neoan3-apps/stateless

stateless Json Webtoken (JWT) authentication / verification for PHP

v2.1.0 2024-04-23 23:02 UTC

This package is auto-updated.

Last update: 2024-10-23 23:57:50 UTC


README

Maintainability Test Coverage Build Status

PHP stateless JWT authentication

Easy implementation of JWT authentication & handling in PHP.

Installation

composer require neoan3-apps/stateless

Quick Start

// static
Neoan3\Apps\Stateless::setSecret('My-super-secure-Key');

// or as object
// (method names are the same as static calls)
$stateless = new Neoan3\Apps\StatelessOOP('my-secure-key');

// create JWT
$jti = 'someId';
$scope = ['read', 'write'];
$payload = ['additional'=>'info']; // optional
$jwt = Neoan3\Apps\Stateless::assign($jti, $scope, $payload);

// validate JWT
try{
    $decrypted = Neoan3\Apps\Stateless::validate();
    $user = $decrypted['jti'];
} catch(Exception $e) {
    die('ups');
}

Methods

setAuthorization($jwt)

If this method is not used, Stateless will read the Authorization from the $_SERVER variable "HTTP_AUTHORIZATION" and the following format "bearer token"

setCustomException($class)

Can be used to trigger a custom exception when encountering validation errors.

setSecret($secret)

Key used for the HS256 algorithm (decryption/encryption/signing). Make sure a key is set prior to any other interactions.

validate()

Returns the decoded JWT or throws an Exception

restrict($scope = [])

Accepts a string or an array. Same as validate, but additionally checks if the right kind of scope is present.

setExpiration($time | null)

Accepts strtotime-compatible expression or epoch-stamp.

assign($jti, $scope, $payload = [])

Generates a JWT.