Download the PHP package dsweixin/api-auth without Composer

On this page you can find all versions of the php package dsweixin/api-auth. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.

FAQ

After the download, you have to make one include require_once('vendor/autoload.php');. After that you have to import the classes with use statements.

Example:
If you use only one package a project is not needed. But if you use more then one package, without a project it is not possible to import the classes with use statements.

In general, it is recommended to use always a project to download your libraries. In an application normally there is more than one library needed.
Some PHP packages are not free to download and because of that hosted in private repositories. In this case some credentials are needed to access such packages. Please use the auth.json textarea to insert credentials, if a package is coming from a private repository. You can look here for more information.

  • Some hosting areas are not accessible by a terminal or SSH. Then it is not possible to use Composer.
  • To use Composer is sometimes complicated. Especially for beginners.
  • Composer needs much resources. Sometimes they are not available on a simple webspace.
  • If you are using private repositories you don't need to share your credentials. You can set up everything on our site and then you provide a simple download link to your team member.
  • Simplify your Composer build process. Use our own command line tool to download the vendor folder as binary. This makes your build process faster and you don't need to expose your credentials for private repositories.
Please rate this library. Is it a good library?

Example code of dsweixin/api-auth

Informations about the package api-auth

api-auth

laravel API 鉴权

laravel 的 API 鉴权包, api-auth 采用密钥加密的鉴权方式,只要客户端不被反编译从而泄露密钥,该鉴权方式理论上来说是安全的(不考虑量子计算机的出现)。

安装

配置

  1. 注册 ServiceProvider:

    laravel 5.5+ 版本不需要手动注册

  2. 发布配置文件和中间件

  3. App\Http\Kernal 中注册中间件

  4. 添加 role

    然后按照格式把 access_keysecret_key 添加到, config/api_auth.php 里面的 roles 数组中。

  5. 自定义签名方法 (可选) config/api_auth.php 中的 encrypting 可以修改为自定义的签名函数,该函数将传入三个参数: 密钥: $secret_key、随机字符串: $echostr、时间戳: $timestamp,返回签名后的字符串。该函数默认为:

  6. 自定义签名校验规则(可选) config/api_auth.php 中的 rule 可以修改为自定义的校验函数,该函数将传入三个参数: 密钥: $secret_key、客户端签名: $signature、服务端签名: $server_signature,必须返回布尔值。该函数默认为:

  7. 自定义错误处理(可选) config/api_auth.php 中的 error_handler 可以修改为自定义的错误处理函数,该函数将传入两个参数: 请求: $request、错误码: $code。该函数默认为:

    $code 可能是以下几个值中的一个:

    • LaravelApiAuth::LACK_HEADER -> 缺少请求头。
    • LaravelApiAuth::ACCESS_KEY_ERROR -> access_key 错误。
    • LaravelApiAuth::SIGNATURE_ERROR -> 签名错误。
    • LaravelApiAuth::SIGNATURE_LAPSE -> 签名失效,客户端签名时间和服务端签名时间差超过设置的 timeout 值。
    • LaravelApiAuth::SIGNATURE_REPETITION -> 签名重复,规定时间内出现两次或以上相同的签名。

使用

路由中

通过验证后 $request 会添加一个 client_role 字段,该字段为客户端的角色名称。

前端

本例子为 web 前端的例子,其他客户端同理,生成签名并且带上指定参数即可正常请求。 通过自定义签名方法和自定义校验方法,可以使用其他加密方法进行签名,例如 哈希 等其他加密算法。 更多自定义可以直接修改 App\Http\Middleware\ApiAuth 中间件 。有问题请开 issue

All versions of api-auth with dependencies

PHP Build Version
Package Version
Requires php Version >=5.3
Composer command for our command line client (download client) This client runs in each environment. You don't need a specific PHP version etc. The first 20 API calls are free. Standard composer command

The package dsweixin/api-auth contains the following files

Loading the files please wait ....