{"id":21942392,"url":"https://github.com/rob006-software/yii2-simple-auth","last_synced_at":"2026-05-08T04:02:25.461Z","repository":{"id":62536410,"uuid":"57339492","full_name":"rob006-software/yii2-simple-auth","owner":"rob006-software","description":"Yii 2 extension that provides simple authentication based on a secret key.","archived":false,"fork":false,"pushed_at":"2017-10-07T21:14:27.000Z","size":21,"stargazers_count":2,"open_issues_count":1,"forks_count":0,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-07-24T19:39:27.063Z","etag":null,"topics":["authentication","yii2","yii2-extension"],"latest_commit_sha":null,"homepage":"","language":"PHP","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/rob006-software.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE.md","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2016-04-28T23:11:12.000Z","updated_at":"2019-05-09T15:23:35.000Z","dependencies_parsed_at":"2022-11-02T15:15:24.955Z","dependency_job_id":null,"html_url":"https://github.com/rob006-software/yii2-simple-auth","commit_stats":null,"previous_names":[],"tags_count":1,"template":false,"template_full_name":null,"purl":"pkg:github/rob006-software/yii2-simple-auth","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rob006-software%2Fyii2-simple-auth","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rob006-software%2Fyii2-simple-auth/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rob006-software%2Fyii2-simple-auth/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rob006-software%2Fyii2-simple-auth/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/rob006-software","download_url":"https://codeload.github.com/rob006-software/yii2-simple-auth/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rob006-software%2Fyii2-simple-auth/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":32766122,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-08T02:36:36.067Z","status":"ssl_error","status_checked_at":"2026-05-08T02:36:07.210Z","response_time":54,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["authentication","yii2","yii2-extension"],"created_at":"2024-11-29T03:19:48.080Z","updated_at":"2026-05-08T04:02:25.406Z","avatar_url":"https://github.com/rob006-software.png","language":"PHP","funding_links":[],"categories":[],"sub_categories":[],"readme":"Simple authentication extension for Yii 2\n=========================================\n\nYii 2 extension that provides simple authentication based on a secret key.\n\nThe extension provides components for easy authenticate and validate the HTTP request. Each request gets\nits own unique token with the expiration time, so no passwords or keys are sent with the request -\nit should be safer than [basic access authentication](https://en.wikipedia.org/wiki/Basic_access_authentication)\nwhen you don't use https.\n\nInstallation\n------------\n\nThe preferred way to install this extension is through [composer](http://getcomposer.org/download/).\n\nEither run\n\n```shell\nphp composer.phar require rob006/yii2-simple-auth\n```\n\nor add\n\n```json\n\"rob006/yii2-simple-auth\": \"^1.0\"\n```\n\nto the require section of your `composer.json` file.\n\n\nUsage\n-----\n\n### Configuration\n\nYou can configure default secret key used by this extension by setting param in your config in\n`config/web.php` and/or in `config/console.php`:\n\n```php\nreturn [\n\t...\n\t'params' =\u003e [\n\t\t...\n\t\t'simpleauth' =\u003e [\n\t\t\t'secret' =\u003e 'mysecretkey',\n\t\t],\n\t],\n];\n```\n\nThis is optional - you can always explicitly specify the key for authentication/validation.\n\n\n### Authentication (client side)\n\n#### Authentication when using official `yii2-httpclient` extension\n\nYou can simply authenticate `Request` object from official Yii 2 [httpclient](https://github.com/yiisoft/yii2-httpclient)\nby using [yii2-simple-auth-yii-authenticator](https://github.com/rob006/yii2-simple-auth-yii-authenticator)\nextension.\n\n#### Authentication any request\n\nYou can use `Authenticator` to authenticate any request, even if you don't use `yii2-httpclient`\npackage. For example, authentication cURL request by GET param:\n\n```php\nuse rob006\\simpleauth\\Authenticator;\n\n$ch = curl_init();\n$url = 'http://api.example.com/user/list/?ids=1,2,3,4';\n$url .= '\u0026' . Authenticator::PARAM_NAME . '=' . Authenticator::generateAuthToken($url);\ncurl_setopt($ch, CURLOPT_URL, $url);\ncurl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);\n$response = curl_exec($ch);\ncurl_close($ch);\n```\n\nAuthentication cURL request by header:\n```php\nuse rob006\\simpleauth\\Authenticator;\n\n$ch = curl_init();\n$url = 'http://api.example.com/user/list/?ids=1,2,3,4';\ncurl_setopt($ch, CURLOPT_URL, $url);\ncurl_setopt($ch, CURLOPT_HTTPHEADER, [\n\tAuthenticator::HEADER_NAME . ': ' . Authenticator::generateAuthToken($url),\n]);\ncurl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);\n$response = curl_exec($ch);\ncurl_close($ch);\n```\n\n\n### Validation (server side)\n\nTo check whether the request has a valid token simply add action filter to your controller:\n\n```php\nuse rob006\\simpleauth\\ActionFilter;\n\nclass MyController extends \\yii\\web\\Controller {\n\n\tpublic function behaviors() {\n\t\treturn [\n\t\t\t...\n\t\t\t'simpleauth' =\u003e [\n\t\t\t\t'class' =\u003e ActionFilter::className(),\n\t\t\t],\n\t\t];\n\t}\n\n\t...\n}\n```\n\nYou can also configure some settings for `ActionFilter`:\n\n```php\nuse rob006\\simpleauth\\ActionFilter;\nuse rob006\\simpleauth\\Authenticator;\n\nclass MyController extends \\yii\\web\\Controller {\n\n\tpublic function behaviors() {\n\t\treturn [\n\t\t\t...\n\t\t\t'simpleauth' =\u003e [\n\t\t\t\t'class' =\u003e ActionFilter::className(),\n\t\t\t\t// allow authentication only by header\n\t\t\t\t'allowedMethods' =\u003e [\n\t\t\t\t\tAuthenticator::METHOD_HEADER,\n\t\t\t\t],\n\t\t\t\t// set token timeout to 1 hour (by default it is 5 minutes)\n\t\t\t\t'tokenDuration' =\u003e 3600,\n\t\t\t\t// override default header used for authentication\n\t\t\t\t'headerName' =\u003e 'X-My-Custom-Header',\n\t\t\t\t// override params names used for send authentication token\n\t\t\t\t'postParamName' =\u003e 'my_custom_token_param_name',\n\t\t\t\t'getParamName' =\u003e 'my_custom_token_param_name',\n\t\t\t\t// custom secret used for validate authentication\n\t\t\t\t'secret' =\u003e 'my-custom-secret-key',\n\t\t\t],\n\t\t];\n\t}\n\n\t...\n}\n```\n\n### Final comments\n\nMake sure that you generate token for final URL and no redirections are performed for the request.\nToken is generated for the exact address, so tokens for:\n* `http://example.com/user/list/`\n* `https://example.com/user/list/`\n* `http://www.example.com/user/list/`\n* `http://example.com/user/list`\n\nwill be completely different.\n\nBe careful when using POST request. `Authenticator` and `ActionFilter` takes into account only the\nURL, all POST data is ignored during the authentication and validation. This means that one token\nmay be used many times for different requests with different POST data if refer to the same URL.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Frob006-software%2Fyii2-simple-auth","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Frob006-software%2Fyii2-simple-auth","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Frob006-software%2Fyii2-simple-auth/lists"}