PHP download

Download the PHP package edenspiekermann/craft-jwt-auth without Composer

On this page you can find all versions of the php package edenspiekermann/craft-jwt-auth. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.

Table of contents
Download edenspiekermann/craft-jwt-auth
More information about edenspiekermann/craft-jwt-auth
Files in edenspiekermann/craft-jwt-auth

Vendor edenspiekermann
Package craft-jwt-auth
Short Description Enable authentication to Craft through the use of JSON Web Tokens (JWT)
License MIT

Keywords cms Craft craftcms craft-plugin craft jwt

FAQ

After the download, you have to make one include require_once('vendor/autoload.php');. After that you have to import the classes with use statements.

Example:

If you use only one package a project is not needed. But if you use more then one package, without a project it is not possible to import the classes with use statements.

In general, it is recommended to use always a project to download your libraries. In an application normally there is more than one library needed.

Some PHP packages are not free to download and because of that hosted in private repositories. In this case some credentials are needed to access such packages. Please use the auth.json textarea to insert credentials, if a package is coming from a private repository. You can look here for more information.

Some hosting areas are not accessible by a terminal or SSH. Then it is not possible to use Composer.
To use Composer is sometimes complicated. Especially for beginners.
Composer needs much resources. Sometimes they are not available on a simple webspace.
If you are using private repositories you don't need to share your credentials. You can set up everything on our site and then you provide a simple download link to your team member.
Simplify your Composer build process. Use our own command line tool to download the vendor folder as binary. This makes your build process faster and you don't need to expose your credentials for private repositories.

Please rate this library. Is it a good library?

Informations about the package craft-jwt-auth

Craft JWT Auth plugin

Enable authentication to Craft through the use of JSON Web Tokens (JWT).

Requirements

This plugin requires Craft CMS 3.3 or later.

Installation

To install the plugin, follow these instructions.

Open your terminal and go to your Craft project:

cd /path/to/project
Then tell Composer to load the plugin:

composer require edenspiekermann/craft-jwt-auth
In the Control Panel, go to Settings → Plugins and click the “Install” button for Craft JWT Auth.

Craft JWT Auth Overview

From the official website:

JSON Web Tokens are an open, industry standard RFC 7519 method for representing claims securely between two parties.

This plugin enables requests to Craft to be securely authenticated in the presence of a JWT that can be successfully verified as matching a secret key generated signature.

Configuring Craft JWT Auth

Once installed, naviate to the settings page of the plugin and enter required settings to activate the plugin:

Setting	Description
`Secret key`	Mandatory. Secret key used to sign outgoing and verify incoming JWTs.
`Auto create user`	Optional. Activate to enable auto-creation of a public user when provided a verifiable JWT.

Using Craft JWT Auth

The plugin will attempt to verify any incoming requests with a JWT present in the Authentication header with a Bearer prefix, or with the simpler X-Access-Token header value. An example:

The plugin will attempt to verify the token using the lcobucci/jwt package for PHP. The package adheres to the IANA specifications for JWTs.

If a provided token can be verified AND can be match to a user account with a username matching the provided sub key, the user will be authenticated and the request allowed to continue.

If the token is verifiable but a matching user account does NOT exist, but the Auto create user setting is enabled AND public registration is enabled in the Craft settings, a new user account will be created on-the-fly and the new user then logged in.

Craft JWT Auth Roadmap

Features

The plugin does or will offer the following features:

[x] Validate incoming requests with a JWT present in the Authentication headers.
[x] Match a validated JWT to a user account in Craft CMS and login as that user.
[x] Optionally create a new account if no existing account can be found.
[ ] Generate a JWT from a user’s account data to enable sharing with other services that implement the same secret key.

Milestones

While the plugin is already useable, it is by no means finished. Use at your own risk. Some things to do before I'm comfortable taking it to version 1.0.0:

[ ] 0.2.0 Refactor into more logical set of services and classes.
[ ] 0.3.0 Better testing for the presence of an actual JWT, rather than some other type of token.
[ ] 0.3.1 Checking for the presence of valid claims and handling if they aren't there.
[ ] 0.3.2 Handle edge case of successful user creation but failed image creation.
[ ] 0.3.3 Better exception handling in general.
[ ] 0.4.0 Add test cases for all of that.
[ ] Have really smart people review the code for vulnerabilities.
[ ] Other stuff I haven't though of because I haven't done 👆 yet.

Written and maintained by Mike Pierce. Made possible by Edenspiekermann.

All versions of craft-jwt-auth with dependencies

PHP Build Version

Package Version

Version 0.2.0 Release 06. Oct 2019
create-project require 0 people choosed require and
0 people choosed create-project.

Download

Download latest version of craft-jwt-auth from vendor edenspiekermann

Requires craftcms/cms Version ^3.3
lcobucci/jwt Version ^3.3

Composer command for our command line client (download client) This client runs in each environment. You don't need a specific PHP version etc. The first 20 API calls are free. Standard composer command

The package edenspiekermann/craft-jwt-auth contains the following files

Loading the files please wait ....