PHP code example of micro-module / ist-auth-bundle

1. Go to this page and download the library: Download micro-module/ist-auth-bundle library. Choose the download type require.

2. Extract the ZIP file and open the index.php.

3. Add this code to the index.php. 
    
        
<?php
require_once('vendor/autoload.php');

/* Start to develop here. Best regards https://php-download.com/ */

micro-module / ist-auth-bundle example snippets


return [
    // ...
    MicroModule\IstAuth\IstAuthBundle::class => ['all' => true],
];


use MicroModule\IstAuth\Contracts\Principal\AuthenticatedPrincipal;
use MicroModule\IstAuth\Contracts\Principal\IstPrincipal;

#[Route('/api/v1/news', methods: ['POST'])]
public function create(AuthenticatedPrincipal $principal, Request $request): Response
{
    // Guaranteed authenticated — 401 automatically returned if anonymous
    $accountId = $principal->getClaims()->accountId;
    // ...
}

#[Route('/api/v1/news/{uuid}', methods: ['GET'])]
public function getOne(IstPrincipal $principal, string $uuid): Response
{
    // Accepts both Anonymous and Authenticated
    if ($principal instanceof AuthenticatedPrincipal) {
        // enrich response
    }
    // ...
}


use MicroModule\IstAuth\Contracts\Attribute\IstAuthLevel;
use MicroModule\IstAuth\Contracts\Authorization\AuthLevel;

#[Route('/api/v1/admin/reindex', methods: ['POST'])]
#[IstAuthLevel(AuthLevel::Admin)]
public function reindex(): Response { /* ... */ }


use MicroModule\IstAuth\Contracts\Authorization\ResourceOwnershipCheckerInterface;
use MicroModule\IstAuth\Contracts\Exception\OwnershipFailedException;
use MicroModule\IstAuth\Contracts\Principal\AuthenticatedPrincipal;

final class NewsOwnershipCheckerAdapter implements ResourceOwnershipCheckerInterface
{
    public function __construct(private NewsRepositoryInterface $query) {}

    public function assertOwns(
        AuthenticatedPrincipal $principal,
        string $resourceType,
        string $resourceId,
    ): void {
        if ($resourceType !== 'news') {
            throw new OwnershipFailedException();
        }
        $news = $this->query->fetchOne(Uuid::fromNative($resourceId));
        if ($news === null || $news->getOwnerId() !== $principal->getClaims()->accountId) {
            throw new OwnershipFailedException();   // never leak existence
        }
    }
}