kasitaw/api-key

用户自定义api密钥(使用自定义Laravel守卫)以使客户端能够与服务器进行外部集成

维护者

详细信息

github.com/Kasitaw/api-key

源代码

问题

安装: 96

依赖项: 0

建议者: 0

安全: 0

星标: 2

关注者: 1

分支: 0

开放问题: 0

v3.0.0 2020-10-02 18:51 UTC

Requires

Requires (Dev)

MIT 98995abcedb05a041c8e986cdf0d1ba88eba1c7f

  • Norlihazmey Ghazali <norlihazmey.ghazali.woop@gmail.com>

apikasitawapi-keyapi-integration

This package is auto-updated.

Last update: 2024-09-29 05:55:34 UTC

README

此包使用户能够使用用户定义的api密钥认证守卫轻松地通过Laravel 6.0+进行用户认证

安装

API密钥可以通过composer安装

composer require "kasitaw/api-key"

包将自动注册自己。

您可以使用以下命令发布迁移

php artisan vendor:publish --provider="Kasitaw\ApiKey\ApiKeyServiceProvider" --tag=migrations

迁移发布后,运行以下命令执行迁移

php artisan migrate

您可以使用以下命令发布配置文件

php artisan vendor:publish --provider="Kasitaw\ApiKey\ApiKeyServiceProvider" --tag=config

这是已发布配置文件的内容

<?php

return [
    /**
     * Model use to configure Api Key
     */
    'model' => [
        'api_key' => Kasitaw\ApiKey\ApiKey::class, // Make sure use Kasitaw\ApiKey\Traits\HasApiKey.php trait if you use your own modal
    ],

    /**
     * Table name that reflected to the above model.
     */
    'table_name' => [
        'api_keys' => 'api_keys', // Table name to the above model
    ],

    /**
     * Column name being used to store generated api key
     */
    'columns' => [
        'key' => 'key',
    ],

    /**
     * Field name that being used to fetch the "apiKey". Either passed through query params or as a body.
     */
    'request_key' => [
        'api_key' => 'api_key',
    ],

    /**
     * Generated key length.
     */
    'key_length' => 80,
];

用法

在开始之前,将config/auth.php守卫配置如下

'guards' => [
    'web' => [
        //
    ],

    'api' => [
        //
    ],

    /*
     * Adding new `api_key` key into guards section 
     */
    'api_key' => [
        'driver' => 'api_key',
    ]
],

App\User.php模型或实现\Illuminate\Contracts\Auth\Authenticatable接口的任何模型中使用HasApiKey.php特性

<?php

namespace App;

use Kasitaw\ApiKey\Traits\HasApiKey;
use Illuminate\Foundation\Auth\User as Authenticatable;

class User extends Authenticatable
{
    use HasApiKey;
}

使用以下中间件调用端点

// Using `auth:api` as regular user authentication
Route::get('/users', function() {
    // 
})->middleware('auth:api');

// Using `auth:api_key` to authenticate user for external api
Route::get('/external/intergation/users', function() {
    dd(request()->user());
    // or using Auth::guard('api_key')->user()
    // or using auth('api_key')->user()
})->middleware('auth:api_key');

最后,让我们进行认证。有3种方式传递生成的key

  1. 使用查询参数。例如 /users?api_key=xxx
  2. 使用HTTP正文。例如 api_key = xxx
  3. 使用Authorization头部。例如 Authorization Bearer xxx

注意:请求头部应提供Accept头部。例如 Accept: application/json

用于管理key的可用方法

生成新的api密钥,该密钥与认证用户相关联

$user->generateNewKey(); // By default will activate the key, pass `false` params to make it inactive

激活所有现有密钥

$user->activateAllKeys();

使用key激活密钥

$user->activateKeyByKey('J1VFYTgUafp21ljEkanJYYnlY1j4REURXgAKzlwAUxABfCWPw4PBw9HKYbG4GWNvi125WUO0P2e7MmqC');

// or 

$user->activateKeyByKey(
    'J1VFYTgUafp21ljEkanJYYnlY1j4REURXgAKzlwAUxABfCWPw4PBw9HKYbG4GWNvi125WUO0P2e7MmqC',
    '5c9fuEbAny4737an7hXC9VdNmDzd1yE0qn6Am9R8nNzJ0HWROn1daMJ19Lp36XLJlI5QIAkv6xYUkt6U'
);

使用uuid激活密钥

$user->activateKeyByUuid('e0b9ed50-31b4-4ed6-a0f7-71490fa15ad6');

// or

$user->activateKeyByUuid(
    'e0b9ed50-31b4-4ed6-a0f7-71490fa15ad6',
    '597a67f8-9c19-4c2b-98ff-8020c0f7e360'
);

撤销所有现有密钥

$user->revokeAllKeys();

使用key撤销密钥

$user->revokeKeyByKey('J1VFYTgUafp21ljEkanJYYnlY1j4REURXgAKzlwAUxABfCWPw4PBw9HKYbG4GWNvi125WUO0P2e7MmqC');

// or 

$user->revokeKeyByKey(
    'J1VFYTgUafp21ljEkanJYYnlY1j4REURXgAKzlwAUxABfCWPw4PBw9HKYbG4GWNvi125WUO0P2e7MmqC',
    '5c9fuEbAny4737an7hXC9VdNmDzd1yE0qn6Am9R8nNzJ0HWROn1daMJ19Lp36XLJlI5QIAkv6xYUkt6U'
);

使用uuid撤销密钥

$user->revokeKeyByUuid('e0b9ed50-31b4-4ed6-a0f7-71490fa15ad6');

// or

$user->revokeKeyByUuid(
    'e0b9ed50-31b4-4ed6-a0f7-71490fa15ad6',
    '597a67f8-9c19-4c2b-98ff-8020c0f7e360'
);

使用key删除密钥

$user->removeKeyByKey('J1VFYTgUafp21ljEkanJYYnlY1j4REURXgAKzlwAUxABfCWPw4PBw9HKYbG4GWNvi125WUO0P2e7MmqC');

// or 

$user->removeKeyByKey(
    'J1VFYTgUafp21ljEkanJYYnlY1j4REURXgAKzlwAUxABfCWPw4PBw9HKYbG4GWNvi125WUO0P2e7MmqC',
    '5c9fuEbAny4737an7hXC9VdNmDzd1yE0qn6Am9R8nNzJ0HWROn1daMJ19Lp36XLJlI5QIAkv6xYUkt6U'
);

使用uuid删除密钥

$user->removeKeyByUuid('e0b9ed50-31b4-4ed6-a0f7-71490fa15ad6');

// or

$user->removeKeyByUuid(
    'e0b9ed50-31b4-4ed6-a0f7-71490fa15ad6',
    '597a67f8-9c19-4c2b-98ff-8020c0f7e360'
);

获取所有密钥

$keys = $user->api_keys;

foreach($keys as $key) {
    // 
}

删除所有密钥

$user->removeAllKeys();

获取所有激活密钥

$keys = $user->api_keys()->active()->get();

foreach($keys as $key) {
    // 
}

获取所有非激活密钥

$keys = $user->api_keys()->inActive()->get();

foreach($keys as $key) {
    // 
}

检查密钥是否激活

$key = $user->api_keys->first();

dd($key->isActive());

或直接检查密钥是否激活

$uuid = 'e0b9ed50-31b4-4ed6-a0f7-71490fa15ad6';
$user->isKeyActive($uuid); // true/false, return null if key not found

// or
$key = 'J1VFYTgUafp21ljEkanJYYnlY1j4REURXgAKzlwAUxABfCWPw4PBw9HKYbG4GWNvi125WUO0P2e7MmqC';
$user->isKeyActive($key);

测试

使用以下命令运行测试

vendor/bin/phpunit --testdox --verbose

许可协议

此包是开源软件,根据MIT许可证授权