Download the PHP package soulcodex/model-keyable without Composer
On this page you can find all versions of the php package soulcodex/model-keyable. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.
Download soulcodex/model-keyable
More information about soulcodex/model-keyable
Files in soulcodex/model-keyable
Package model-keyable
Short Description Allow attach api key to laravel models
License MIT
Homepage https://github.com/soulcodex/model-keyable
Informations about the package model-keyable
Laravel Keyable
Keyable is a package that allows you to add API Keys to any model. This allows you to associate incoming requests with their respective models. You can also use Policies to authorize requests.
Installation
Require the package in your and update your dependencies:
Publish the migration and config files:
Run the migration:
Usage
Add the trait to your model(s):
Add the middleware to the function in your file:
The middleware will authenticate API requests, ensuring they contain an API key that is valid.
Accessing keyable models in your controllers
The model associated with the key will be attached to the incoming request as :
Now you can use the keyable model to scope your associated API resources, for example:
Keys Without Models
Sometimes you may not want to attach a model to an API key (if you wanted to have administrative access to your API). By default this functionality is turned off:
UUID support
Before migrate you can config if you prefer use bigint or uuid identifiers.
By default use bigint
like keyable_id
Making Requests
By default, laravel-keyable uses bearer tokens to authenticate requests. Attach the API key to the header of each request:
You can change where the API key is retrieved from by altering the setting in the keyable.php
config file. Supported options are: bearer
, header
, and parameter
.
As it is an array, you can use more than one of these options and combine them.
Need to pass the key as a URL parameter? Set the mode to parameter
and the key to the string you'll use in your URL:
Now you can make requests like this:
Authorizing Requests
Laravel offers a great way to perform Authorization on incoming requests using Policies. However, they are limited to authenticated users. We replicate that functionality to let you authorize requests on any incoming model.
To begin, add the AuthorizeKeyableRequest
trait to your base Controller.php class
:
Next, create the app/Policies/KeyablePolicies
folder and create a new policy:
Lastly, register your policies in AuthServiceProvider.php
:
In your controller, you can now authorize the request using the policy by calling $this->authorizeKeyable(<ability>, <model>)
:
Artisan Commands
Generate an API key:
Delete an API key:
Security
If you discover any security related issues, please email [email protected].
License
Released under the MIT license. See LICENSE for more information.
All versions of model-keyable with dependencies
spatie/laravel-package-tools Version ^1.1
illuminate/contracts Version ^7.0|^8.0