3cplus / auth-middleware
3C plus - api auth middleware
Installs: 14
Dependents: 0
Suggesters: 0
Security: 0
Stars: 0
Watchers: 2
Forks: 0
Open Issues: 0
pkg:composer/3cplus/auth-middleware
Requires
- php: >=8.0
- guzzlehttp/guzzle: ^7.0
- guzzlehttp/psr7: ^2.0
- illuminate/support: ^10.48
- predis/predis: ^2.3
- psr/container: ^2.0
- psr/http-message: ^2.0
- psr/http-server-handler: ^1.0
- psr/http-server-middleware: ^1.0
- psr/simple-cache: ^3.0
- ramsey/uuid: ^4.0
- vlucas/phpdotenv: ^5.6
README
A PHP middleware for authentication using API tokens, with Redis caching support.
Installation
composer require 3cplus/auth-middleware
Description
This middleware authenticates requests by validating API tokens against a remote authentication service. It supports token extraction from both query parameters and Authorization headers. For performance optimization, authenticated user data is cached in Redis.
Requirements
- PHP 7.2 or higher
- Laravel/Illuminate Support
- GuzzleHTTP
- Predis
Environment Variables
The following environment variables are required:
| Variable | Description |
|---|---|
URL_APPLICATION_API |
URL of the authentication API endpoint |
REDIS_CACHE_HOST |
Redis server hostname |
REDIS_CACHE_PORT |
Redis server port |
Usage
Basic Implementation
use Dev3CPlus\Middleware\AuthMiddleware; // Create middleware instance $authMiddleware = new AuthMiddleware(); // Process the request $response = $authMiddleware->process($request, $handler);
Token Extraction
The middleware extracts the API token in the following order:
- From query parameter:
?api_token=your-token - From Authorization header:
Authorization: Bearer your-token
Error Handling
The middleware throws exceptions with appropriate HTTP status codes:
401 Unauthorized: When the API token is missing or invalid500 Internal Server Error: For other processing errors
Caching
Successfully authenticated user data is cached in Redis for 1 hour (3600 seconds) to minimize API calls.