Data

Tools

Indexes

Applications

Experiments

Awesome

An open API service indexing awesome lists of open source software.

https://github.com/mpyw/scoped-auth

Apply specific scope for user authentication.
https://github.com/mpyw/scoped-auth

auth illuminate laravel scope

Last synced: about 1 year ago
JSON representation

Apply specific scope for user authentication.

Awesome Lists containing this project

README 

          
# Scoped Auth



[![Build Status](https://github.com/mpyw/scoped-auth/actions/workflows/ci.yml/badge.svg?branch=master)](https://github.com/mpyw/scoped-auth/actions)

[![Coverage Status](https://coveralls.io/repos/github/mpyw/scoped-auth/badge.svg?branch=master)](https://coveralls.io/github/mpyw/scoped-auth?branch=master)



Apply specific scope for user authentication.



## Requirements



- PHP: `^8.2`

- Laravel: `^11.0 || ^12.0`



> [!NOTE]

> Older versions have outdated dependency requirements. If you cannot prepare the latest environment, please refer to past releases.



## Installing



Via [Composer](https://getcomposer.org/)



```bash

$ composer require mpyw/scoped-auth

```



### For [Fortify](https://github.com/laravel/fortify) users



> [!WARNING]

> Default Fortify's [`RedirectIfTwoFactorAuthenticatable`](https://github.com/laravel/fortify/blob/7da6504f5f8a5fe6854dedaffc81ac497194ba56/src/Actions/RedirectIfTwoFactorAuthenticatable.php#L89-L91) implementation directly uses internal `Model` under `UserProvider`, however, [the Laravel author won't be willing to fix it for whatever reason](https://github.com/laravel/fortify/pull/393). So we need to configure Fortify like this:



CustomFortifyAuthenticator.php



```php

getProvider();



        assert($provider instanceof UserProvider);

        $this->provider = $provider;

    }



    public function __invoke(Request $request): ?Authenticatable

    {

        $user = $this->provider->retrieveByCredentials([

            Fortify::username() => $request->input(Fortify::username()),

        ]);



        return $user && $this->provider->validateCredentials($user, [

            self::PASSWORD_NAME => $request->input(self::PASSWORD_NAME),

        ]) ? $user : null;

    }

}

```



AuthServiceProvider.php



```php



> [!NOTE]

> Re-submitted PR [laravel/fortify#582](https://github.com/laravel/fortify/pull/582) has been already merged, but it's not released yet at 2025-03-05. Once it's released, you can remove this workaround.



## Testing



Via [PHPUnit](https://phpunit.de/)



```bash

$ composer test

```



## Usage



Implement **AuthScopable** contract on your Authenticatable Eloquent Model.



```php

where('active', 1);

    }

}

```



```php

where('active', 1);

}



public function scopeForAuthentication(Builder $query): Builder

{

    return $this->scopeActive($query);

}

```



As a by-product, you can also run scope queries based on the standard Eloquent way.



```php

$user = User::where('email', 'xxx@example.com')->forAuthentication()->firstOrFail();

```



```php

$user = User::where('email', 'xxx@example.com')->scopes(['forAuthentication'])->firstOrFail();

```



## Standards



- [PSR-1: Basic Coding Standard](https://www.php-fig.org/psr/psr-1/)

- [PSR-2: Coding Style Guide](https://www.php-fig.org/psr/psr-2/)

- [PSR-4: Autoloader](https://www.php-fig.org/psr/psr-4/)

- [Semantic Versioning 2.0.0](https://semver.org/)



## Credits



- [mpyw](https://github.com/mpyw)

- [All Contributors](../../contributors)



## License



Licensed under the MIT License. See [License File](LICENSE.md) for more information.