/http-basic-auth-guard

HTTP Basic Auth Guard for Lumen 5.x

Primary LanguagePHPMIT LicenseMIT

HTTP Basic Auth Guard

Latest Version on Packagist Software License Total Downloads

HTTP Basic Auth Guard is a Lumen Package that lets you use basic as your driver for the authentication guard in your application.

The Guard brings back the missing stateless HTTP Basic Authentication possibilities for Lumen >=5.2.

Explanation

As of Lumen 5.2 the session storage is not included anymore.
Unfortunately, for calling Auth::onceBasic(), Auth::basic(), or alike you'll need the session driver which requires the session storage.
Therefore HTTP Basic Authentication does not work out-of-the-box anymore for Lumen >=5.2.
To be honest, I have no idea why Taylor Otwell removed this functionality from Lumen 5.2.
My best guess is, that he doesn't even know since my issue got closed instantly on github 😃
Luckily, this package brings the usual functionality back!

Requirements

  • Lumen 5.2 or above Installation.
  • Note: For Laravel 5.* or Lumen 5.1 HTTP Basic Auth still works out-of-the-box with the session driver: Link.

Tested with

  • Lumen 5.2, 5.3, 5.4, 5.5, 5.6, 5.7
  • PHP 5.6, 7.0, 7.1, 7.2, 7.3

Current master is for Lumen >= 5.7. For Lumen <= 5.6 Use version ^1.0.

Installation

1. Pull in package

$ composer require arubacao/http-basic-auth-guard

2. Read & Follow Official Lumen Documentation for Authentication

https://lumen.laravel.com/docs/5.7/authentication

Important:

Before using Lumen's authentication features, you should uncomment the call to register the AuthServiceProvider service provider in your bootstrap/app.php file.

// bootstrap/app.php

// Uncomment the following line 
 $app->register(App\Providers\AuthServiceProvider::class);

Of course, any routes you wish to authenticate should be assigned the auth middleware, so you should uncomment the call to $app->routeMiddleware() in your bootstrap/app.php file:

// bootstrap/app.php

// Uncomment the following lines
 $app->routeMiddleware([
    'auth' => App\Http\Middleware\Authenticate::class,
 ]);

If you would like to use Auth::user() to access the currently authenticated user, you should uncomment the $app->withFacades() method in your bootstrap/app.php file.

// bootstrap/app.php

// Uncomment the following lines
 $app->withFacades();
 $app->withEloquent();

3. Add the Service Provider

Open bootstrap/app.php and register the service provider:

// bootstrap/app.php

// Add the following line
$app->register(Arubacao\BasicAuth\BasicGuardServiceProvider::class);

4. Setup Guard Driver

Note: In Lumen you first have to copy the config file from the directory vendor/laravel/lumen-framework/config/auth.php, create a config folder in your root folder and finally paste the copied file there.

$ mkdir config
$ cp vendor/laravel/lumen-framework/config/auth.php config/

Open your config/auth.php config file.
In guards add a new key of your choice (api in this example).
Add basic as the driver.
Make sure you also set provider for the guard to communicate with your database.

// config/auth.php
'guards' => [
    'api' => [
        'driver' => 'basic',
        'provider' => 'users'
    ],

    // ...
],

'providers' => [
    'users' => [
        'driver' => 'eloquent',
        'model'  => App\User::class,
    ],
],

Usage

Middleware protecting the route:

Route::get('api/whatever', ['middleware' => 'auth:api', 'uses' => 'NiceController@awesome']);

Middleware protecting the controller:

<?php

namespace App\Http\Controllers;

class NiceController extends Controller
{
    public function __construct()
    {
        $this->middleware('auth:api');
    }
}

Change log

Please see CHANGELOG for more information what has changed recently.

Contributing

Please see CONTRIBUTING for details.

Any issues, feedback, suggestions or questions please use issue tracker here.

Security

If you discover any security related issues, please email arubacao@gmail.com instead of using the issue tracker.

License

The MIT License (MIT).

Analytics