Skip to content

jargoud/laravel-api-key

BranchesTags

Repository files navigation

Laravel API key

Latest Version on Packagist Build Status Quality Score Total Downloads

This package provides a simple API key authentication, based on Laravel Authentication system.

Summary

[[TOC]]

Installation

You can install the package via composer:

composer config repositories.laravel-api-key vcs https://github.com/jargoud/laravel-api-key.git
composer require jargoud/laravel-api-key

The package will automatically register itself.

You can publish the package's assets with one of the following commands:

php artisan vendor:publish --provider="Jargoud\LaravelApiKey\Providers\LaravelApiKeyServiceProvider" --tag="config"
php artisan vendor:publish --provider="Jargoud\LaravelApiKey\Providers\LaravelApiKeyServiceProvider" --tag="views"

Usage

The package create an ApiKey entity, which contains:

  • a name,
  • a value: it's the Api key value, it's hashed so you should copy it before saving the model!
  • a restriction selector: none, by referer or by ip,
  • a list of referers to allow client requests,
  • a list of ip addresses to allow server requests.

Configuration

Add the package's guard and provider in your auth.php config file:

// config/auth.php
return [
    // ...
    
    'guards' => [
        // ...

        'api' => [
            'driver' => 'api_token',
            'provider' => 'api_keys',
            'storage_key' => Jargoud\LaravelApiKey\Models\ApiKey::COLUMN_VALUE,
            'hash' => true,
        ],
    ],
    
    // ...
    
    'providers' => [
        // ...

        'api_keys' => [
            'driver' => 'eloquent',
            'model' => Jargoud\LaravelApiKey\Models\ApiKey::class,
        ],
    ],
    
    // ...
];

In order to protect your Api routes, you should use the auth middleware, as follow:

Route::middleware('auth:api')->group(
    function() {
        // ...
    }
);

In order to query your Api, you should pass the Api key inside your requests. It can be a query parameter, an input or a HTTP header. See ApiTokenGuard.php to find out how it's retrieved by the guard.

Backpack

If your app uses Laravel Backpack, it provides a CRUD controller that you can use in order to manage your Api keys.

To enable it, set api-key.backpack.enabled configuration value to true.

It will auto register the route and you can then add a tab in your sidebar:

<li class="nav-item">
    <a class="nav-link" href="{{ backpack_url('api-key') }}">
        <i class="nav-icon la la-key"></i>
        Api keys
    </a>
</li>

Testing

composer test

Changelog

Please see CHANGELOG for more information what has changed recently.

Contributing

Please see CONTRIBUTING for details.

Security

If you discover any security related issues, please email jeremy.argoud@gmail.com instead of using the issue tracker.

Credits

License

The MIT License (MIT). Please see License File for more information.

Laravel Package Boilerplate

This package was generated using the Laravel Package Boilerplate.

About

Api key package for Laravel

Resources

Readme

License

MIT license

Contributing

Contributing
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases 2

1.0.1 Latest
Mar 15, 2021
+ 1 release

Packages

 
 
 

Contributors

Languages