Skip to content

yiisoft/auth-jwt

master
Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
Code

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
 
 
 
 
src
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Yii Auth JWT


Latest Stable Version Total Downloads Build status Scrutinizer Code Quality Code Coverage Mutation testing badge static analysis type-coverage

The package provides JWT authentication method for Yii Auth.

Requirements

  • PHP 7.4 or higher.

Installation

The package could be installed with composer:

composer require yiisoft/auth-jwt --prefer-dist

General usage

Configuring within Yii

  1. Set JWT parameters in your params.php config file:

    'yiisoft/auth-jwt' => [
        'algorithms' => [
            // your signature algorithms
        ],
        'serializers' => [
            // your token serializers
        ],
        'key' => [
            'secret' => 'your-secret',
            'file' => 'your-certificate-file',
        ],
    ],
  2. Setup definitions, required for \Yiisoft\Auth\Middleware\Authentication middleware in a config, for example, in config/web/auth.php:

    <?php
    
    declare(strict_types=1);
    
    /** @var array $params */
    
    use Yiisoft\Auth\Jwt\TokenManagerInterface;
    use Yiisoft\Auth\Jwt\TokenManager;
    use Yiisoft\Auth\AuthenticationMethodInterface;
    use Yiisoft\Auth\Jwt\JwtMethod;
    
    return [
        KeyFactoryInterface::class => [
            'class' => FromSecret::class,
            '__construct()' => [
                $params['yiisoft/auth-jwt']['key']['secret']
            ],
        ],
        
        AuthenticationMethodInterface::class => JwtMethod::class,
    ];

    Note: Don't forget to declare your implementations of \Yiisoft\Auth\IdentityInterface and \Yiisoft\Auth\IdentityRepositoryInterface.

  3. Use Yiisoft\Auth\Middleware\Authentication middleware. Read more about middlewares in the middleware guide.

Configuring independently

You can configure Authentication middleware manually:

/** @var \Yiisoft\Auth\IdentityRepositoryInterface $identityRepository */
$identityRepository = getIdentityRepository();

$tokenRepository = $container->get(\Yiisoft\Auth\Jwt\TokenRepositoryInterface::class);

$authenticationMethod = new \Yiisoft\Auth\Jwt\JwtMethod($identityRepository, $tokenRepository);

$middleware = new \Yiisoft\Auth\Middleware\Authentication(
    $authenticationMethod,
    $responseFactory, // PSR-17 ResponseFactoryInterface.
    $failureHandler // Optional, \Yiisoft\Auth\Handler\AuthenticationFailureHandler by default.
);

Unit testing

The package is tested with PHPUnit. To run tests:

./vendor/bin/phpunit

Mutation testing

The package tests are checked with Infection mutation framework with Infection Static Analysis Plugin. To run it:

./vendor/bin/roave-infection-static-analysis-plugin

Static analysis

The code is statically analyzed with Psalm. To run static analysis:

./vendor/bin/psalm

License

The Yii Auth JWT is free software. It is released under the terms of the BSD License. Please see LICENSE for more information.

Maintained by Yii Software.