Download the PHP package pallant/laravel-aws-cognito-auth without Composer
On this page you can find all versions of the php package pallant/laravel-aws-cognito-auth. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.
FAQ
Example:
In general, it is recommended to use always a project to download your libraries. In an application normally there is more than one library needed.
- Some hosting areas are not accessible by a terminal or SSH. Then it is not possible to use Composer.
- To use Composer is sometimes complicated. Especially for beginners.
- Composer needs much resources. Sometimes they are not available on a simple webspace.
- If you are using private repositories you don't need to share your credentials. You can set up everything on our site and then you provide a simple download link to your team member.
- Simplify your Composer build process. Use our own command line tool to download the vendor folder as binary. This makes your build process faster and you don't need to expose your credentials for private repositories.
Informations about the package laravel-aws-cognito-auth
Laravel AWS Cognito Auth
A simple authentication package for Laravel 5 for authenticating users in Amazon Cognito User Pools.
This is package works with Laravel's native authentication system and allows the authentication of users that are already registered in Amazon Cognito User Pools. It does not provide functionality for user management, i.e., registering user's into User Pools, password resets, etc.
Contents
- Installation and Setup
- Install
- Configure
- Users Table
- Usage
- Authenticating
- Handling Failed Authentication
- Methods
- No Error Handling
- Throw Exception
- Return Attempt Instance
- Using a Closure
- Using a Custom Class
- Default Error Handler
- About AuthAttemptException
- Methods
Installation and Setup
This package makes use of the aws-sdk-php-laravel package. As well as setting up and configuring this package you'll also need to configure aws-sdk-php-laravel for the authentication to work. Instructions on how to do this are below. If you've already installed, set up and configured aws-sdk-php-laravel you can skip the parts where it's mentioned below.
Install
Add pallant/laravel-aws-cognito-auth to composer.json and run composer update to pull down the latest version:
Or use composer require:
Add the service provider and the aws-sdk-php-laravel service provider to the providers array in config/app.php.
`
Open app/Http/Kernel.php and replace the default \Illuminate\Session\Middleware\AuthenticateSession::class middleware with \Pallant\LaravelAwsCognitoAuth\AuthenticateSession::class.
Publish the config file as well as the aws-sdk-php-laravel config file to your config directory by running:
Configure
Open config/auth.php and set your default guard's driver to aws-cognito. Out of the box the default guard is web so your config/auth.php would look something like:
Open config/aws-cognito-auth.php and add your AWS Cognito User Pool's id, and User Pool App's client-id.
When creating an App for your User Pool the default Refresh Token Expiration time is 30 days. If you've set a different expiration time for your App then make sure you update the refresh-token-expiration value in the config file accordingly.
Open the config/aws.php file and set the region value to whatever region your User Pool is in. The default config/aws.php file that is created when using the php artisan vendor:publish --provider="Aws\Laravel\AwsServiceProvider" command doesn't include the IAM credential properties so you'll need to add them manually. Add the following to the config/aws.php file where key is an IAM user Access Key Id and secret is the corresponding Secret key:
Your final config/aws.php should look something like this:
Users Table
Cognito is not treated as a "database of users", and is only used to authorise the users. A request to Cognito is not made unless the user already exists in the app's database. This means you'll still need a users table populated with the users that you want to authenticate. At a minimum this table will need an id, email and remember_token field.
In Cognito every user has a username. When authenticating with Cognito this package will need one of the user's attributes to match the user's Congnito username. By default it uses the user's email attribute.
If you want to use a different attribute to store the user's Cognito username then you can do so by first adding a new field to your users table, for example cognito_username, and then setting the username-attribute in the config/aws-cognito-auth.php file to be the name of that field.
Usage
Once installed and configured authentication works the same as it doesn natively in Laravel. See Laravel's documentation for full details.
Authenticating
Authenticate:
Authenticate and remember:
Get the authenticated user:
Logout:
As well as the default functionality some extra methods are made available for accessing the user's Cognito access token, id token, etc:
Handling Failed Authentication
AWS Cognito may fail to authenticate for a number of reasons, from simply entering the wrong credentials, or because additional checks or actions are required before the user can be successfully authenticated.
So that you can deal with failed attempts appropriately several options are available to you within the package that dictate how failed attempts should be handled.
Methods
You can specify how failed attempts should be handled by passing an additional $errorHandler argument when calling the Auth::attempt() and Auth::validate() methods.
No Error Handling
If an $errorHandler isn't passed then all failed authentication attempts will be handled and suppressed internally, and both the Auth::attempt() and Auth::validate() methods will simply return true or false as to whether the authentication attempt was successful.
Throw Exception
To have the Auth::attempt() and Auth::validate() methods throw an exception pass AWS_COGNITO_AUTH_THROW_EXCEPTION as the $errorHandler argument.
If the authentication fails then a \Pallant\LaravelAwsCognitoAuth\AuthAttemptException exception will be thrown, which can be used to access the underlying error by calling the exception's getResponse() method. About AuthAttemptException.
Return Attempt Instance
To have the Auth::attempt() and Auth::validate() methods return an attempt object pass AWS_COGNITO_AUTH_RETURN_ATTEMPT as the $errorHandler argument.
When using AWS_COGNITO_AUTH_RETURN_ATTEMPT both methods will return an instance of \Pallant\LaravelAwsCognitoAuth\AuthAttempt, which can be used to check if the authentication attempt was successful or not.
For unsuccessful authentication attempts the attempt instance's getResponse() method can be used to access the underlying error. This method will return an array of data that will contain different values depending on the reason for the failed attempt.
In events where the AWS Cognito API has thrown an exception, such as when invalid credentials are used, the array that is returned will contain the original exception.
In events where the AWS Cognito API has failed to authenticate for some other reason, for example because a challenge must be passed, then the array that is returned will contain the details of the error.
Using a Closure
To handle failed authentication attempts with a closure pass one as the Auth::attempt() and Auth::validate() methods' $errorHandler argument.
If the authentication fails then the closure will be run and will be passed an \Pallant\LaravelAwsCognitoAuth\AuthAttemptException instance, which can be used to access the underlying error by calling the exception's getResponse() method. About AuthAttemptException.
Using a Custom Class
To handle failed authentication attempts with a custom class pass the classes name as the Auth::attempt() and Auth::validate() methods' $errorHandler argument.
The error handler class should have a handle() method, which will be called when an authentication attempt fails. The handle() method will be passed an \Pallant\LaravelAwsCognitoAuth\AuthAttemptException instance, which can be used to access the underlying error by calling the exception's getResponse() method. About AuthAttemptException.
Default Error Handler
As well defining the error handler in line, you can also define a default error handler in the config/aws-cognito-auth.php file. The same error handling methods are available as detailed above. When using AWS_COGNITO_AUTH_THROW_EXCEPTION or AWS_COGNITO_AUTH_RETURN_ATTEMPT set the value as a string, do not use the constant.
Throw Exception:
Return Attempt:
Use a Closure:
Use a Custom Class:
About AuthAttemptException
An \Pallant\LaravelAwsCognitoAuth\AuthAttemptException exception will be thrown when using the AWS_COGNITO_AUTH_THROW_EXCEPTION error handler, or will be passed as an argument to a closure when using the Clousre method of error handling.
The exception's getResponse() method will return an array of data that will contain different values depending on the reason for the failed attempt.
In events where the AWS Cognito API has thrown an exception, such as when invalid credentials are used, the array that is returned will contain the original exception.
In events where the AWS Cognito API has failed to authenticate for some other reason, for example because a challenge must be passed, the array that is returned will contain the details of the error.
All versions of laravel-aws-cognito-auth with dependencies
aws/aws-sdk-php-laravel Version ^3.1
nesbot/carbon Version ~1.20
laravel/framework Version ^5.7.0