Download the PHP package divante-ltd/pimcore-jwt-auth without Composer
On this page you can find all versions of the php package divante-ltd/pimcore-jwt-auth. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.
Download divante-ltd/pimcore-jwt-auth
More information about divante-ltd/pimcore-jwt-auth
Files in divante-ltd/pimcore-jwt-auth
Package pimcore-jwt-auth
Short Description Module allowing to use JWT with Pimcore User object
License GPL-3.0-or-later
Homepage https://divante.com
Informations about the package pimcore-jwt-auth
JWT Auth
This bundle provides JWT (Json Web Token) authentication for your Pimcore API.
It is based on lexik/jwt-authentication-bundle
It is compatible and tested with PHP 7 and Pimcore 6.
Table of Contents
- JWT module
- Prerequisites
- Installation
- Configuration
- Usage
- Usage
- Features
- Supported Pimcore types
- Standards & Code Quality
- About Authors
Prerequisites
This module requires Pimcore 6 and openssl extension.
Installation
Create User class in Pimcore:
Register dependencies in app/AppKernel.php
:
Generate the SSH keys :
In case first command forces you to input password use following to get the private key decrypted
Configuration
Configure the SSH keys path in your app/config/lexik_jwt_authentication.yaml
:
Configure CORS configuration in app/config/nelmio_cors.yml
:
Configure your app/config/security.yml
:
Configure yor app/config/config.yml
:
Configure your config/routing.yml
:
Usage
The first step is to authenticate the user using its credentials. A classical form_login on an anonymously accessible firewall will do perfect.
Just set the provided lexik_jwt_authentication.handler.authentication_success
service as success handler to
generate the token and send it as part of a json response body.
Store it (client side), the JWT is reusable until its ttl has expired (3600 seconds by default). Create in Pimcore panel an object of class User and fill its credentials.
Note: You can test getting the token with a simple curl command like this:
If it works, you will receive something like this:
Use the token
Simply pass the JWT on each request to the protected firewall, either as an authorization header or as a query parameter.
By default only the authorization header mode is enabled : Authorization: Bearer {token}
About token expiration
Each request after token expiration will result in a 401 response. Redo the authentication process to obtain a new token.
Maybe you want to use a refresh token to renew your JWT. In this case you can check JWTRefreshTokenBundle.
More details
For more details head to LexikJWTAuthenticationBundle
Standards & Code Quality
This module respects PSR-2 code quality rule and our own PHPCS and PHPMD rulesets.
About Authors
We are a Software House from Europe, existing from 2008 and employing about 150 people. Our core competencies are built around Magento, Pimcore and bespoke software projects (we love Symfony3, Node.js, Angular, React, Vue.js). We specialize in sophisticated integration projects trying to connect hardcore IT with good product design and UX.
We work for Clients like INTERSPORT, ING, Odlo, Onderdelenwinkel and CDP, the company that produced The Witcher game. We develop two projects: Open Loyalty - an open source loyalty program and Vue.js Storefront.
We are part of the OEX Group which is listed on the Warsaw Stock Exchange. Our annual revenue has been growing at a minimum of about 30% year on year.
Visit our website Divante.co for more information.
All versions of pimcore-jwt-auth with dependencies
pimcore/pimcore Version ~6.7.0
lexik/jwt-authentication-bundle Version ^2.8
nelmio/cors-bundle Version ^2.1