README

Laravel authentication guard to validate JSON Web Tokens (JWT) issued by an AWS Cognito User Pool

Installation

You can install the package via composer:

composer require graphene-ict/laravel-cognito-guard

You can publish the config file with:

php artisan vendor:publish --provider="GrapheneICT\CognitoGuard\Services\CognitoAuthServiceProvider" --tag="config"

This is the contents of the published config file:

return [
    /*
     * If persist_user_data is true the cognito guard will automatically create a new user
     * record anytime the user contained in a validated JWT
     * does not already exist in the users table.
     *
     * The new user will be created with the user attributes name, email, provider and provider_id so
     * it is required for you to add them at the list of fillable attributes in the model array, if you
     * wish to add more attributes from the cognito modify before it is saved or use the events.
     *
     */
    'persist_user_data' => true,

    'models' => [
        /*
         * When using this package, we need to know which
         * Eloquent model should be used for your user. Of course, it
         * is often just the "User" model but you may use whatever you like.
         *
         */
        'user' => [
            'model' => App\Models\User::class,
        ],
    ],
];

Since persist_user_data is true by default user will be automatically saved with the following attributes: name, email, provider and provider_id so adding them in the list of fillables is a must. If you wish to extend with more attributes using the class CognitoService modify the data before it is saved or use the events.

   $cognitoService = new CognitoService();
   $attributes = $cognitoService->getCognitoUserAttributes($token);

Usage

In configauth create additional guard with the coginto driver

   'api' => [
            'driver' => 'cognito',
            'provider' => 'users',
        ],

After that just apply it to the Authentication Defaults as option for authentication shown bellow

    'defaults' => [
        'guard' => 'api',
        'passwords' => 'users',
    ],

Changelog

Please see CHANGELOG for more information on what has changed recently.

Contributing

Please see CONTRIBUTING for details.

Security Vulnerabilities

Please review our security policy on how to report security vulnerabilities.

Credits

• Jovan Stojiljkovic

License

The MIT License (MIT). Please see License File for more information.