Data

Tools

Indexes

Applications

Experiments

Awesome

An open API service indexing awesome lists of open source software.

https://github.com/ibra4/api-key

Laravel package provides a simple API key authentication mechanism for your Laravel applications. It allows you to protect your API endpoints by validating API keys sent with each request
https://github.com/ibra4/api-key

api-key authentication laravel php

Last synced: 16 days ago
JSON representation

Laravel package provides a simple API key authentication mechanism for your Laravel applications. It allows you to protect your API endpoints by validating API keys sent with each request

Awesome Lists containing this project

README 

          
[![StandWithPalestineBadge](https://raw.githubusercontent.com/saedyousef/StandWithPalestine/main/badges/flat/IStandWithPalestine.svg)](https://techforpalestine.org/learn-more)



# Laravel API Key Authentication Package



This Laravel package provides a simple API key authentication mechanism for your Laravel applications. It allows you to protect your API endpoints by validating API keys sent with each request.



## Requirements



- PHP 7.3 or higher



Tested on Laravel ^8.75



## Installation



You can install this package via Composer:



```bash

composer require ibra4/api-key

```



Next, you should publish the package's configuration file:



```bash

php artisan vendor:publish --tag=api_key

```



Then run migrations

```bash

php artisan migrate

```



This command will publish the `api_key.php` configuration file to your `config` directory.



## Configuration



After publishing the configuration file, you can modify the settings in `config/api_key.php` to fit your application's requirements. This file allows you to define various aspects of API key authentication, such as key length, expiration duration, etc.



## Usage



### Prepare your model



- Implement `HasApiKeyInterface` interface

- Use `HasApiKey` trait

  ```patch

  (optional): Model class name (default: App\Models\User)

- description (optional): Description



### Protecting Routes



To protect your API routes with API key authentication, you can use the `simple_api_key` middleware provided by this package. Simply apply this middleware to the routes you want to protect:



```php

Route::middleware('simple_api_key')->get('/api/resource', 'ResourceController@index');

```



This middleware will verify the API key sent with each request and authenticate the associated user.



### Deactivating API Keys



You can deactivate an API key using the provided artisan command:



```bash

php artisan api-key:deactivate {client_id}

```



Replace `{client_id}` with the API key you want to deactivate.



### Removing API Keys



To remove an API key from the system, you can use the following artisan command:



```bash

php artisan api-key:remove {client_id}

```



Replace `{client_id}` with the API key you want to remove.



### Listing API Keys



You can list all API keys stored in the database using the following artisan command:



```bash

php artisan api-key:list

```



This command will display a list of all API keys along with their associated user and status, like.



    

        

            client_id

            description

            model

            model_id

            key

            is_active

            expires_at

            created_at

        

    

    

        

            ibrahim

            Hello World

            App\Models\User

            2

            6af97902bfb6f1c15fea8e079babeca731ee9fb04dd08bb7b6efb80baaed1eb6

            1

            2024-04-19T18:25:58.000000Z

            2024-03-20T18:25:58.000000Z

        

        

            lara

            

            App\Models\Client

            1

            daabe8a2ed4b84f2156a12dca5b29d8aa4b8fbf4b27813aac077bdc654f57c7b

            0

            2024-04-19T18:33:15.000000Z

            2024-03-20T18:33:15.000000Z

        

    



## Middleware Logic



The `ApiKeyMiddleware` included in this package is responsible for authenticating API requests based on the provided API key. It checks the validity and status of the API key and logs in the associated user if the key is valid and active.



## Contributing



Contributions are welcome! If you encounter any issues or have suggestions for improvements, please feel free to open an issue or submit a pull request on GitHub.



## License



This package is open-source software licensed under the [MIT license](LICENSE.md).



## Credits



This package is developed and maintained by [Ibrahim Hammad](https://github.com/ibra4).



---



Feel free to add any additional sections or customize the content as per your project's requirements. This README provides a basic overview of the package and its usage.