flownative/token-authentication

General purpose token authentication.

Installs: 38 502

Dependents: 1

Suggesters: 0

Security: 0

Stars: 7

Watchers: 4

Forks: 8

Open Issues: 1

Type:neos-package

2.3.2 2024-10-24 11:22 UTC

This package is auto-updated.

Last update: 2024-10-24 11:23:37 UTC


README

This package provides token based authentication for Neos Flow projects. It allows both sessionless and session-based authentication to be used.

Installation

Run:

composer require flownative/token-authentication

Usage

Run:

./flow hashtoken:createhashtoken --roleNames Neos.Neos:Editor

Provide the token in your requests

  • as request argument _authenticationHashToken=<myToken> or
  • as Authorization header with the value Bearer <myToken>.

Configuration

The configuration is done as usual in the Configuration/Settings.yaml file.

Neos:
  Flow:
    security:
      authentication:
        providers:
          'Acme.Com:TokenAuthenticator':
            provider: Flownative\TokenAuthentication\Security\HashTokenProvider
            requestPatterns:
              'Acme.Com:Controllers':
                pattern: ControllerObjectName
                patternOptions:
                  controllerObjectNamePattern: 'Acme\Com\Controller\.*'

By default the package uses a sessionless token. If you want to use a session-based token, set the token option in the provider configuration:

providers:
  'Acme.Com:TokenAuthenticator':
    provider: Flownative\TokenAuthentication\Security\HashTokenProvider
    token: Flownative\TokenAuthentication\Security\SessionStartingHashToken