{"id":21831773,"url":"https://github.com/wuespace/wuespace-jwt-login","last_synced_at":"2026-05-20T04:32:38.272Z","repository":{"id":40306038,"uuid":"351798530","full_name":"wuespace/wuespace-jwt-login","owner":"wuespace","description":"A PHP-based Login System/JWT Token Dispenser for organization members","archived":false,"fork":false,"pushed_at":"2023-02-13T06:56:54.000Z","size":717,"stargazers_count":3,"open_issues_count":3,"forks_count":0,"subscribers_count":3,"default_branch":"main","last_synced_at":"2025-02-21T00:08:06.789Z","etag":null,"topics":["api","authentication","jwt","php","php7"],"latest_commit_sha":null,"homepage":"https://jwt-login.wuespace.de","language":"PHP","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/wuespace.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2021-03-26T13:53:33.000Z","updated_at":"2022-02-12T13:47:30.000Z","dependencies_parsed_at":"2023-01-30T23:30:53.811Z","dependency_job_id":null,"html_url":"https://github.com/wuespace/wuespace-jwt-login","commit_stats":null,"previous_names":[],"tags_count":4,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/wuespace%2Fwuespace-jwt-login","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/wuespace%2Fwuespace-jwt-login/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/wuespace%2Fwuespace-jwt-login/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/wuespace%2Fwuespace-jwt-login/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/wuespace","download_url":"https://codeload.github.com/wuespace/wuespace-jwt-login/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":244804225,"owners_count":20513071,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["api","authentication","jwt","php","php7"],"created_at":"2024-11-27T19:15:32.357Z","updated_at":"2026-05-20T04:32:38.228Z","avatar_url":"https://github.com/wuespace.png","language":"PHP","funding_links":[],"categories":[],"sub_categories":[],"readme":"# wuespace-jwt-login\n\n\u003e A PHP-based Login System/JWT Token Dispenser for organization members\n\n![Screenshot](img/screenshot.png)\n\n## System Requirements\n\n- Linux-based web server running Apache 2 and PHP 7.2+\n- npm (with the `npx` command)\n- `ssh-keygen` and `openssl`\n\n## Installation\n\n1. Login to your server\n2. Create a suitable domain (e.g., https://login.wuespace.de)\n3. Clone this repository\n4. Run `php composer.phar install` to install required dependencies\n5. Configure the login system (cf. *Configuration*)\n6. Forward your domain to the root of the cloned repository folder\n\n## Configuration\nAll configuration takes place in the `data` folder.\n\n### `keys` (`key` and `key.pub`)\nFirst things first, you'll need to generate private and public keys.\n\nTo generate the keys, enter the `/data/keys` folder and run these two commands:\n\n```shell\nssh-keygen -t rsa -b 4096 -m PEM -f key \u0026\u0026 openssl rsa -in key -pubout -outform PEM -out key.pub\n```\n\u003e **:warning: NOTE:** Don't add a passphrase to these keys as it is not supported by the system.\n\nThe public key can (and should) be shared with applications using the login systems.\n\nThe private key, however, should be kept private under all circumstances.\n\n\n### `registered-domains.json`\n\nIn `/data/registered-domains.json`, you can add domains that may use the login system (to which the system can redirect \nafter the form gets filled). Redirect urls must **begin** with the exact domain registered here.\nFor security purposes, we recommend being as precise as possible with these domains.\n\n### `config.json`\n\nIn `config.json`, you can set the following preferences:\n\n- `token_expire_after` - The number of seconds how long a token can be used before it expires.\n  Tokens cannot get revoked, meaning you should choose a value where, in case of a compromise,\n  it is acceptable to shut down services for that duration after a compromise is detected.\n\n### Users\nEach user is identified using a `[username].json` file within the `/data/users` folder.\n\nThis, in turn, also creates the boundaries of valid usernames, as in \"valid UNIX file names\".\n\nA user file is structured in the following way:\n\n```json\n{\n  \"password\":\"SOME_TOKEN_HERE\",\n  \"data\": {\n    \"role\": \"member\",\n    \"meerkats-editor-at\": [\"https://www.wuespace.de/\"]\n  }\n}\n```\n\n`\"password\"` is a hash for the user's password, encoded using PHP's `password_hash()`.\n\n`\"data\"` can contain any data and is readable by any application that consumes the token. It can, thus, for example\ncontain information about specific permissions within a system and so on.\n\n#### Adding a user\n\nYou can use the integrated micro-CLI to add a new user.\n\nTo use it, run `./data/add-user.sh`.\n\nOn non-Linux systems, you can alternatively set the `NEW_USERNAME` and\n`NEW_PASSWORD` environment variables to their desired values and run\n`php ./data/cli-add-user.php`.\n\n## Usage\n\n### Forwarding\n\nOpen the following request in a browser (usually by just entering the domain):\n\n```http request\nGET https://login.wuespace.de?source=[domain]\n```\n\nThe user is now asked to login with their credentials.\n\nUpon success, they'll get asked whether to transmit the listed data to `[domain]`.\n\nIf they agree, a `POST` request with the token as `\"token\"` within the `form-data` gets submitted to `[domain]`.\n\n**Please note that `[domain]` has to begin with a domain registered in `registered-domains.json`.**\n\n### API\n(detailed docs coming soon)\n\n```http request\nPOST https://login.wuespace.de/api.php?source=[domain]\n```\n\nWith `user` and `pass` (username and password) as `form-data`.\n\nPossible responses:\n- `200` - Returned body = token\n- `401` - Wrong credentials\n- `400` - No/incomplete user data specified or source not in `registered-domains.json`\n\n## License\n\nMIT © [WüSpace e. V.](https://www.wuespace.de)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fwuespace%2Fwuespace-jwt-login","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fwuespace%2Fwuespace-jwt-login","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fwuespace%2Fwuespace-jwt-login/lists"}