https://github.com/stefmedjo/api-starter

This is a starter project for any PHP Symfony API platform project with user creation and authentication (jwt access and refresh tokens implementation)
https://github.com/stefmedjo/api-starter

access-token api apiplatform authentication jwt jwt-authentication php refresh-token restful-api symfony

Last synced: 8 months ago
JSON representation

This is a starter project for any PHP Symfony API platform project with user creation and authentication (jwt access and refresh tokens implementation)

• Host: GitHub
• URL: https://github.com/stefmedjo/api-starter
• Owner: stefmedjo
• Created: 2021-08-24T08:12:14.000Z (over 4 years ago)
• Default Branch: main
• Last Pushed: 2021-08-24T09:23:41.000Z (over 4 years ago)
• Last Synced: 2025-04-03T00:26:52.623Z (11 months ago)
• Topics: access-token, api, apiplatform, authentication, jwt, jwt-authentication, php, refresh-token, restful-api, symfony
• Language: PHP
• Homepage:
• Size: 42 KB
• Stars: 0
• Watchers: 1
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md

Awesome Lists containing this project

README

          
# API Platform starter

This is a starter for your API platform project.

## Requirements

* PHP 7.4

* MySQL 5

## Generate keys

Create a folder named jwt in config folder:

```bash

mkdir config/jwt

```

Generate a private key using openssl

```bash

openssl genrsa -out config/jwt/private.pem -aes256 4096

```

You will have to provide a pass phrase.

Next, you will generate the public key:

```bash

openssl rsa -pubout -in config/jwt/private.pem -out config/jwt/public.pem

```

You will have to provide the same pass phrase.

## Configuration

In the config/packages/lexik_jwt_authentication.yaml file, you have to add

the token_ttl (An access token has a “time-to-live” (ttl), which is the maximum time that the access token will be valid for use within the application. 3600 seconds is 1 hour)

## Add refresh token 

```bash

composer require gesdinet/jwt-refresh-token-bundle

```

In the file config/routes.yaml, add :

```bash

gesdinet_jwt_refresh_token:

    path:       /token/refresh

    controller: gesdinet.jwtrefreshtoken::refresh

```

In the security, add this in the firewall section:

```bash

    refresh:

        pattern:  ^/token/refresh

        stateless: true

        anonymous: true

```

Create gesdinet_jwt_refresh_token.yaml in config/packages, and add :

```bash

  gesdinet_jwt_refresh_token:

      ttl: 2592000

      user_identity_field: email

```