Download the PHP package bnabriss/mix-auth without Composer
On this page you can find all versions of the php package bnabriss/mix-auth. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.
Informations about the package mix-auth
Mix Auth
This auth vendor used for laravel framework, to mix laravel sessions with api tokens, so you can use the same middleware and same routes to authenticate the request, if the request contains sessions cookie or it support an api token.
Features
- More secure than default token auth in laravel since it using hashes for tokens.
- Support many tokens for the same account, so the devices will not share the same token.
- Support sessions if it exist in the request and there is no token entered.
- Support many ways to provide token thought url query, request body and request header.
- Support many guards.
- More customizable since you can specify expire time, max step time between requests.
Requirements
- PHP >=7.1.3
- Laravel ^5.6
Installation
Require this package with composer.
Laravel >5.5 uses Package Auto-Discovery, so doesn't require you to manually add the ServiceProvider. If you don't use auto-discovery, add the ServiceProvider to the providers array in config/app.php
You can customize some settings of the vendor using config/mix-auth.php
that you can publish it using the publish command
so we encourage you to read config file and learn more about customization After you customize you config you should migrate your database to add tokens table to your database using migration command
Note that migration depends on some configuration in config file, so we encourage you to re-migrate (refresh) database after you make changes in the config file.
The models that use this auth should use the HasMixAuth.php
trait in your model to add some helpful methods in your model
Usage
Generate token
You can generate token for the user simply generate token of custom user or for authenticated user with specific guard.
Note that to use the guard you must specify it the config file so you can use it, by default the file contains only web guard, see user example in the config file itself.
Note that the generate token methods will not generate sessions if you disable the key
token_sessions
in the config or it already generated.Auth middleware
You can simply set the middleware for the route using the route-middleware, so the middleware will register the auth if the token exist. if the token has invalid value or expired the middleware will throw an exception
Delete token
You can delete user token by using the defined relations token in the trait
or you can even delete all tokens for that user (including other devices' tokens) by
You may need to disable api middleware
auth:api
if you need to use this vendor to api route