raid/guardian 问题修复 & 功能扩展

解决BUG、新增功能、兼容多环境部署,快速响应你的开发需求

邮箱:yvsm@zunyunkeji.com | QQ:316430983 | 微信:yvsm316

raid/guardian

Composer 安装命令:

composer require raid/guardian

包简介

Raid Authentication Package

README 文档

README

This package provides a unified authentication flow by acting as a wrapper around any authentication package. It introduces several new concepts:

Requirements

  • PHP >= 8.2
  • An installed authentication package (e.g., Laravel Sanctum, Laravel Passport, or any other compatible package)

This package acts as a wrapper and requires an existing authentication package to provide the underlying authentication mechanisms.

Installation

Install the package via Composer:

composer require raid/guardian

Configuration

Publish the configuration file with the following command:

php artisan vendor:publish --provider="Raid\Guardian\Providers\GuardianServiceProvider"

Usage

Here is an example of using the package in a controller:

class LoginController extends Controller
{
    public function __invoke(Request $request, UserGuardian $guardian)
    {
        $authenticator = $guardian->attempt($request->only([
            'email', 'password',
        ]));

        return response()->json([
            'authenticator' => $authenticator->getName(),
            'token' => $authenticator->getToken(),
            'resource' => $authenticator->getAuthenticatable()->toArray(),
            'errors' => $authenticator->errors()->toArray(),
        ]);
    }
}

Key Components:

  • The Guardian manages the authentication process and returns an Authenticator instance.
  • The Authenticator relies on Matchers, runs Norms, and executes Sequences for successful authentication.

Core Components

Authenticatable

The Authenticatable class is responsible for locating a user and returning an Illuminate\Contracts\Auth\Authenticatable instance.

Example Implementation:

<?php

namespace App\Models;

use Illuminate\Contracts\Auth\Authenticatable;
use Laravel\Sanctum\HasApiTokens;
use Illuminate\Foundation\Auth\User as Authenticatable;
use Raid\Guardian\Authenticatable\Contracts\AuthenticatableInterface;

class User extends Authenticatable implements AuthenticatableInterface
{
    public function findForAuthentication(string $attribute, mixed $value): ?AuthenticatableInterface
    {
        return $this->where($attribute, $value)->first();
    }
}

Requirements:

  • Implement AuthenticatableInterface.
  • Define the findForAuthentication method.

Guardian

The Guardian class orchestrates the Authenticatable and Authenticators during authentication.

Command to Generate:

php artisan raid:make-guardian UserGuardian

Configuration Example:

<?php

namespace App\Http\Authentication\Guardians;

use App\Models\User;
use Raid\Guardian\Guardians\Guardian;
use Raid\Guardian\Guardians\Contracts\GuardianInterface;

class UserGuardian extends Guardian implements GuardianInterface
{
    public const NAME = 'user';

    protected string $authenticatable = User::class;

    protected array $authenticators = [
        SystemAuthenticator::class,
    ];
}

Authenticator

Manages the core authentication logic.

Command to Generate:

php artisan raid:make-authenticator SystemAuthenticator

Configuration Example:

<?php

namespace App\Http\Authentication\Authenticators;

use Raid\Guardian\Authenticators\Authenticator;
use Raid\Guardian\Authenticators\Contracts\AuthenticatorInterface;

class SystemAuthenticator extends Authenticator implements AuthenticatorInterface
{
    public const NAME = 'system';
}

Defining Authenticators

For more details on configuring authenticators, see the Configuration Section.

Matcher

Matches the user with given credentials.

Command to Generate:

php artisan raid:make-matcher EmailMatcher

Configuration Example:

<?php

namespace App\Http\Authentication\Matchers;

use Raid\Guardian\Matchers\Matcher;
use Raid\Guardian\Matchers\Contracts\MatcherInterface;

class EmailMatcher extends Matcher implements MatcherInterface
{
    public const ATTRIBUTE = 'email';
}

Defining Matchers

For more details on configuring matchers, see the Configuration Section.

Norm

Defines rules to validate authentication.

Command to Generate:

php artisan raid:make-norm VerifiedNorm

Configuration Example:

<?php

namespace App\Http\Authentication\Norms;

use Raid\Guardian\Authenticators\Contracts\AuthenticatorInterface;
use Raid\Guardian\Norms\Contracts\NormInterface;

class VerifiedNorm implements NormInterface
{
    public function handle(AuthenticatorInterface $authenticator): bool
    {
        return $authenticator->getAuthenticatable()->isVerified();
    }
    
    public function fail(AuthenticatorInterface $authenticator): void
    {
        $authenticator->fail(message: __('auth.unverified'));
    }
}

Defining Norms

For more details on configuring norms, see the Configuration Section.

Sequence

Adds additional steps to the authentication process.

Command to Generate:

php artisan raid:make-sequence TwoFactorEmailSequence

Configuration Example:

<?php

namespace App\Http\Authentication\Sequences;

use App\Core\Integrations\Mail\MailService;
use App\Mail\TwoFactorMail;
use Raid\Guardian\Authenticators\Contracts\AuthenticatorInterface;
use Raid\Guardian\Sequences\Contracts\SequenceInterface;

class TwoFactorEmailSequence implements SequenceInterface
{
    public function __construct(
        private readonly MailService $mailService,
    ) {

    }

    public function handle(AuthenticatorInterface $authenticator): void
    {
        $code = generate_code();
        
        $authenticatable = $authenticator->getAuthenticatable();

        $authenticatable->update([
            'two_factor_email_code' => $code,
        ]);
        
        $this->mailService->send(
            $authenticatable->getAttribute('email'),
            new TwoFactorMail($authenticatable->getAttribute('name'), $code),
        );
    }
}

Defining Sequences

For more details on configuring matchers, see the Configuration Section.

Driver

Handles token generation for authenticated users depending on the authentication package.

Driver Types:

  • PassportDriver
  • JwtDriver
  • SanctumDriver

Defining the Default Driver:

Update the configuration in config\guardian.php:

<?php

use Raid\Guardian\Drivers\SanctumDriver;

return [

    'default_driver' => SanctumDriver::class,
];

Creating a Custom Driver:

php artisan raid:make-driver CustomDriver

Configuration Example:

<?php

namespace App\Http\Authentication\Drivers;

use Raid\Guardian\Tokens\Contracts\TokenInterface;
use Raid\Guardian\Authenticatable\Contracts\AuthenticatableInterface;
use Raid\Guardian\Drivers\Contracts\DriverInterface;

class CustomDriver implements DriverInterface
{
    public function generateToken(Authenticatable Interface $authenticatable, ?TokenInterface $token = null): string
    {
        // Custom logic for generating tokens
    }
}

Error Handling

Manage errors using the errors() method:

$authenticator->fail('key', 'message');
$authenticator->errors()->toArray();

Components Configuration

Key Properties for Configuration

Property Description
$authenticators List of authenticators for the Guardian.
$defaultAuthenticator Default authenticator for the Guardian.
$matchers List of matchers for the Authenticator.
$norms List of norms for the Authenticator.
$sequences List of sequences for the Authenticator.

Defining Authenticators

Authenticators manages the core authentication logic.

You can configure the authenticators for a Guardian in two ways:

1. Using a Property in the Guardian Class

Define the list of authenticators directly in your custom Guardian class:

<?php

namespace App\Http\Authentication\Guardians;

use App\Http\Authentication\Authenticators\SystemAuthenticator;
use Raid\Guardian\Guardians\Guardian;
use Raid\Guardian\Guardians\Contracts\GuardianInterface;

class UserGuardian extends Guardian implements GuardianInterface
{
    protected array $authenticators = [
        SystemAuthenticator::class,
    ];

    protected string $defaultAuthenticator = SystemAuthenticator::class; // Optional: Set the default authenticator
}

2. Using the Configuration File

Define authenticators in the config/guardian.php file under guardian_authenticators:

<?php

use App\Http\Authentication\Authenticators\SystemAuthenticator;
use App\Http\Authentication\Guardians\UserGuardian;

return [

    'guardian_authenticators' => [
        UserGuardian::class => [
            SystemAuthenticator::class,
        ],
    ],
];

Default Authenticator

To set a default authenticator for a Guardian:

  • In the Guardian Class: Use the $defaultAuthenticator property.
  • In the Configuration File: Use guardian_authenticators key.

If no default authenticator is specified, the Guardian will use the default authenticator configured in config/guardian.php under default_authenticator.

Defining Matchers

Matchers are used to locate the user based on credentials. You can define matchers in two ways:

1. Using a Property in the Authenticator Class

In your custom authenticator class, define the matchers property:

<?php

namespace App\Http\Authentication\Authenticators;

use App\Http\Authentication\Matchers\EmailMatcher;
use Raid\Guardian\Authenticators\Authenticator;
use Raid\Guardian\Authenticators\Contracts\AuthenticatorInterface;

class SystemAuthenticator extends Authenticator implements AuthenticatorInterface
{
    protected array $matchers = [
        EmailMatcher::class,
    ];
}

2. Using the Configuration File

You can also define matchers in the config/guardian.php file under authenticator_matchers:

<?php

use App\Http\Authentication\Matchers\EmailMatcher;
use App\Http\Authentication\Authenticators\SystemAuthenticator;

return [

    'authenticator_matchers' => [
        SystemAuthenticator::class => [
            EmailMatcher::class,
        ],
    ],
];

Defining Norms

Norms validate the authentication process. Similar to matchers, norms can be defined in two ways:

1. Using a Property in the Authenticator Class

In your custom authenticator class, define the norms property:

<?php

namespace App\Http\Authentication\Authenticators;

use App\Http\Authentication\Norms\VerifiedNorm;
use Raid\Guardian\Authenticators\Authenticator;
use Raid\Guardian\Authenticators\Contracts\AuthenticatorInterface;

class SystemAuthenticator extends Authenticator implements AuthenticatorInterface
{
    protected array $norms = [
        VerifiedNorm::class,
    ];
}

2. Using the Configuration File

Define norms in the config/guardian.php file under authenticator_norms:

<?php

use App\Http\Authentication\Norms\VerifiedNorm;
use App\Http\Authentication\Authenticators\SystemAuthenticator;

return [

    'authenticator_norms' => [
        SystemAuthenticator::class => [
            VerifiedNorm::class,
        ],
    ],

];

Defining Sequences

Sequences add extra steps to the authentication process. Like matchers and norms, they can be defined in two ways:

1. Using a Property in the Authenticator Class

In your custom authenticator class, define the sequences property:

<?php

namespace App\Http\Authentication\Authenticators;

use App\Http\Authentication\Sequences\TwoFactorEmailSequence;
use Raid\Guardian\Authenticators\Authenticator;
use Raid\Guardian\Authenticators\Contracts\AuthenticatorInterface;

class SystemAuthenticator extends Authenticator implements AuthenticatorInterface
{
    protected array $sequences = [
        TwoFactorEmailSequence::class,
    ];
}

2. Using the Configuration File

Define sequences in the config/guardian.php file under authenticator_sequences:

<?php

use App\Http\Authentication\Sequences\TwoFactorEmailSequence;
use App\Http\Authentication\Authenticators\SystemAuthenticator;

return [

    'authenticator_sequences' => [
        SystemAuthenticator::class => [
            TwoFactorEmailSequence::class,
        ],
    ],

];

Summary

  • Property in Authenticator Class: Encapsulation of matchers, norms, and sequences within the authenticator class.
  • Configuration File: Centralized configuration for easier management across multiple authenticators.

This flexibility allows you to structure your application according to your needs.

Contributing

Pull requests are welcome. For major changes, please open an issue first to discuss what you would like to change.

License

MIT License. See the LICENSE file for details.

Credits

Support Raid

Raid is an MIT-licensed open-source project developed with community contributions.

raid/guardian 适用场景与选型建议

raid/guardian 是一款 基于 PHP 开发的 Composer 扩展包,目前已累计 19 次下载、GitHub Stars 达 0, 最近一次更新时间为 2024 年 04 月 26 日, 在 PHP 生态内属于活跃度较高的组件。

它主要适用于以下技术方向: 「Authentication」 「auth」 「laravel」 「jwt」 「guardian」 「raid」 等业务场景。在实际项目中,围绕这些方向常见需要落地的问题包括:接口对接、性能调优、并发安全、与既有框架(Laravel / ThinkPHP / Yii / Webman 等)的兼容适配,以及生产环境的日志埋点与稳定性保障。

我们在过去多个企业项目中使用过 raid/guardian 或与其功能相近的方案,如果你在选型或落地过程中遇到问题,例如 版本兼容、二次改造、私有化封装、与内部系统对接、生产 BUG 排查,欢迎联系我们协助评估。

围绕 raid/guardian 我们能提供哪些服务?
定制开发 / 二次开发

基于 raid/guardian 在你已有业务上做功能扩展、字段裁剪、UI 适配、与内部账号 / 权限 / 日志系统的深度对接。

BUG 修复 & 性能优化

线上偶发问题、内存泄漏、慢查询、并发异常等排查修复;针对高流量场景做缓存、队列、索引层面的调优。

项目外包 & 长期维护

承接完整的项目从需求 → 设计 → 开发 → 上线 → 长期运维;也可按月提供技术保姆服务。

yvsm@zunyunkeji.com QQ:316430983 微信:yvsm316 西安尊云信息科技 · 专注 PHP / Go / 分布式系统研发

统计信息

  • 总下载量: 19
  • 月度下载量: 0
  • 日度下载量: 0
  • 收藏数: 0
  • 点击次数: 23
  • 依赖项目数: 0
  • 推荐数: 0

GitHub 信息

  • Stars: 0
  • Watchers: 1
  • Forks: 0
  • 开发语言: PHP

其他信息

  • 授权协议: MIT
  • 更新时间: 2024-04-26