The package provides JWT authentication method for Yii Auth.
- PHP 7.4 or higher.
The package could be installed with composer:
composer require yiisoft/auth-jwt --prefer-dist
-
Set JWT parameters in your
params.php
config file:'yiisoft/auth-jwt' => [ 'algorithms' => [ // your signature algorithms ], 'serializers' => [ // your token serializers ], 'key' => [ 'secret' => 'your-secret', 'file' => 'your-certificate-file', ], ],
-
Setup definitions, required for
\Yiisoft\Auth\Middleware\Authentication
middleware in a config, for example, inconfig/web/auth.php
:<?php declare(strict_types=1); /** @var array $params */ use Yiisoft\Auth\Jwt\TokenManagerInterface; use Yiisoft\Auth\Jwt\TokenManager; use Yiisoft\Auth\AuthenticationMethodInterface; use Yiisoft\Auth\Jwt\JwtMethod; return [ KeyFactoryInterface::class => [ 'class' => FromSecret::class, '__construct()' => [ $params['yiisoft/auth-jwt']['key']['secret'] ], ], AuthenticationMethodInterface::class => JwtMethod::class, ];
Note: Don't forget to declare your implementations of
\Yiisoft\Auth\IdentityInterface
and\Yiisoft\Auth\IdentityRepositoryInterface
. -
Use
Yiisoft\Auth\Middleware\Authentication
middleware. Read more about middlewares in the middleware guide.
You can configure Authentication
middleware manually:
/** @var \Yiisoft\Auth\IdentityRepositoryInterface $identityRepository */
$identityRepository = getIdentityRepository();
$tokenRepository = $container->get(\Yiisoft\Auth\Jwt\TokenRepositoryInterface::class);
$authenticationMethod = new \Yiisoft\Auth\Jwt\JwtMethod($identityRepository, $tokenRepository);
$middleware = new \Yiisoft\Auth\Middleware\Authentication(
$authenticationMethod,
$responseFactory, // PSR-17 ResponseFactoryInterface.
$failureHandler // Optional, \Yiisoft\Auth\Handler\AuthenticationFailureHandler by default.
);
The package is tested with PHPUnit. To run tests:
./vendor/bin/phpunit
The package tests are checked with Infection mutation framework with Infection Static Analysis Plugin. To run it:
./vendor/bin/roave-infection-static-analysis-plugin
The code is statically analyzed with Psalm. To run static analysis:
./vendor/bin/psalm
The Yii Auth JWT is free software. It is released under the terms of the BSD License.
Please see LICENSE
for more information.
Maintained by Yii Software.