https://github.com/tkhamez/slim-role-auth

Role-based authorization for the Slim framework
https://github.com/tkhamez/slim-role-auth

authorization middleware slim-framework

Last synced: 5 months ago
JSON representation

Role-based authorization for the Slim framework

• Host: GitHub
• URL: https://github.com/tkhamez/slim-role-auth
• Owner: tkhamez
• License: mit
• Created: 2018-08-25T14:27:44.000Z (almost 8 years ago)
• Default Branch: main
• Last Pushed: 2025-11-23T13:14:39.000Z (7 months ago)
• Last Synced: 2026-01-03T20:52:36.213Z (6 months ago)
• Topics: authorization, middleware, slim-framework
• Language: PHP
• Homepage:
• Size: 79.1 KB
• Stars: 14
• Watchers: 2
• Forks: 2
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • Changelog: CHANGELOG.md
  • License: LICENSE

Awesome Lists containing this project

README

          
[![Latest Stable Version](http://poser.pugx.org/tkhamez/slim-role-auth/v)](https://packagist.org/packages/tkhamez/slim-role-auth) 

[![Total Downloads](http://poser.pugx.org/tkhamez/slim-role-auth/downloads)](https://packagist.org/packages/tkhamez/slim-role-auth) 

[![License](http://poser.pugx.org/tkhamez/slim-role-auth/license)](https://packagist.org/packages/tkhamez/slim-role-auth) 

[![PHP Version Require](http://poser.pugx.org/tkhamez/slim-role-auth/require/php)](https://packagist.org/packages/tkhamez/slim-role-auth)

[![build](https://github.com/tkhamez/slim-role-auth/workflows/test/badge.svg)](https://github.com/tkhamez/slim-role-auth/actions)

# Role-based authorization

Middleware for the [Slim 4](http://www.slimframework.com/) framework.

For Slim 3 use the 1.0.0 release.

## Installation

With Composer:

```

composer require tkhamez/slim-role-auth

```

## Usage

Example:

```php

use Tkhamez\Slim\RoleAuth\RoleMiddleware;

use Tkhamez\Slim\RoleAuth\SecureRouteMiddleware;

$app = Slim\Factory\AppFactory::create();

// Deny access if a required role is missing.

$app->add(new SecureRouteMiddleware(

    new Slim\Psr7\Factory\ResponseFactory(), // Any implementation of Psr\Http\Message\ResponseFactoryInterface.

    [

        // Route pattern  => Roles, the first "starts-with" match is used.

        '/secured/public' => ['any'],

        '/secured'        => ['user'],

    ],

    ['redirect_url' => null] // Adds the "Location" header instead of a 403 status code if set.

));

// Add roles to request attribute.

$app->add(new RoleMiddleware(

    new App\RoleProvider(), // Any implementation of Tkhamez\Slim\RoleAuth\RoleProviderInterface.

    ['route_pattern' => ['/secured']] // Optionally limit to these routes.

));

// Add routing middleware last, so the Slim router is available from the request.

$app->addRoutingMiddleware();

```

- The `SecureRouteMiddleware` denies access to a route if the required role is missing in the request object.

- The `RoleMiddleware` class adds roles provided by the `RoleProvider` object to the request object.

- You can add multiple role providers for different paths.

For more information, see the inline documentation of the classes.

## Dev Env

```shell

docker build --tag slim-role-auth .

docker run -it --mount type=bind,source="$(pwd)",target=/app --workdir /app slim-role-auth /bin/sh

```