566E PHP包仓库
首页 包列表 提交包 常见问题 关于

nawasara/auth-primitives 问题修复 & 功能扩展

解决BUG、新增功能、兼容多环境部署,快速响应你的开发需求

邮箱:yvsm@zunyunkeji.com | QQ:316430983 | 微信:yvsm316

nawasara/auth-primitives

Composer 安装命令:

composer require nawasara/auth-primitives

包简介

Low-level auth primitives for Nawasara packages: sudo mode (session window, Livewire attribute, route middleware), built to live below the application shell so domain packages can depend on it without dragging in core.

关键字:

# auth # laravel # livewire # sudo # Nawasara # step-up

README 文档

README

Low-level auth primitives for Nawasara packages. Lives below the application shell (nawasara/core) so any domain package can depend on it without pulling in the rest of Nawasara.

What's in the box

Primitive Purpose
Nawasara\AuthPrimitives\Auth\Sudo Session window — single source of truth for "has the user recently re-authenticated?"
Nawasara\AuthPrimitives\Http\Middleware\EnsureSudo Route gate, registered as the sudo middleware alias
#[Nawasara\AuthPrimitives\Attributes\RequiresSudo] Livewire method attribute — gates one action behind sudo
Nawasara\AuthPrimitives\Traits\WithSudo Livewire component trait — handles the step-up redirect
Nawasara\AuthPrimitives\Exceptions\SudoRequiredException Renderable exception (403 or redirect)
sudo_active(), sudo_remaining_seconds() Blade helpers

What's NOT in here

The OTP step-up itself (IdP redirect, callback, ID-token verification) is not in this package. It lives in nawasara/core's SudoController, which calls Sudo::confirm($userId) on a verified step-up. This split lets domain packages enforce a sudo window without depending on the integration plumbing.

Usage

Route-level

Route::get('db/drop/{name}', ...)->middleware(['auth', 'sudo']);

The sudo alias is registered automatically by AuthPrimitivesServiceProvider.

Livewire action-level

use Livewire\Component;
use Nawasara\AuthPrimitives\Attributes\RequiresSudo;
use Nawasara\AuthPrimitives\Traits\WithSudo;

class DangerousThings extends Component
{
    use WithSudo;

    #[RequiresSudo(reason: 'menghapus database')]
    public function dropDatabase(string $name): void
    {
        // …only runs inside an active sudo window
    }
}

Blade display

@if (sudo_active())
    <button wire:click="dropDatabase">Hapus</button>
@else
    <button wire:click="$dispatch('sudo-required')">Hapus (butuh konfirmasi)</button>
@endif

Config

Defaults are bundled. Publish to override:

php artisan vendor:publish --tag=auth-primitives:config
// config/auth-primitives.php
return [
    'sudo' => [
        'window_minutes' => env('NAWASARA_SUDO_WINDOW_MINUTES', 15),
        'acr' => env('NAWASARA_SUDO_ACR', 'sudo'),
    ],
];

License

MIT.

统计信息

  • 总下载量: 14
  • 月度下载量: 0
  • 日度下载量: 0
  • 收藏数: 0
  • 点击次数: 1
  • 依赖项目数: 3
  • 推荐数: 0

GitHub 信息

  • Stars: 0
  • Watchers: 0
  • Forks: 0
  • 开发语言: PHP
访问仓库

其他信息

  • 授权协议: MIT
  • 更新时间: 2026-05-25

承接程序开发

PHP开发

VUE

Vue开发

前端开发

小程序开发

公众号开发

系统定制

数据库设计

云部署

网站建设

安全加固