oneofftech/laravel-connect-identity
Composer 安装命令:
composer require oneofftech/laravel-connect-identity
包简介
Add user registration and log in via third party OAuth services
README 文档
README
Add registration and log in to you application via third party identity providers (e.g. Gitlab, Facebook, ...).
While the package provides controllers, models, migrations and routes to handle registration and login actions it does not dictate how the user interface should look and how to validate users' data. It does however provide a starting point that you can customize based on your needs.
The package is compatible with Laravel Socialite providers as well as the community driven Socialite Providers.
features
- Handle user registration via third party providers;
- Handle user log in via third party providers;
- Allow existing user to link a third party identity;
- Customizable controllers, migration and models that will live in your application namespace;
- Save identity and token inside the database, using encryption and pseudoanonimization;
- Provide login/register/connect button as Blade component;
- Support all Laravel Socialite and Socialite Providers;
- Add custom providers.
requirements
- PHP 8.2 or above
Getting started
Installation
You can install this package via Composer by running this command in your terminal in the root of your project:
composer require oneofftech/laravel-connect-identity
The service provider
Oneofftech\Identities\IdentitiesServiceProvider::classis automatically registered as part of the Laravel service discovery.
Generate migrations, controllers and models
The package provides the login and registration features via traits.
Once the oneofftech/laravel-connect-identity package has been installed,
you can generate the controllers, models and migrations scaffolding using the
ui:identities Artisan command:
php artisan ui:identities
Now you can add the WithIdentities trait to your User model. This is required
to use the identities relationship required during the registration/login process.
// ... use Oneofftech\Identities\WithIdentities; class User extends Authenticatable { use WithIdentities; // ... }
If your application has a different namespace than
Appplease refer to Using a personalized application namespace for additional required setup actions.
Configure the Socialite providers
Before using an identity provider, e.g. facebook, google, github, gitlab,
configure the required options inside the services configuration file.
To see the driver specific configuration please refer to Laravel's documentation or the Socialite Providers documentation.
The
redirecturl configuration is not required as the redirect url is set automatically.
'gitlab' => [ 'client_id' => env('GITLAB_CLIENT_ID'), 'client_secret' => env('GITLAB_CLIENT_SECRET'), 'redirect' => null, // set in the controller no need to specify 'instance_uri' => env('GITLAB_INSTANCE_URI', 'https://gitlab.com/') // 'host' => env('GITLAB_INSTANCE_URI', 'https://gitlab.com/') // if using the default Socialite Gitlab driver ],
Tip
We do require also Socialite Providers Gitlab driver. So you need to include the Identity::events() in your app provider. If you want to use the Gitlab driver included in Laravel Socialite you can omitt Identity::events(). Remember to use host instead of instance_uri to configure the url of your Gitlab instance.
If you are using one of the community maintained Socialite Providers
remember to register their events in your AppServiceProvider.
If you are not using those providers this step is optional.
oneofftech/laravel-connect-identity provides out-of-the-box support for the gitlab
and dropbox driver. If you are using those two you might add the following call to
your AppServiceProvider.
public function boot() { parent::boot(); \Oneofftech\Identities\Facades\Identity::events(); }
This will register the SocialiteWasCalled event for the Gitlab and Dropbox
providers that are included by default.
Include the login and register buttons
oneofftech/laravel-connect-identity does not dictate your User Interface preferences,
however we provide a Blade Component to quickly add login and register links/buttons.
<x-oneofftech-identity-link action="register" provider="gitlab" class="button button--primary" />
The available actions are login, connect and register. The provider refers to what
identity provider to use, the name of the provider is the same as the Socialite
providers' name. See Blade components for more.
In case of errors, mainly connected to validation, you can catch those by looking at the used provider key in the Laravel default ErrorBag.
@error('gitlab')
<span class="field-error" role="alert">
{{ $message }}
</span>
@enderror
Digging Deeper
Using a personalized application namespace
While the ui:identities command is namespace aware some of the runtime configuration
is not.
If you are using a custom application namespace instead of the default App,
you need to tell which namespace and models to use.
To do so add the following lines in your AppServiceProvider;
use Oneofftech\Identities\Facades\Identity; class AppServiceProvider extends ServiceProvider { public function boot() { Identity::useNamespace("My\\Namespace\\"); Identity::useIdentityModel("My\\Namespace\\Identity"); Identity::useUserModel("My\\Namespace\\User"); // ... } }
Passing additional data to the registration
Sometimes you will need additional parameters do create a user after the authorization process on the third party service. To do so you can add as many parameters in the request made to the register route that redirects to the third party service.
By default additional request parameters are guarded and so you have to explicitly
tell their name. You can do this by defining an attributes property or an
attributes method on the RegisterController that returns an array of strings
that represent the name of the allowed parameters.
protected $attributes = ['name']; protected function attributes() { return ['name']; }
The additional attributes will then passed to the validator(array $data) and
create(array $data) function defined within the RegisterController.
If you are using the provided IdentityLink Blade component the data should
be specified as associative array inside the parameters property.
<x-oneofftech-identity-link action="register" provider="gitlab" :parameters="$arrayOfAdditionalParameters" class="button button--primary" />
Where $arrayOfAdditionalParameters is an associative array, e.g. ['invite' => 'token_value'].
How data is stored in the database
Whenever possible data is stored encrypted or in a pseudo-anonymized form.
Encryption works by using the Laravel's Encryption and the configured
application key (i.e. APP_KEY). If you want to use a different key use the IDENTITY_KEY environment variable, the
used cipher will be the same as configured in app.cipher.
The pseudo-anonymized values are stored as hashes of the original data.
Here is how sensible data is stored:
| data | technique |
|---|---|
| identifier within third party service | pseudo-anonymized |
| authentication token | encrypted |
| refresh token | encrypted |
If you need to rotate the APP_KEY specify your old key inside
OLD_IDENTITY_KEYto be able to still read encrypted values.
Warning as of now no automated job is available for re-encrypting data with the new key. This operation happens during registration or while connecting an identity as part of the token update.
Contributing
Thank you for considering contributing to the Connect Identity for Laravel! You can find how to get started in our contribution guide.
Security Vulnerabilities
Please review our security policy on how to report security vulnerabilities.
License
Laravel Connect Identity is licensed under the MIT license.
oneofftech/laravel-connect-identity 适用场景与选型建议
oneofftech/laravel-connect-identity 是一款 基于 PHP 开发的 Composer 扩展包,目前已累计 1.54k 次下载、GitHub Stars 达 1, 最近一次更新时间为 2020 年 09 月 02 日, 在 PHP 生态内属于活跃度较高的组件。
它主要适用于以下技术方向: 「oauth」 「registration」 「login」 「laravel」 「laravel-socialite」 等业务场景。在实际项目中,围绕这些方向常见需要落地的问题包括:接口对接、性能调优、并发安全、与既有框架(Laravel / ThinkPHP / Yii / Webman 等)的兼容适配,以及生产环境的日志埋点与稳定性保障。
我们在过去多个企业项目中使用过 oneofftech/laravel-connect-identity 或与其功能相近的方案,如果你在选型或落地过程中遇到问题,例如 版本兼容、二次改造、私有化封装、与内部系统对接、生产 BUG 排查,欢迎联系我们协助评估。
基于 oneofftech/laravel-connect-identity 在你已有业务上做功能扩展、字段裁剪、UI 适配、与内部账号 / 权限 / 日志系统的深度对接。
线上偶发问题、内存泄漏、慢查询、并发异常等排查修复;针对高流量场景做缓存、队列、索引层面的调优。
承接完整的项目从需求 → 设计 → 开发 → 上线 → 长期运维;也可按月提供技术保姆服务。
与 oneofftech/laravel-connect-identity 相关的其它包
同方向 / 同关键字的高下载量 PHP Composer 包推荐,方便对比选型:
User handling for PHP applications.
WeChat OAuth SDK
Users management for Symfony projects.
Laravel Authentication package with built-in two-factor (Authy) and social authentication (Socialite).
Ory-Hydra OAuth 2.0 Client Provider for The PHP League OAuth2-Client
Library for ORCID web services
统计信息
- 总下载量: 1.54k
- 月度下载量: 0
- 日度下载量: 0
- 收藏数: 1
- 点击次数: 26
- 依赖项目数: 0
- 推荐数: 0
其他信息
- 授权协议: MIT
- 更新时间: 2020-09-02