GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → middlewares → http-authentication

middlewares / http-authentication

Licence: MIT License
PSR-15 middleware to implement Basic and Digest Http authentication

Programming Languages

PHP
23972 projects - #3 most used programming language

Labels

httpmiddlewarebasic-authenticationdigest-authenticationhttp-authentication

Projects that are alternatives of or similar to http-authentication

SpringSecurityInEasySteps
Learn Spring Security step by step
Stars: ✭ 13 (-55.17%)
Mutual labels:  basic-authentication, digest-authentication
node-uploadx
Node.js middleware for handling resumable uploads
Stars: ✭ 17 (-41.38%)
Mutual labels:  middleware
horse-basic-auth
Middleware for Basic Authentication in HORSE
Stars: ✭ 37 (+27.59%)
Mutual labels:  basic-authentication
dictator
Dictates what your users see. Plug-based authorization.
Stars: ✭ 77 (+165.52%)
Mutual labels:  middleware
s3-proxy
S3 Reverse Proxy with GET, PUT and DELETE methods and authentication (OpenID Connect and Basic Auth)
Stars: ✭ 106 (+265.52%)
Mutual labels:  basic-authentication
oak-middleware-jwt
Oak middleware for JWT
Stars: ✭ 24 (-17.24%)
Mutual labels:  middleware
bedrock-site-protect
Ansible role: Add htpasswd protection to Trellis (Bedrock-Ansible) WordPress sites.
Stars: ✭ 79 (+172.41%)
Mutual labels:  basic-authentication
access-log
PSR-15 middleware to generate access logs
Stars: ✭ 21 (-27.59%)
Mutual labels:  middleware
koa-rest-router
Most powerful, flexible and composable router for building enterprise RESTful APIs easily!
Stars: ✭ 67 (+131.03%)
Mutual labels:  middleware
request-context
Simple connect middleware for accessing data in a request context.
Stars: ✭ 55 (+89.66%)
Mutual labels:  middleware
speedment-secure-rest-example
An example project showcasing how to build a secure REST API with Speedment and Spring Boot.
Stars: ✭ 17 (-41.38%)
Mutual labels:  basic-authentication
serverless-static-hosting-with-basic-auth
Serverless boilerplate for Static website hosting with Basic authentication
Stars: ✭ 21 (-27.59%)
Mutual labels:  basic-authentication
fjage
Framework for Java and Groovy Agents
Stars: ✭ 19 (-34.48%)
Mutual labels:  middleware
ASPNETcoreAngularJWT
Angular in ASP.NET Core with JWT solution by systemjs
Stars: ✭ 48 (+65.52%)
Mutual labels:  middleware
authentication
A framework agnostic authentication library based on PSR standards
Stars: ✭ 19 (-34.48%)
Mutual labels:  http-authentication
Helmet
🐺 A Lightweight Cloud Native API Gateway.
Stars: ✭ 124 (+327.59%)
Mutual labels:  basic-authentication
use
Easily add plugin support to your node.js application.
Stars: ✭ 25 (-13.79%)
Mutual labels:  middleware
geggleto-acl
PSR-7 Zend ACL implementation - Permission Library [ slim, psr7, acl, permissions, zend ]
Stars: ✭ 33 (+13.79%)
Mutual labels:  middleware
cute
An event-centric publisher/subscribe model for objects inspired by the Qt framework
Stars: ✭ 37 (+27.59%)
Mutual labels:  middleware
falcon-policy
Policy Middleware for Falcon APIs
Stars: ✭ 30 (+3.45%)
Mutual labels:  middleware
View All Similar Projects ➔

middlewares/http-authentication

Latest Version on Packagist Software License Testing Total Downloads

Middleware to implement RFC 2617 Http Authentication. Contains the following components:

Requirements

Installation

This package is installable and autoloadable via Composer as middlewares/http-authentication.

composer require middlewares/http-authentication

BasicAuthentication

The Basic access authentication is the simplest technique.

You have to provide an Array or ArrayAccess with the usernames and passwords of all available users. The keys are the usernames and the values the passwords.

Dispatcher::run([
    new Middlewares\BasicAuthentication([
        'username1' => 'password1',
        'username2' => 'password2'
    ])
]);

Optionally, you can provide a Psr\Http\Message\ResponseFactoryInterface as the second argument, that will be used to create the error responses (401). If it's not defined, Middleware\Utils\Factory will be used to detect it automatically.

$responseFactory = new MyOwnResponseFactory();

$route = new Middlewares\BasicAuthentication($users, $responseFactory);

realm

The realm value. By default is "Login".

attribute

The attribute name used to save the username of the user. If it's not defined, it wont be saved. Example:

Dispatcher::run([
    (new Middlewares\BasicAuthentication([
        'username1' => 'password1',
        'username2' => 'password2'
    ]))->attribute('username'),

    function ($request) {
        $username = $request->getAttribute('username');

        return new Response('Hello '.$username);
    }
]);

verifyHash

This option verifies the password using password_verify. Useful if you don't want to provide the passwords in plain text.

$users = [
    'username' => password_hash('secret-password', PASSWORD_DEFAULT);
]

Dispatcher::run([
    (new Middlewares\BasicAuthentication($users))
        ->attribute('username')
        ->verifyHash(),

    function ($request) {
        $username = $request->getAttribute('username');

        return new Response('Hello '.$username);
    }
]);

DigestAuthentication

The Digest access authentication is more secure than basic.

The constructor signature is the same than BasicAuthentication:

$users = [
    'username1' => 'password1',
    'username2' => 'password2'
];
$responseFactory = new MyOwnResponseFactory();

Dispatcher::run([
    new Middlewares\DigestAuthentication($users, $responseFactory)
]);

realm

The realm value. By default is "Login".

attribute

The attribute name used to save the username of the user. If it's not defined, it wont be saved.

nonce

To configure the nonce value. If its not defined, it's generated with uniqid

Please see CHANGELOG for more information about recent changes and CONTRIBUTING for contributing details.

The MIT License (MIT). Please see LICENSE for more information.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].