Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/4rthem/jwt-request-signer
Protect access to your resources with JWT
https://github.com/4rthem/jwt-request-signer
Last synced: 13 days ago
JSON representation
Protect access to your resources with JWT
- Host: GitHub
- URL: https://github.com/4rthem/jwt-request-signer
- Owner: 4rthem
- Created: 2020-04-01T09:50:29.000Z (almost 5 years ago)
- Default Branch: master
- Last Pushed: 2020-04-02T15:17:07.000Z (almost 5 years ago)
- Last Synced: 2024-11-10T13:43:58.740Z (2 months ago)
- Language: PHP
- Size: 39.1 KB
- Stars: 0
- Watchers: 3
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# JWT Request Signer
Sign your URLs with a JWT token to protect access to your resources.
[](https://travis-ci.com/4rthem/jwt-request-signer)
## Installation
```bash
composer require arthem/jwt-request-signer
# add a library that implements psr/http-factory-implementation
composer require nyholm/psr7
```
## Usage
Generate signed URL for your resources (an image for instance):
```php
signRequest($requestToSign);
$signedUri = (string) $signedRequest->getUri();
```
Now add authorization to your resource:
```php
validateSignedRequest($currentRequest);
} catch (InvalidTokenException $e) {
echo "Access denied";
exit;
}
// Stream your image here...
```
### Frameworks
Symfony [request-signer-bundle](https://github.com/4rthem/request-signer-bundle)
## Configuration
### Determinant headers
In order to offer a strict protection, most headers are signed.
You can exclude some headers that are not determinant:
```php
addUnsignedHeader('X-Time');
```