PHP stateless JWT authentication
Easy implementation of JWT authentication & handling in PHP.
Installation
composer require neoan3-apps/stateless
Quick Start
// static
Neoan3\Apps\Stateless::setSecret('My-super-secure-Key');
// or as object
// (method names are the same as static calls)
$stateless = new Neoan3\Apps\StatelessOOP('my-secure-key');
// create JWT
$jti = 'someId';
$scope = ['read', 'write'];
$payload = ['additional'=>'info']; // optional
$jwt = Neoan3\Apps\Stateless::assign($jti, $scope, $payload);
// validate JWT
try{
$decrypted = Neoan3\Apps\Stateless::validate();
$user = $decrypted['jti'];
} catch(Exception $e) {
die('ups');
}Methods
setAuthorization($jwt)
If this method is not used, Stateless will read the Authorization from the $_SERVER variable "HTTP_AUTHORIZATION" and the following format "baerer token"
setCustomException($class)
Can be used to trigger a custom exception when encountering validation errors.
setSecret($secret)
Key used for the HS256 algorithm (decryption/encryption/signing). Make sure a key is set prior to any other interactions.
validate()
Returns the decoded JWT or throws an Exception
restrict($scope = [])
Accepts a string or an array. Same as validate, but additionally checks if the right kind of scope is present.
assign($jti, $scope, $payload = [])
Generates a JWT.