{"id":16184147,"url":"https://github.com/eidng8/lumen-auth-app","last_synced_at":"2025-04-07T12:45:38.215Z","repository":{"id":38172080,"uuid":"327249822","full_name":"eidng8/lumen-auth-app","owner":"eidng8","description":"A simple trial with lumen to build an authorization micro service","archived":false,"fork":false,"pushed_at":"2023-04-19T20:28:59.000Z","size":457,"stargazers_count":0,"open_issues_count":3,"forks_count":0,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-02-13T15:34:35.505Z","etag":null,"topics":["jwt","lumen","microservice"],"latest_commit_sha":null,"homepage":"","language":"PHP","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/eidng8.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2021-01-06T08:36:29.000Z","updated_at":"2021-01-15T13:07:48.000Z","dependencies_parsed_at":"2024-12-21T01:42:28.448Z","dependency_job_id":null,"html_url":"https://github.com/eidng8/lumen-auth-app","commit_stats":{"total_commits":102,"total_committers":2,"mean_commits":51.0,"dds":0.05882352941176472,"last_synced_commit":"64cd681ebd6b12ed59dd889ebc022b1578241c02"},"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/eidng8%2Flumen-auth-app","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/eidng8%2Flumen-auth-app/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/eidng8%2Flumen-auth-app/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/eidng8%2Flumen-auth-app/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/eidng8","download_url":"https://codeload.github.com/eidng8/lumen-auth-app/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":247655577,"owners_count":20974201,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["jwt","lumen","microservice"],"created_at":"2024-10-10T07:09:09.386Z","updated_at":"2025-04-07T12:45:38.194Z","avatar_url":"https://github.com/eidng8.png","language":"PHP","funding_links":[],"categories":[],"sub_categories":[],"readme":"# JWT authorization microservice using Lumen\n\n[![PHP](https://img.shields.io/badge/PHP-8.0-brightgreen?style=flat-square)](https://www.php.net/releases/8.0/en.php)\n[![GitHub](https://img.shields.io/github/license/eidng8/lumen-auth-app?style=flat-square)](/LICENSE)\n\n[![GitHub Workflow Status](https://img.shields.io/github/workflow/status/eidng8/lumen-auth-app/Tests?label=github\u0026style=flat-square)](https://github.com/eidng8/lumen-auth-app/actions)\n[![Travis.com](https://img.shields.io/travis/com/eidng8/lumen-auth-app?label=travis\u0026style=flat-square)](https://travis-ci.com/github/eidng8/lumen-auth-app)\n[![StyleCI](https://github.styleci.io/repos/327249822/shield?branch=master)](https://github.styleci.io/repos/327249822)\n[![Codecov](https://img.shields.io/codecov/c/github/eidng8/lumen-auth-app?label=codecov\u0026style=flat-square)](https://codecov.io/gh/eidng8/lumen-auth-app)\n[![Code Climate maintainability](https://img.shields.io/codeclimate/maintainability/eidng8/lumen-auth-app?label=codeclimate\u0026style=flat-square)](https://codeclimate.com/github/eidng8/lumen-auth-app)\n\n## Purpose\n\nThis is a trial project to build an authorization service using Lumen that\nprovides minimum functionalities. Although this is a trial project, I hope to\nmake it suitable for later (or others) use as boilerplate or foundation for\nproduction projects or products. By production, it isn't mean this bare-bone JWT\ntoken could be used directly, as JWT is only a token format. Extra consideration\nshould be taken beforehand, such as using protocols such as OAuth.\n\n## Features\n\nThis package is built using [jwt-auth](https://github.com/tymondesigns/jwt-auth)\nto provide authentication \u0026 JWT authorization service. It *only* supports HTTP\nauthorization header with JWT tokens, and the token type must be `bearer`.\n\nThe database consists of a minimum set of columns, including user credentials.\nOther user properties are expected to be handled by separate service rather than\nthis one. To expand the data scope, one has to amend database migration\nand `AuthController`.\n\n## Configurations\n\nTwo configuration has been added to `config/jwt.php`.\n\n### `issuer`\n\nThis is the preferred value to the `iss` claim of all tokens generated by the\n`/login` end point. The corresponding `JWT_ISSUER` key has been added to `.env`\nfile.\n\n### `accepted_issuers`\n\nA list of issuers to be accepted by authorization end points. The corresponding\n`JWT_ACCEPTED_ISSUERS` key has been added to `.env` file. It holds a comma\nseparated list.\n\n## List of end points\n\n### `/register`\n\nDeclared in `App\\Http\\Controllers\\AuthController::register()`.\n\nCreates a new user. Parameters include `name`, `email`, and `password` with\nconfirmation. Do *not* provide authorization header to this end point.\n\n#### Request parameters\n\n```json\n{\n    \"name\": \"new-user\",\n    \"email\": \"some.one@example.com\",\n    \"password\": \"just a password\",\n    \"password_confirmation\": \"just a password\"\n}\n```\n\nAll these fields are required, and the `password` and `password_confirmation`\nmust be identical. Although this is a JSON end point, it accepts good old form\ndata too. Upon success, it returns some information about the created record.\n\n#### Success response\n\n```json\n{\n    \"user\": {\n        \"name\": \"test-user1\",\n        \"email\": \"someone1@example.com\",\n        \"updated_at\": \"2021-01-07T10:32:49.000000Z\",\n        \"created_at\": \"2021-01-07T10:32:49.000000Z\",\n        \"id\": 230\n    },\n    \"message\": \"User has been successfully created.\"\n}\n```\n\n#### Customization\n\nTo expand or change registration information, such as adding phone number. One\nhas to first add the phone number to database migration, update validation rules\nand the `User` model creation inside `AuthController::register()`.\n\n### `/login`\n\nDeclared in `App\\Http\\Controllers\\AuthController::login()`.\n\nChecks the provided credentials and generates a JWT token if the credentials are\nvalid. Do *not* provide authorization header to this end point.\n\n#### Request parameters\n\n```json\n{\n    \"email\": \"some.one@example.com\",\n    \"password\": \"just a password\"\n}\n```\n\n#### Success response\n\n```json\n{\n    \"token\": \"the newly generated JWT token\",\n    \"token_type\": \"bearer\",\n    \"expires_in\": 3600\n}\n```\n\nPlease note that the `token_type` will always be `\"bearer\"`, and `expires_in` is\nin seconds. As mentioned above, when using this token, the type of the HTTP\nauthorization header must be `bearer`. e.g. `Authorization: bearer JWT_token`.\n\nIn real world cases, the `token_type` field may not be necessary, because the\n`bearer` type is most like the expected value. It is provided here only for\nemphasis.\n\n#### Customization\n\nTo change the login field, say using phone number instead of email. Beside\nmodifications mentioned in registration customization, one has to change the\n`AuthController::login()` method to use the new identify field.\n\n### `/password/reset`\n\nDeclared in `App\\Http\\Controllers\\AuthController::passwordReset()`.\n\nStarts the password reset flow. This is a scaffold end point, which doesn't\ncontain any actual logic.\n\n#### Request parameters\n\n```json\n{\n    \"email\": \"some.one@example.com\"\n}\n```\n\n#### Success response\n\n```json\n{\n    \"message\": \"Password reset email has been sent to your email.\"\n}\n```\n\n#### Customization\n\nPassword reset could take various forms in real world applications. Here we just\ndemonstrate the first step of reset process using email. One could simply\nutilize Laravel reset password flow, or design custom process flow.\n\n### `/refresh`\n\nDeclared in `App\\Http\\Controllers\\Token\\Controller::refresh()`.\n\nRefresh a token. The authorization header is required. There is no request body.\n\n#### Request parameters\n\n##### HTTP header\n\n```text\nAuthorization: bearer JWT_token\n```\n\n#### Success response\n\n```json\n{\n    \"token\": \"the newly generated JWT token\",\n    \"token_type\": \"bearer\",\n    \"expires_in\": 3600\n}\n```\n\n### `/logout`\n\nDeclared in `App\\Http\\Controllers\\Token\\Controller::logout()`.\n\nLogout the token, rendering it invalid for further use. The authorization header\nis required. There is no request body.\n\n#### Request parameters\n\n##### HTTP header\n\n```text\nAuthorization: bearer JWT_token\n```\n\n#### Success response\n\n```json\n{\n    \"message\": \"See you soon.\"\n}\n```\n\n### `/verify`\n\nDeclared in `App\\Http\\Controllers\\Token\\Controller::verify()`.\n\nValidates the token and returns its TTL if it's valid. This is just a scaffold,\nfeel free to implement whatever suitable.\n\n#### Request parameters\n\n##### HTTP header\n\n```text\nAuthorization: bearer JWT_token\n```\n\n#### Success response\n\n```json\n{\n    \"ttl\": 3600\n}\n```\n\n### `/heartbeat`\n\nDeclared in `App\\Http\\Controllers\\Token\\Controller::heartbeat()`.\n\nReturns the current server time in W3C format. This is just a scaffold, feel\nfree to implement whatever suitable.\n\n#### Request parameters\n\n##### HTTP header\n\n```text\nAuthorization: bearer JWT_token\n```\n\n#### Success response\n\n```json\n{\n    \"time\": \"2021-01-10T03:45:27+00:00\"\n}\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Feidng8%2Flumen-auth-app","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Feidng8%2Flumen-auth-app","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Feidng8%2Flumen-auth-app/lists"}