flownative/token-authentication

General purpose token authentication.

Maintainers

Details

github.com/flownative/flow-token-auth

Homepage

Source

Issues

Installs: 34 653

Dependents: 1

Suggesters: 0

Security: 0

Stars: 7

Watchers: 4

Forks: 9

Open Issues: 3

Type:neos-package

2.3.1 2022-07-26 11:05 UTC

Requires

MIT 2f498a09d064c7081b19551a5c2962c8a49215ba

This package is auto-updated.

Last update: 2024-08-27 15:59:21 UTC

README

This package provides token based authentication for Neos Flow projects. It allows both sessionless and session-based authentication to be used.

Installation

Run:

composer require flownative/token-authentication

Usage

Run:

./flow hashtoken:createhashtoken --roleNames Neos.Neos:Editor

Provide the token in your requests

  • as request argument _authenticationHashToken=<myToken> or
  • as Authorization header with the value Bearer <myToken>.

Configuration

The configuration is done as usual in the Configuration/Settings.yaml file.

Neos:
  Flow:
    security:
      authentication:
        providers:
          'Acme.Com:TokenAuthenticator':
            provider: Flownative\TokenAuthentication\Security\HashTokenProvider
            requestPatterns:
              'Acme.Com:Controllers':
                pattern: ControllerObjectName
                patternOptions:
                  controllerObjectNamePattern: 'Acme\Com\Controller\.*'

By default the package uses a sessionless token. If you want to use a session-based token, set the token option in the provider configuration:

providers:
  'Acme.Com:TokenAuthenticator':
    provider: Flownative\TokenAuthentication\Security\HashTokenProvider
    token: Flownative\TokenAuthentication\Security\SessionStartingHashToken