{"id":15190160,"url":"https://github.com/verzth/tcx","last_synced_at":"2026-02-02T12:33:44.272Z","repository":{"id":57077593,"uuid":"140539081","full_name":"verzth/tcx","owner":"verzth","description":null,"archived":false,"fork":false,"pushed_at":"2020-05-04T07:46:15.000Z","size":61,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-07-26T13:55:23.778Z","etag":null,"topics":["auth","authentication","authorization","laravel","laravel-auth","laravel-authentication","laravel-authorization","laravel-framework"],"latest_commit_sha":null,"homepage":null,"language":"PHP","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/verzth.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2018-07-11T07:37:01.000Z","updated_at":"2020-05-04T07:44:46.000Z","dependencies_parsed_at":"2022-08-24T14:56:07.515Z","dependency_job_id":null,"html_url":"https://github.com/verzth/tcx","commit_stats":null,"previous_names":[],"tags_count":26,"template":false,"template_full_name":null,"purl":"pkg:github/verzth/tcx","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/verzth%2Ftcx","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/verzth%2Ftcx/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/verzth%2Ftcx/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/verzth%2Ftcx/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/verzth","download_url":"https://codeload.github.com/verzth/tcx/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/verzth%2Ftcx/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":29012612,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-02-02T10:37:29.253Z","status":"ssl_error","status_checked_at":"2026-02-02T10:37:28.644Z","response_time":58,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["auth","authentication","authorization","laravel","laravel-auth","laravel-authentication","laravel-authorization","laravel-framework"],"created_at":"2024-09-27T20:05:19.995Z","updated_at":"2026-02-02T12:33:44.257Z","avatar_url":"https://github.com/verzth.png","language":"PHP","funding_links":[],"categories":[],"sub_categories":[],"readme":"# TCX v4.0.0 - Authentication Module for Client-Server Transaction (One Way - Two Way).\n\n### TCX is authentication module to secure API Server.\n\nIt's adapt OAuth2 scheme, but it use more simplify scheme which provide authentication for client-server without need to define scopes.\n\n#### Dependencies\nLaravel **\u003e= 5.6**\n\n#### How to Install\n```\ncomposer require verzth/tcx\n```\n\n#### How to Use\n1. Add our ServiceProvider on your **config/app.php**.\n    ```php\n    return [\n        //...\n        //..\n        //.\n        \n        'providers' =\u003e [\n            // ...\n            Verzth\\TCX\\TCXServiceProvider::class,\n            ...\n        ]\n        \n        //.\n        //..\n        //...\n    ];\n    ```\n\n2. Add TCX Middleware in your **app/Http/Kernel.php**.\n    - In every request.\n    ```php\n        $middleware = [\n            //...\n            \\Verzth\\TCX\\Middleware\\TCXMiddleware::class,\n            //...\n        ];\n    ```\n    or\n    - In your API group middleware only. \n    ```php\n        $middlewareGroups = [\n            //...\n            'api' =\u003e [\n                //...\n                \\Verzth\\TCX\\Middleware\\TCXMiddleware::class,\n                //...\n            ]\n            //...\n        ];\n    ```\n    or\n    - In your route middleware, and you can add manually on your route.\n    ```php\n        $routeMiddleware = [\n            //...\n            'tcx' =\u003e \\Verzth\\TCX\\Middleware\\TCXMiddleware::class,\n            //...\n        ];\n    ```\n\n3. Publish our vendor with artisan command.\n    ```shell script\n    php artisan vendor:publish --provider=Verzth\\TCX\\TCXServiceProvider\n    ```\n    \n4. Migrate our TCX DB. After migrate it, you will get 3 tables (tcx_applications, tcx_accesses, tcx_mkas).\n    ```shell script\n    php artisan migrate\n    ```\n   \n5. Refresh the autoload with below command.\n    ```shell script\n    composer dump-autoload\n    ```\n   \n6. We provide seeder to generate sample data. \n   Simply put below code to file database/seeds/DatabaseSeeder.php, inside run() function.\n    ```php\n    $this-\u003ecall(TCXApplicationsTableSeeder::class);\n    ```\n   then run below script on your shell/command prompt.\n   ```shell script\n   composer db:seed\n   ```\n    \n7. Or just run below script (skip step 6) to generate the sample data.\n    ```shell script\n    php artisan db:seed --class=TCXApplicationsTableSeeder\n    ```\n\n#### Implementation\n1. Authentication Type, TCX support three ways authentication type:\n    - **One Way Transaction Code (OWTC)**: Client only need to use **app_id** and **app_public** to access Server APIs.\n    - **Two Way Transaction Code (TWTC)**: Client has to use **app_id** and **app_public** to get access token, then it can be used to access APIs.\n    - **Free Transaction Code (FTC)**: Client use master token to access APIs, without need to request token for every requests, it's specially design to by pass **TWTC** authentication. You need to\n      generate Master token manually.\n\n    To specify authentication for each APIs assign parameter in the middleware, use **or (|)** sign to specify multiple authentication or use\n    **all** to support all type (Supported type : **all**, **owtc**, **twtc**). By default, TCX will support all authentication if you didn't\n    specifying supported type.\n\n    Client need to specify type by sending **X-TCX-TYPE** header in every APIs request.\n\n2. How to generate credentials:\n    - **app_pass** or **X-TCX-APP-PASS**, it can be generate by hashing plain of joined token (param, time, or none), application public key,\n      and client dynamic token with SHA1. Client need to append the given dynamic token to hash result by splitting with **colon (:)**\n      symbol, then encrypt it with base64.\n      - Param base\n      \n          Sample Parameter:\n          ```\n          abc=123\n          _xyz=789\n          foo=bar\n          def=456\n          bar=ghi\n          ```\n          Expected Token:\n          ```\n          _xyz=789\u0026abc=123\u0026bar=ghi\u0026def=456\u0026foo=bar\n          ```\n      - Time base\n        \n        ```\n        tcx_datetime=YYYYMMDDHHmmss\n        ```\n        \n        Sample\n        ```\n        tcx_datetime=20181230235959 // For 23:59:59, 30 December 2018\n        ```\n        \n      - None, just using application password and client dynamic token.\n    - **token** or **X-TCX-TOKEN**, it's provided when Client authorizing to server, but you need to encrypt it with base64.\n\n3. Authentication Headers.\n    - Type **OWTC**:\n        - **'X-TCX-TYPE'**: **'OWTC'**.\n        - **'X-TCX-APP-ID'**: Client ID.\n        - **'X-TCX-APP-PASS'**: Client Password.\n    - Type **TWTC**:\n        - **'X-TCX-TYPE'**: **'TWTC'**.\n        - **'X-TCX-APP-ID'**: Client ID.\n        - **'X-TCX-APP-PASS'**: Client Password.\n        - **'X-TCX-TOKEN'**: Access Token, obtained by doing authorization.\n    - Type **FTC**:\n        - **'X-TCX-TYPE'**: **'FTC'**.\n        - **'X-TCX-APP-ID'**: Client ID.\n        - **'X-TCX-APP-PASS'**: Client Password.\n        - **'X-TCX-TOKEN'**: Master Access Token.\n\n4. Authorization Routes, TCX provide some routes which is can be used to get access token in TWTC type:\n    - **/tcx/authorize**:\n        - METHOD: POST\n        - Params:\n            * **app_id**: Client application id.\n            * **app_pass**: Client password.\n        \n        Sample **Fail** response\n        \n        ```\n        {\n            \"status\": 0,\n            \"status_number\": \"002\",\n            \"status_code\": \"TCXAFX\",\n            \"status_message\": \"Authentication Failed\"\n        }\n        ```\n        \n        Sample **Success** response\n        \n        ```\n        {\n            \"status\": 1,\n            \"status_number\": \"701\",\n            \"status_code\": \"TCXSSS\",\n            \"status_message\": \"Authentication Success\",\n            \"data\": {\n                \"token\": \"tfDBOa6q3PPTJFd0A8HWftw2sXMV1b5ue6v0intK\",\n                \"refresh\": \"fR0HLeL5qk0ZdtthI2ZsQLZx8BHEP2dSnVaQqkF5\",\n                \"expired_at\": \"2018-10-16 13:31:43\"\n            }\n        }\n        ```\n        \n    - **/tcx/reauthorize**:\n        \n        Refresh token can be used to refresh your existing token, you can pass it to this service and your existing token\n        will be extended. Service will reply new refresh token for your existing token to be used in next refresh.\n        \n        - METHOD: POST\n        - Params:\n            * **app_id**: Client application id.\n            * **token**: Refresh Token.\n            \n        Sample **Fail** response\n        \n        ```\n        {\n            \"status\": 0,\n            \"status_number\": \"002\",\n            \"status_code\": \"TCXAFX\",\n            \"status_message\": \"Authentication Failed\"\n        }\n        ```\n        \n        Sample **Success** response\n        \n        ```\n        {\n            \"status\": 1,\n            \"status_number\": \"701\",\n            \"status_code\": \"TCXSSS\",\n            \"status_message\": \"Token refreshed\",\n            \"data\": {\n                \"refresh\": \"04ITeVxWINOesyHH5Sxx57rN5uAW0ltCWN0cENxD\",\n                \"expired_at\": \"2018-10-16 13:36:42\"\n            }\n        }\n        ```\n\n5. Response Status.\n\n    | Status | Number | Code | Message | Note |\n    | :----: | :----: | :---: | ------- | -------- |\n    | 0 | 70FF000 | TCXREQ | TCX Authentication Required | Provide Authentication Header |\n    | 0 | 20FF001 | TCXRJC | TCX Authentication Rejected | X-TCX-Type not supported or disabled |\n    | 0 | 40FF002 | TCXAFX | TCX Authentication Failed | X-TCX-App-ID not found, invalid, or inactive |\n    | 0 | 50FF003 | TCXPFX | TCX Pass did not match | X-TCX-App-Pass not passed, crosscheck point 2 |\n    | 0 | 50FF004 | TCXMKF | TCX Master Key did not valid | Check the master access key (Only FTC) |\n    | 0 | 50FF005 | TCXTFX | TCX Token did not valid | Check the access key (Only TWTC) |\n    \n    Sample Response:\n    ```\n    {\n        \"status\": 0,\n        \"status_code\": \"TCXREQ\",\n        \"status_number\": \"70FF000\",\n        \"status_message\": \"TCX Authentication Required\"\n    }\n    ```","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fverzth%2Ftcx","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fverzth%2Ftcx","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fverzth%2Ftcx/lists"}