL=300

Basic Usage

Protecting Routes

Add the middleware to your routes:

use Authava\Laravel\Middleware\AuthavaAuthenticate;

Route::middleware([AuthavaAuthenticate::class])->group(function () {
    Route::get('/protected', function (Request $request) {
        // Access the authenticated user
        $user = $request->get('authava_user');
        return response()->json(['user' => $user]);
    });
});

User Synchronization

If you want to automatically sync Authava users with your local database, use the EnsureUserExists middleware:

use Authava\Laravel\Middleware\AuthavaAuthenticate;
use Authava\Laravel\Middleware\EnsureUserExists;

Route::middleware([
    AuthavaAuthenticate::class,
    EnsureUserExists::class,
])->group(function () {
    Route::get('/profile', function (Request $request) {
        // Access your local user model
        $user = $request->get('user');
        return response()->json(['user' => $user]);
    });
});

Using the Facade

use Authava\Laravel\Facades\Authava;

// Get the current session
$session = Authava::getSession($request->header('Cookie'));

// Clear session cache
Authava::clearSessionCache($cookie);

// Get configuration
$config = Authava::getConfig();

Direct Usage

If you prefer dependency injection:

use Authava\Laravel\AuthavaClient;

class UserController extends Controller
{
    public function __construct(private AuthavaClient $authava)
    {
    }

    public function profile(Request $request)
    {
        $session = $this->authava->getSession($request->header('Cookie'));
        // ...
    }
}

User Synchronization

The package provides two approaches for user synchronization:

1. Middleware Approach

Use the EnsureUserExists middleware to automatically sync users:

Route::middleware([
    AuthavaAuthenticate::class,
    EnsureUserExists::class,
])->group(function () {
    // Routes here will have access to synchronized users
});

2. Manual Synchronization

Implement your own user synchronization logic:

use App\Models\User;

class UserService
{
    public function syncAuthavaUser(array $authavaUser): User
    {
        return User::updateOrCreate(
            ['auth_id' => $authavaUser['id']],
            [
                'email' => $authavaUser['email'],
                'name' => $authavaUser['name'] ?? null,
                // Map other fields as needed
            ]
        );
    }
}

Configuration Options

Session Caching

The package caches session data to reduce API calls. Configure the TTL in your .env:

AUTHAVA_CACHE_TTL=300 # Cache for 5 minutes

User Model Mapping

Configure how Authava user fields map to your user model:

// config/authava.php
return [
    'user_model' => \App\Models\User::class,
    'user_fields' => [
        'auth_id' => 'id',
        'email' => 'email',
        'name' => 'name',
        // Add custom field mappings
    ],
];

Testing

composer test

Security

If you discover any security related issues, please email security@authava.com instead of using the issue tracker.

Credits

• Authava
• All Contributors

License

The MIT License (MIT). Please see License File for more information.