CakePHP 2.x JWT Authentication (DEAD)
This project is no longer being actively developed.
This plugin is a CakePHP 2.x Authentication component and view helper for JWT., (*1)
Components
- Auth/JwtTokeAuthenticate - A JSON Web Token implementation for CakePHP 2.6.x
Helpers
- AuthHelper - Utility functions for helping with the authentication of users.
Requirements
- PHP version: PHP 5.3+
- CakePHP version: 2.6 Stable
Support
For support and feature request, please visit the JWT Authentication Plugin Support section., (*2)
License
Copyright 2011 - 2014, Florian KrÀmer
Copyright 2015, Ronald Chaplin, (*3)
Licensed under The MIT Licensebr/
Redistributions of files must retain the above copyright notice., (*4)
Copyright
Copyright 2011 - 2014
Florian KrÀmer
http://github.com/burzum, (*5)
Copyright 2015
Ronald Chaplin
http://github.com/t73biz, (*6)
Version
1.0.6, (*7)
Installation
composer require t73biz/cakephp2-jwt-auth 1.0.6, (*8)
This will install into the Plugin directory (in the JwtAuth folder). To run the tests, simply navigate to your webroot/test.php and follow the links for the test cases for the Authentication Adapter., (*9)
Usage
Configuration
You can either declare this in your Controller's $components array, or on the fly in an action (if you need to load any configuration values, which you can't do when declaring in the $components array, for example)., (*10)
public $components = array(
'Auth' => array(
'authenticate' => array(
'JwtAuth.JwtToken' => array(
'fields' => array(
'username' => 'username',
'password' => 'password',
'token' => 'public_key',
),
'parameter' => '_token',
'userModel' => 'User',
'scope' => array('User.active' => 1),
'pepper' => 'sneezing',
),
),
),
);
Or, (*11)
$this->Auth->authenticate['JwtAuth.JwtToken'] = array(
'fields' => array(
'username' => 'username',
'password' => 'password',
'token' => 'public_key',
),
'parameter' => '_token',
'userModel' => 'User',
'scope' => array('User.active' => 1),
'pepper' => Configure::read('API.token.pepper'),
);
Where (excluding common authentication items):, (*12)
-
fields is an array containing the details of which passed values (POSTed) contain the username, password and token
-
token is used to hold a unique key against the user once authenticated and is also stored in the JWT
-
parameter is the query string parameter that could hold the JWT
-
header is the HTTP header that could hold the JWT
-
pepper is the salt to use when encrypting your JWT (keep this super secret!)
Defaults
array(
'fields' => array(
'username' => 'username',
'token' => 'token'
),
'parameter' => '_token',
'header' => 'X_JSON_WEB_TOKEN',
'userModel' => 'User',
'scope' => array(),
'recursive' => 0,
'contain' => null,
'pepper' => '123'
);
Authentication
You can authenticate by passing a valid JWT as either:, (*13)
- The query string parameter defined as
parameter in the config array (defaults to _token)
- The contents of the header defined as
header in the config array (defaults to X_JSON_WEB_TOKEN)
TODO
Implement an end to end example for inside clients and 3rd party client usage., (*14)
Wallogit.com
