authava / laravel
Laravel integration for Authava authentication service
Requires
- php: ^8.1
- guzzlehttp/guzzle: ^7.0
- illuminate/contracts: ^9.0|^10.0
- illuminate/support: ^9.0|^10.0
Requires (Dev)
- orchestra/testbench: ^7.0|^8.0
- phpunit/phpunit: ^9.0|^10.0
This package is not auto-updated.
Last update: 2025-03-28 18:57:39 UTC
README
A Laravel integration package for the Authava authentication service.
Installation
You can install the package via composer:
composer require authava/laravel
Configuration
- Publish the configuration file:
php artisan vendor:publish --tag=authava-config
- Add your Authava configuration to your
.envfile:
AUTHAVA_DOMAIN=auth.yourdomain.com AUTHAVA_RESOLVER_DOMAIN=api.yourdomain.com # Optional AUTHAVA_SECURE=true AUTHAVA_AUTO_REFRESH=true AUTHAVA_REFRESH_BUFFER=5 AUTHAVA_CACHE_TTL=300
Basic Usage
Protecting Routes
Add the middleware to your routes:
use Authava\Laravel\Middleware\AuthavaAuthenticate; Route::middleware([AuthavaAuthenticate::class])->group(function () { Route::get('/protected', function (Request $request) { // Access the authenticated user $user = $request->get('authava_user'); return response()->json(['user' => $user]); }); });
User Synchronization
If you want to automatically sync Authava users with your local database, use the EnsureUserExists middleware:
use Authava\Laravel\Middleware\AuthavaAuthenticate; use Authava\Laravel\Middleware\EnsureUserExists; Route::middleware([ AuthavaAuthenticate::class, EnsureUserExists::class, ])->group(function () { Route::get('/profile', function (Request $request) { // Access your local user model $user = $request->get('user'); return response()->json(['user' => $user]); }); });
Using the Facade
use Authava\Laravel\Facades\Authava; // Get the current session $session = Authava::getSession($request->header('Cookie')); // Clear session cache Authava::clearSessionCache($cookie); // Get configuration $config = Authava::getConfig();
Direct Usage
If you prefer dependency injection:
use Authava\Laravel\AuthavaClient; class UserController extends Controller { public function __construct(private AuthavaClient $authava) { } public function profile(Request $request) { $session = $this->authava->getSession($request->header('Cookie')); // ... } }
User Synchronization
The package provides two approaches for user synchronization:
1. Middleware Approach
Use the EnsureUserExists middleware to automatically sync users:
Route::middleware([ AuthavaAuthenticate::class, EnsureUserExists::class, ])->group(function () { // Routes here will have access to synchronized users });
2. Manual Synchronization
Implement your own user synchronization logic:
use App\Models\User; class UserService { public function syncAuthavaUser(array $authavaUser): User { return User::updateOrCreate( ['auth_id' => $authavaUser['id']], [ 'email' => $authavaUser['email'], 'name' => $authavaUser['name'] ?? null, // Map other fields as needed ] ); } }
Configuration Options
Session Caching
The package caches session data to reduce API calls. Configure the TTL in your .env:
AUTHAVA_CACHE_TTL=300 # Cache for 5 minutes
User Model Mapping
Configure how Authava user fields map to your user model:
// config/authava.php return [ 'user_model' => \App\Models\User::class, 'user_fields' => [ 'auth_id' => 'id', 'email' => 'email', 'name' => 'name', // Add custom field mappings ], ];
Testing
composer test
Security
If you discover any security related issues, please email security@authava.com instead of using the issue tracker.
Credits
License
The MIT License (MIT). Please see License File for more information.