intervention / httpauth
HTTP Authentication Management for PHP
Fund package maintenance!
Intervention
Ko Fi
paypal.me/interventionio
Installs: 8 358 891
Dependents: 5
Suggesters: 0
Security: 0
Stars: 82
Watchers: 5
Forks: 13
Open Issues: 0
Requires
- php: ^8.2
Requires (Dev)
- phpstan/phpstan: ^1
- phpunit/phpunit: ^10.0
- slevomat/coding-standard: ~8.0
- squizlabs/php_codesniffer: ^3.8
This package is auto-updated.
Last update: 2024-11-27 16:27:31 UTC
README
HTTP Authentication Management
Installation
You can easily install this library using Composer. Just request the package with the following command:
composer require intervention/httpauth
Documentation
Read the full documentation for this library.
Usage
The workflow is easy. Just create an instance of Authenticator::class
in the first step
and secure your resource in the second step.
1. Create Authenticator Instance
To create authenticator instances you can choose between different methods.
Create Instance by Using Static Factory Method
use Intervention\HttpAuth\Authenticator; // create http basic auth $auth = Authenticator::basic( 'myUsername', 'myPassword', 'Secured Area', ); // create http digest auth $auth = Authenticator::digest( 'myUsername', 'myPassword', 'Secured Area', );
Create Instance by Using Class Constructor
use Intervention\HttpAuth\Authenticator; // alternatively choose DigestVault::class $vault = new BasicVault( 'myUsername', 'myPassword', 'Secured Area', ); $auth = new Authenticator($vault);
Create Instance by Static Factory Method
use Intervention\HttpAuth\Authenticator; // alternatively choose DigestVault::class $vault = new BasicVault( 'myUsername', 'myPassword', 'Secured Area', ); $auth = Authenticator::withVault($vault);
2. Ask User for Credentials
After you created a HTTP authentication instance, you have to call secure()
to secure the resource. This results in a 401 HTTP response and the browser
asking for credentials.
$auth->secure();
A character string can optionally be passed to the method. This is displayed if authentication fails. Output from template engines can also be used here.
$auth->secure('Sorry, you can not access this resource!');
Server Configuration
Apache
If you are using Apache and running PHP with CGI/FastCGI, check the server configuration to make sure the authorization headers are passed correctly to PHP:
https://support.deskpro.com/en/kb/articles/missing-authorization-headers-with-apache
Authors
This library is developed and maintained by Oliver Vogel
Thanks to the community of contributors who have helped to improve this project.
License
Intervention HttpAuth is licensed under the MIT License.