{"id":14966364,"url":"https://github.com/yiisoft/auth","last_synced_at":"2025-04-13T08:20:25.478Z","repository":{"id":36127000,"uuid":"221271567","full_name":"yiisoft/auth","owner":"yiisoft","description":null,"archived":false,"fork":false,"pushed_at":"2025-02-11T10:57:25.000Z","size":194,"stargazers_count":34,"open_issues_count":5,"forks_count":13,"subscribers_count":17,"default_branch":"master","last_synced_at":"2025-04-10T21:24:29.887Z","etag":null,"topics":["auth","authentication","basic","bearer","hacktoberfest","middleware","psr-15","yii3"],"latest_commit_sha":null,"homepage":"https://www.yiiframework.com/","language":"PHP","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"bsd-3-clause","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/yiisoft.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":".github/CONTRIBUTING.md","funding":".github/FUNDING.yml","license":"LICENSE.md","code_of_conduct":".github/CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":".github/SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null},"funding":{"open_collective":"yiisoft","github":["yiisoft"]}},"created_at":"2019-11-12T17:14:46.000Z","updated_at":"2025-02-11T10:57:27.000Z","dependencies_parsed_at":"2023-02-13T18:48:43.889Z","dependency_job_id":"38044985-346b-4393-95bf-a987b8e9dc26","html_url":"https://github.com/yiisoft/auth","commit_stats":{"total_commits":132,"total_committers":20,"mean_commits":6.6,"dds":0.6363636363636364,"last_synced_commit":"dc0da9b7648c488376cd320bc0ea1a5b073e9834"},"previous_names":[],"tags_count":8,"template":false,"template_full_name":"yiisoft/package-template","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/yiisoft%2Fauth","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/yiisoft%2Fauth/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/yiisoft%2Fauth/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/yiisoft%2Fauth/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/yiisoft","download_url":"https://codeload.github.com/yiisoft/auth/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248681598,"owners_count":21144715,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["auth","authentication","basic","bearer","hacktoberfest","middleware","psr-15","yii3"],"created_at":"2024-09-24T13:36:16.612Z","updated_at":"2025-04-13T08:20:25.446Z","avatar_url":"https://github.com/yiisoft.png","language":"PHP","funding_links":["https://opencollective.com/yiisoft","https://github.com/sponsors/yiisoft"],"categories":[],"sub_categories":[],"readme":"\u003cp align=\"center\"\u003e\n    \u003ca href=\"https://github.com/yiisoft\" target=\"_blank\"\u003e\n        \u003cimg src=\"https://yiisoft.github.io/docs/images/yii_logo.svg\" height=\"100px\" alt=\"Yii\"\u003e\n    \u003c/a\u003e\n    \u003ch1 align=\"center\"\u003eYii Auth\u003c/h1\u003e\n    \u003cbr\u003e\n\u003c/p\u003e\n\n[![Latest Stable Version](https://poser.pugx.org/yiisoft/auth/v)](https://packagist.org/packages/yiisoft/auth)\n[![Total Downloads](https://poser.pugx.org/yiisoft/auth/downloads)](https://packagist.org/packages/yiisoft/auth)\n[![Build status](https://github.com/yiisoft/auth/actions/workflows/build.yml/badge.svg)](https://github.com/yiisoft/auth/actions/workflows/build.yml)\n[![Code Coverage](https://codecov.io/gh/yiisoft/auth/graph/badge.svg?token=HEZPNOVX64)](https://codecov.io/gh/yiisoft/auth)\n[![Mutation testing badge](https://img.shields.io/endpoint?style=flat\u0026url=https%3A%2F%2Fbadge-api.stryker-mutator.io%2Fgithub.com%2Fyiisoft%2Fauth%2Fmaster)](https://dashboard.stryker-mutator.io/reports/github.com/yiisoft/auth/master)\n[![static analysis](https://github.com/yiisoft/auth/workflows/static%20analysis/badge.svg)](https://github.com/yiisoft/auth/actions?query=workflow%3A%22static+analysis%22)\n[![type-coverage](https://shepherd.dev/github/yiisoft/auth/coverage.svg)](https://shepherd.dev/github/yiisoft/auth)\n\nThe package provides various authentication methods, a set of abstractions to implement in your application, and\na [PSR-15](https://www.php-fig.org/psr/psr-15/) middleware to authenticate an identity.\n\n## Requirements\n\n- PHP 8.0 or higher.\n\n## Installation\n\n```shell\ncomposer require yiisoft/auth\n```\n\n## General usage\n\nConfigure a middleware and add it to your middleware stack:\n\n```php\n$identityRepository = getIdentityWithTokenRepository(); // \\Yiisoft\\Auth\\IdentityRepositoryInterface\n$authenticationMethod = new \\Yiisoft\\Auth\\Method\\HttpBasic($identityRepository);\n\n$middleware = new \\Yiisoft\\Auth\\Middleware\\Authentication(\n    $authenticationMethod,\n    $responseFactory, // PSR-17 ResponseFactoryInterface\n    $failureHandler // optional, \\Yiisoft\\Auth\\Handler\\AuthenticationFailureHandler by default\n);\n\n$middlewareDispatcher-\u003eaddMiddleware($middleware);\n```\n\nIn order to get an identity instance in the following middleware use `getAttribute()` method of the request instance:\n\n```php\npublic function actionIndex(\\Psr\\Http\\Message\\ServerRequestInterface $request): \\Psr\\Http\\Message\\ResponseInterface\n{\n    $identity = $request-\u003egetAttribute(\\Yiisoft\\Auth\\Middleware\\Authentication::class);\n    // ...\n}\n```\n\n### HTTP basic authentication\n\nBasic HTTP authentication is typically used for entering login and password in the browser.\nCredentials are passed as `$_SERVER['PHP_AUTH_USER']` and `$_SERVER['PHP_AUTH_PW']`.\n\n```php\n$authenticationMethod = (new \\Yiisoft\\Auth\\Method\\HttpBasic($identityRepository))\n    -\u003ewithRealm('Admin')\n    -\u003ewithAuthenticationCallback(static function (\n        ?string $username,\n        #[\\SensitiveParameter] ?string $password,\n        \\Yiisoft\\Auth\\IdentityWithTokenRepositoryInterface $identityRepository\n    ): ?\\Yiisoft\\Auth\\IdentityInterface {\n        return $identityRepository-\u003efindIdentityByToken($username, \\Yiisoft\\Auth\\Method\\HttpBasic::class);\n    });\n```\n\nRealm is typically what you will see in the browser prompt asking for a login and a password.\nCustom authentication callback set in the above is the same as default behavior when it is not specified.\n\n### HTTP bearer authentication\n\nBearer HTTP authentication is typically used in APIs. Authentication token is passed in `WWW-Authenticate` header.\n\n```php\n$authenticationMethod = new \\Yiisoft\\Auth\\Method\\HttpBearer($identityRepository);\n```\n\n### Custom HTTP header authentication\n\nCustom HTTP header could be used if you do not want to leverage bearer token authentication:\n\n```php\n $authenticationMethod = (new \\Yiisoft\\Auth\\Method\\HttpHeader($identityRepository))\n     -\u003ewithHeaderName('X-Api-Key')\n     -\u003ewithPattern('/(.*)/'); // default\n```\n\nIn the above we use full value of `X-Api-Key` header as token.\n\n### Query parameter authentication\n\nThis authentication method is mainly used by clients unable to send headers. In case you do not have such clients\nwe advise not to use it.\n\n```php\n$authenticationMethod = (new \\Yiisoft\\Auth\\Method\\QueryParameter($identityRepository))\n    -\u003ewithParameterName('token');\n```\n\n### Using multiple authentication methods\n\nTo use multiple authentication methods, use `Yiisoft\\Auth\\Method\\Composite`:\n\n```php\n$authenticationMethod = new \\Yiisoft\\Auth\\Method\\Composite([\n    $bearerAuthenticationMethod,\n    $basicAuthenticationMethod\n]);\n```\n\n## Extension and integration points\n\n- `\\Yiisoft\\Auth\\IdentityInterface` should be implemented by your application identity class. Typically, that is `User`.\n- `\\Yiisoft\\Auth\\IdentityRepositoryInterface` should be implemented by your application identity repository class.\n  Typically, that is `UserIdentity`.\n- `\\Yiisoft\\Auth\\IdentityWithTokenRepositoryInterface` could be additionally implemented by your application\n  identity repository class in case token-based authentication is needed. Typically, that is `UserIdentity`.\n- `\\Yiisoft\\Auth\\AuthenticationMethodInterface` could be implemented to provide your own authentication method.\n\n## Documentation\n\n- [Internals](docs/internals.md)\n\nIf you need help or have a question, the [Yii Forum](https://forum.yiiframework.com/c/yii-3-0/63) is a good place for that.\nYou may also check out other [Yii Community Resources](https://www.yiiframework.com/community).\n\n## License\n\nThe Yii Auth is free software. It is released under the terms of the BSD License.\nPlease see [`LICENSE`](./LICENSE.md) for more information.\n\nMaintained by [Yii Software](https://www.yiiframework.com/).\n\n## Support the project\n\n[![Open Collective](https://img.shields.io/badge/Open%20Collective-sponsor-7eadf1?logo=open%20collective\u0026logoColor=7eadf1\u0026labelColor=555555)](https://opencollective.com/yiisoft)\n\n## Follow updates\n\n[![Official website](https://img.shields.io/badge/Powered_by-Yii_Framework-green.svg?style=flat)](https://www.yiiframework.com/)\n[![Twitter](https://img.shields.io/badge/twitter-follow-1DA1F2?logo=twitter\u0026logoColor=1DA1F2\u0026labelColor=555555?style=flat)](https://twitter.com/yiiframework)\n[![Telegram](https://img.shields.io/badge/telegram-join-1DA1F2?style=flat\u0026logo=telegram)](https://t.me/yii3en)\n[![Facebook](https://img.shields.io/badge/facebook-join-1DA1F2?style=flat\u0026logo=facebook\u0026logoColor=ffffff)](https://www.facebook.com/groups/yiitalk)\n[![Slack](https://img.shields.io/badge/slack-join-1DA1F2?style=flat\u0026logo=slack)](https://yiiframework.com/go/slack)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fyiisoft%2Fauth","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fyiisoft%2Fauth","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fyiisoft%2Fauth/lists"}