raid/guardian
Composer 安装命令:
composer require raid/guardian
包简介
Raid Authentication Package
README 文档
README
This package provides a unified authentication flow by acting as a wrapper around any authentication package. It introduces several new concepts:
Requirements
- PHP
>= 8.2 - An installed authentication package (e.g., Laravel Sanctum, Laravel Passport, or any other compatible package)
This package acts as a wrapper and requires an existing authentication package to provide the underlying authentication mechanisms.
Installation
Install the package via Composer:
composer require raid/guardian
Configuration
Publish the configuration file with the following command:
php artisan vendor:publish --provider="Raid\Guardian\Providers\GuardianServiceProvider"
Usage
Here is an example of using the package in a controller:
class LoginController extends Controller { public function __invoke(Request $request, UserGuardian $guardian) { $authenticator = $guardian->attempt($request->only([ 'email', 'password', ])); return response()->json([ 'authenticator' => $authenticator->getName(), 'token' => $authenticator->getToken(), 'resource' => $authenticator->getAuthenticatable()->toArray(), 'errors' => $authenticator->errors()->toArray(), ]); } }
Key Components:
- The
Guardianmanages the authentication process and returns anAuthenticatorinstance. - The
Authenticatorrelies onMatchers, runsNorms, and executesSequencesfor successful authentication.
Core Components
Authenticatable
The Authenticatable class is responsible for locating a user and returning an Illuminate\Contracts\Auth\Authenticatable instance.
Example Implementation:
<?php namespace App\Models; use Illuminate\Contracts\Auth\Authenticatable; use Laravel\Sanctum\HasApiTokens; use Illuminate\Foundation\Auth\User as Authenticatable; use Raid\Guardian\Authenticatable\Contracts\AuthenticatableInterface; class User extends Authenticatable implements AuthenticatableInterface { public function findForAuthentication(string $attribute, mixed $value): ?AuthenticatableInterface { return $this->where($attribute, $value)->first(); } }
Requirements:
- Implement
AuthenticatableInterface. - Define the
findForAuthenticationmethod.
Guardian
The Guardian class orchestrates the Authenticatable and Authenticators during authentication.
Command to Generate:
php artisan raid:make-guardian UserGuardian
Configuration Example:
<?php namespace App\Http\Authentication\Guardians; use App\Models\User; use Raid\Guardian\Guardians\Guardian; use Raid\Guardian\Guardians\Contracts\GuardianInterface; class UserGuardian extends Guardian implements GuardianInterface { public const NAME = 'user'; protected string $authenticatable = User::class; protected array $authenticators = [ SystemAuthenticator::class, ]; }
Authenticator
Manages the core authentication logic.
Command to Generate:
php artisan raid:make-authenticator SystemAuthenticator
Configuration Example:
<?php namespace App\Http\Authentication\Authenticators; use Raid\Guardian\Authenticators\Authenticator; use Raid\Guardian\Authenticators\Contracts\AuthenticatorInterface; class SystemAuthenticator extends Authenticator implements AuthenticatorInterface { public const NAME = 'system'; }
Defining Authenticators
For more details on configuring authenticators, see the Configuration Section.
Matcher
Matches the user with given credentials.
Command to Generate:
php artisan raid:make-matcher EmailMatcher
Configuration Example:
<?php namespace App\Http\Authentication\Matchers; use Raid\Guardian\Matchers\Matcher; use Raid\Guardian\Matchers\Contracts\MatcherInterface; class EmailMatcher extends Matcher implements MatcherInterface { public const ATTRIBUTE = 'email'; }
Defining Matchers
For more details on configuring matchers, see the Configuration Section.
Norm
Defines rules to validate authentication.
Command to Generate:
php artisan raid:make-norm VerifiedNorm
Configuration Example:
<?php namespace App\Http\Authentication\Norms; use Raid\Guardian\Authenticators\Contracts\AuthenticatorInterface; use Raid\Guardian\Norms\Contracts\NormInterface; class VerifiedNorm implements NormInterface { public function handle(AuthenticatorInterface $authenticator): bool { return $authenticator->getAuthenticatable()->isVerified(); } public function fail(AuthenticatorInterface $authenticator): void { $authenticator->fail(message: __('auth.unverified')); } }
Defining Norms
For more details on configuring norms, see the Configuration Section.
Sequence
Adds additional steps to the authentication process.
Command to Generate:
php artisan raid:make-sequence TwoFactorEmailSequence
Configuration Example:
<?php namespace App\Http\Authentication\Sequences; use App\Core\Integrations\Mail\MailService; use App\Mail\TwoFactorMail; use Raid\Guardian\Authenticators\Contracts\AuthenticatorInterface; use Raid\Guardian\Sequences\Contracts\SequenceInterface; class TwoFactorEmailSequence implements SequenceInterface { public function __construct( private readonly MailService $mailService, ) { } public function handle(AuthenticatorInterface $authenticator): void { $code = generate_code(); $authenticatable = $authenticator->getAuthenticatable(); $authenticatable->update([ 'two_factor_email_code' => $code, ]); $this->mailService->send( $authenticatable->getAttribute('email'), new TwoFactorMail($authenticatable->getAttribute('name'), $code), ); } }
Defining Sequences
For more details on configuring matchers, see the Configuration Section.
Driver
Handles token generation for authenticated users depending on the authentication package.
Driver Types:
PassportDriverJwtDriverSanctumDriver
Defining the Default Driver:
Update the configuration in config\guardian.php:
<?php use Raid\Guardian\Drivers\SanctumDriver; return [ 'default_driver' => SanctumDriver::class, ];
Creating a Custom Driver:
php artisan raid:make-driver CustomDriver
Configuration Example:
<?php namespace App\Http\Authentication\Drivers; use Raid\Guardian\Tokens\Contracts\TokenInterface; use Raid\Guardian\Authenticatable\Contracts\AuthenticatableInterface; use Raid\Guardian\Drivers\Contracts\DriverInterface; class CustomDriver implements DriverInterface { public function generateToken(Authenticatable Interface $authenticatable, ?TokenInterface $token = null): string { // Custom logic for generating tokens } }
Error Handling
Manage errors using the errors() method:
$authenticator->fail('key', 'message'); $authenticator->errors()->toArray();
Components Configuration
Key Properties for Configuration
| Property | Description |
|---|---|
$authenticators |
List of authenticators for the Guardian. |
$defaultAuthenticator |
Default authenticator for the Guardian. |
$matchers |
List of matchers for the Authenticator. |
$norms |
List of norms for the Authenticator. |
$sequences |
List of sequences for the Authenticator. |
Defining Authenticators
Authenticators manages the core authentication logic.
You can configure the authenticators for a Guardian in two ways:
1. Using a Property in the Guardian Class
Define the list of authenticators directly in your custom Guardian class:
<?php namespace App\Http\Authentication\Guardians; use App\Http\Authentication\Authenticators\SystemAuthenticator; use Raid\Guardian\Guardians\Guardian; use Raid\Guardian\Guardians\Contracts\GuardianInterface; class UserGuardian extends Guardian implements GuardianInterface { protected array $authenticators = [ SystemAuthenticator::class, ]; protected string $defaultAuthenticator = SystemAuthenticator::class; // Optional: Set the default authenticator }
2. Using the Configuration File
Define authenticators in the config/guardian.php file under guardian_authenticators:
<?php use App\Http\Authentication\Authenticators\SystemAuthenticator; use App\Http\Authentication\Guardians\UserGuardian; return [ 'guardian_authenticators' => [ UserGuardian::class => [ SystemAuthenticator::class, ], ], ];
Default Authenticator
To set a default authenticator for a Guardian:
- In the Guardian Class: Use the $defaultAuthenticator property.
- In the Configuration File: Use guardian_authenticators key.
If no default authenticator is specified, the Guardian will use the default authenticator configured in config/guardian.php under default_authenticator.
Defining Matchers
Matchers are used to locate the user based on credentials. You can define matchers in two ways:
1. Using a Property in the Authenticator Class
In your custom authenticator class, define the matchers property:
<?php namespace App\Http\Authentication\Authenticators; use App\Http\Authentication\Matchers\EmailMatcher; use Raid\Guardian\Authenticators\Authenticator; use Raid\Guardian\Authenticators\Contracts\AuthenticatorInterface; class SystemAuthenticator extends Authenticator implements AuthenticatorInterface { protected array $matchers = [ EmailMatcher::class, ]; }
2. Using the Configuration File
You can also define matchers in the config/guardian.php file under authenticator_matchers:
<?php use App\Http\Authentication\Matchers\EmailMatcher; use App\Http\Authentication\Authenticators\SystemAuthenticator; return [ 'authenticator_matchers' => [ SystemAuthenticator::class => [ EmailMatcher::class, ], ], ];
Defining Norms
Norms validate the authentication process. Similar to matchers, norms can be defined in two ways:
1. Using a Property in the Authenticator Class
In your custom authenticator class, define the norms property:
<?php namespace App\Http\Authentication\Authenticators; use App\Http\Authentication\Norms\VerifiedNorm; use Raid\Guardian\Authenticators\Authenticator; use Raid\Guardian\Authenticators\Contracts\AuthenticatorInterface; class SystemAuthenticator extends Authenticator implements AuthenticatorInterface { protected array $norms = [ VerifiedNorm::class, ]; }
2. Using the Configuration File
Define norms in the config/guardian.php file under authenticator_norms:
<?php use App\Http\Authentication\Norms\VerifiedNorm; use App\Http\Authentication\Authenticators\SystemAuthenticator; return [ 'authenticator_norms' => [ SystemAuthenticator::class => [ VerifiedNorm::class, ], ], ];
Defining Sequences
Sequences add extra steps to the authentication process. Like matchers and norms, they can be defined in two ways:
1. Using a Property in the Authenticator Class
In your custom authenticator class, define the sequences property:
<?php namespace App\Http\Authentication\Authenticators; use App\Http\Authentication\Sequences\TwoFactorEmailSequence; use Raid\Guardian\Authenticators\Authenticator; use Raid\Guardian\Authenticators\Contracts\AuthenticatorInterface; class SystemAuthenticator extends Authenticator implements AuthenticatorInterface { protected array $sequences = [ TwoFactorEmailSequence::class, ]; }
2. Using the Configuration File
Define sequences in the config/guardian.php file under authenticator_sequences:
<?php use App\Http\Authentication\Sequences\TwoFactorEmailSequence; use App\Http\Authentication\Authenticators\SystemAuthenticator; return [ 'authenticator_sequences' => [ SystemAuthenticator::class => [ TwoFactorEmailSequence::class, ], ], ];
Summary
- Property in Authenticator Class: Encapsulation of matchers, norms, and sequences within the authenticator class.
- Configuration File: Centralized configuration for easier management across multiple authenticators.
This flexibility allows you to structure your application according to your needs.
Contributing
Pull requests are welcome. For major changes, please open an issue first to discuss what you would like to change.
License
MIT License. See the LICENSE file for details.
Credits
Support Raid
Raid is an MIT-licensed open-source project developed with community contributions.
raid/guardian 适用场景与选型建议
raid/guardian 是一款 基于 PHP 开发的 Composer 扩展包,目前已累计 19 次下载、GitHub Stars 达 0, 最近一次更新时间为 2024 年 04 月 26 日, 在 PHP 生态内属于活跃度较高的组件。
它主要适用于以下技术方向: 「Authentication」 「auth」 「laravel」 「jwt」 「guardian」 「raid」 等业务场景。在实际项目中,围绕这些方向常见需要落地的问题包括:接口对接、性能调优、并发安全、与既有框架(Laravel / ThinkPHP / Yii / Webman 等)的兼容适配,以及生产环境的日志埋点与稳定性保障。
我们在过去多个企业项目中使用过 raid/guardian 或与其功能相近的方案,如果你在选型或落地过程中遇到问题,例如 版本兼容、二次改造、私有化封装、与内部系统对接、生产 BUG 排查,欢迎联系我们协助评估。
基于 raid/guardian 在你已有业务上做功能扩展、字段裁剪、UI 适配、与内部账号 / 权限 / 日志系统的深度对接。
线上偶发问题、内存泄漏、慢查询、并发异常等排查修复;针对高流量场景做缓存、队列、索引层面的调优。
承接完整的项目从需求 → 设计 → 开发 → 上线 → 长期运维;也可按月提供技术保姆服务。
与 raid/guardian 相关的其它包
同方向 / 同关键字的高下载量 PHP Composer 包推荐,方便对比选型:
Laravel Multiauth package
Automatically logs-in users if they are already authenticated by a remote source. (e.g. environment variable REMOTE_USER)
GraphQL authentication for your headless Craft CMS applications.
A lightweight and powerful OAuth 2.0 authorization and resource server library with support for all the core specification grants. This library will allow you to secure your API with OAuth and allow your applications users to approve apps that want to access their data from your API.
Laravel middleware to restrict a site or specific routes using HTTP basic authentication
This package provides a flexible way to add Role-based Permissions to Laravel 6.x
统计信息
- 总下载量: 19
- 月度下载量: 0
- 日度下载量: 0
- 收藏数: 0
- 点击次数: 23
- 依赖项目数: 0
- 推荐数: 0
其他信息
- 授权协议: MIT
- 更新时间: 2024-04-26