https://github.com/mpyw/null-auth
Null Guard for Laravel. Designed for Middleware-based authentication and testing.
https://github.com/mpyw/null-auth
auth illuminate laravel nothing null
Last synced: 3 months ago
JSON representation
Null Guard for Laravel. Designed for Middleware-based authentication and testing.
- Host: GitHub
- URL: https://github.com/mpyw/null-auth
- Owner: mpyw
- License: mit
- Created: 2019-12-09T18:27:55.000Z (over 6 years ago)
- Default Branch: master
- Last Pushed: 2025-03-04T06:54:12.000Z (about 1 year ago)
- Last Synced: 2025-04-10T01:13:59.006Z (12 months ago)
- Topics: auth, illuminate, laravel, nothing, null
- Language: PHP
- Size: 57.6 KB
- Stars: 18
- Watchers: 2
- Forks: 4
- Open Issues: 1
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# Null Auth [](https://github.com/mpyw/null-auth/actions) [](https://coveralls.io/github/mpyw/null-auth?branch=master)
Null Guard for Laravel. Designed for Middleware-based authentication and testing.
## Requirements
- PHP: `^8.2`
- Laravel: `^11.0 || ^12.0`
> [!NOTE]
> Older versions have outdated dependency requirements. If you cannot prepare the latest environment, please refer to past releases.
## Installing
```bash
composer require mpyw/null-auth
```
## Features
### `NullAuthenticatable` family
| Trait | ID | Password | Remember Token |
|:---|:---:|:---:|:---:|
| `GenericNullAuthenticatable`
`GenericStrictNullAuthenticatable` | ❗️ | ❌| ❌|
| `NullAuthenticatable`
`StrictNullAuthenticatable` | ✅| ❌| ❌|
| `NoRememberTokenAuthenticatable`
`StrictNoRememberTokenAuthenticatable` | ✅| ✅| ❌|
- ❗️shows containing abstract methods.
- `Strict` traits throw `BadMethodCallException` on bad method calls.
### `NullGuard`
- `NullGuard::user()` always returns Authenticatable already set by `NullGuard::setUser()`.
- `NullGuard::unsetUser()` can unset user.
### `NullUserProvider`
- All methods do nothing and always returns falsy value.
## Usage
### Basic Usage
Edit your **`config/auth.php`**.
```php
[
'web' => [
'driver' => 'null', // Use NullGuard for "web"
'provider' => 'users',
],
'api' => [
'driver' => 'token',
'provider' => 'users',
'hash' => false,
],
],
/*
|--------------------------------------------------------------------------
| User Providers
|--------------------------------------------------------------------------
|
| All authentication drivers have a user provider. This defines how the
| users are actually retrieved out of your database or other storage
| mechanisms used by this application to persist your user's data.
|
| If you have multiple user tables or models you may configure multiple
| sources which represent each model / table. These sources may then
| be assigned to any extra authentication guards you have defined.
|
| Supported: "database", "eloquent"
|
*/
'providers' => [
'users' => [
'driver' => 'null', // Use NullUserProvider for "users"
],
// 'users' => [
// 'driver' => 'eloquent',
// 'model' => App\User::class,
// ],
// 'users' => [
// 'driver' => 'database',
// 'table' => 'users',
// ],
],
/* ... */
];
```
## Motivation
### Guard-based API Authentication
Consider authentication that sends HTTP requests to the external platform.
In such a situation, you will probably use [`RequestGuard`] through [`Auth::viaRequest()`] call.
However, some methods on the contracts [`UserProvider`] and [`Authenticatable`] are unsuitable for that.
They heavily rely on the following flow:
1. Retrieve a user from database by email address
2. Verify user's password hash
This library provides a helper that makes the useless contract methods to do nothing; always return nullish or falsy values.
Now we include **`NullAuthenticatable`** trait on a user model.
```php
getAuthIdentifierName()); // string(2) "id"
var_dump($user->getAuthIdentifier()); // int(1)
// Useless implementation for Authenticatable when we don't use StatefulGuard
var_dump($user->getAuthPassword()); // string(0) ""
var_dump($user->getRememberTokenName()); // string(0) ""
var_dump($user->getRememberToken()); // string(0) ""
$user->setRememberToken('...'); // Does nothing
```
### Middleware-based Authentication
Suppose you hate using [`RequestGuard`] and wish implementing authentication on middleware.
Methods such as [`Auth::user()`] cause side effects when called for the first time on each request.
This may lead to inappropriate behaviors if you concentrate authentication on middleware
and use [`Auth::user()`] only as a container for [`Authenticatable`] object.
Don't worry. This library provides **`NullGuard`**,
which is exactly as a simple [`Authenticatable`] container that you want.
[`Auth::user()`] does nothing but returning the cached [`Authenticatable`].
You can just focus on calling [`Auth::setUser()`] on your cool middleware at ease.
```php
client = $client;
}
/**
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle(Request $request, Closure $next)
{
// Return user_id on success, throw AuthenticationException on failure
$userId = $this->client->authenticate($request->input('token'));
// Return User on success, throw ModelNotFoundException on failure
$user = User::findOrFail($userId);
Auth::setUser($user);
return $next($request);
}
}
```
### Testing
Needless to say, it is also useful for testing.
There is no worry about causing side effects.
[`RequestGuard`]: https://github.com/illuminate/auth/blob/master/RequestGuard.php
[`Auth::viaRequest()`]: https://github.com/illuminate/auth/blob/7b2297b6cd5e7000b31caca40399c33832237649/AuthManager.php#L219-L235
[`UserProvider`]: https://github.com/illuminate/contracts/blob/master/Auth/UserProvider.php
[`Authenticatable`]: https://github.com/illuminate/contracts/blob/master/Auth/Authenticatable.php
[`getAuthIdentifierName()`]: https://github.com/illuminate/contracts/blob/6b0122dc740d6db5ab8b1187af313c6e65afeb55/Auth/Authenticatable.php#L7-L12
[`getAuthIdentifier()`]: https://github.com/illuminate/contracts/blob/6b0122dc740d6db5ab8b1187af313c6e65afeb55/Auth/Authenticatable.php#L14-L19
[`Auth::user()`]: https://github.com/illuminate/contracts/blob/6b0122dc740d6db5ab8b1187af313c6e65afeb55/Auth/Guard.php#L21-L26
[`Auth::setUser()`]: https://github.com/illuminate/contracts/blob/6b0122dc740d6db5ab8b1187af313c6e65afeb55/Auth/Guard.php#L43-L49