flownative / token-authentication
General purpose token authentication.
Installs: 40 600
Dependents: 1
Suggesters: 0
Security: 0
Stars: 7
Watchers: 4
Forks: 8
Open Issues: 1
Type:neos-package
README
This package provides token based authentication for Neos Flow projects. It allows both sessionless and session-based authentication to be used.
Installation
Run:
composer require flownative/token-authentication
Usage
Run:
./flow hashtoken:createhashtoken --roleNames Neos.Neos:Editor
Provide the token in your requests
- as request argument
_authenticationHashToken=<myToken>
or - as
Authorization
header with the valueBearer <myToken>
.
Configuration
The configuration is done as usual in the Configuration/Settings.yaml
file.
Neos: Flow: security: authentication: providers: 'Acme.Com:TokenAuthenticator': provider: Flownative\TokenAuthentication\Security\HashTokenProvider requestPatterns: 'Acme.Com:Controllers': pattern: ControllerObjectName patternOptions: controllerObjectNamePattern: 'Acme\Com\Controller\.*'
By default the package uses a sessionless token. If you want to use a
session-based token, set the token
option in the provider configuration:
providers: 'Acme.Com:TokenAuthenticator': provider: Flownative\TokenAuthentication\Security\HashTokenProvider token: Flownative\TokenAuthentication\Security\SessionStartingHashToken