定制 sminnee/silverstripe-apikey 二次开发

按需修改功能、优化性能、对接业务系统,提供一站式技术支持

邮箱:yvsm@zunyunkeji.com | QQ:316430983 | 微信:yvsm316

sminnee/silverstripe-apikey

Composer 安装命令:

composer require sminnee/silverstripe-apikey

包简介

API Key management for Silverstripe CMS

README 文档

README

Build Status codecov

This module provides a way of creating an managing API keys within SilverStripe. This can be useful for building RESTful and other APIs.

Requirements

  • SilverStripe ^4 || ^5
  • PHP 5.5+

Installation

composer require sminnee/silverstripe-apikey

How it works

  • Extensions the the SecurityAdmin provide interfaces for seeing API keys, and generating new ones. API keys are allocated member-by-member.
  • A RequestMiddleware will look for an API key header (default: X-API-Key) and if it is present, authenticate the user so that Member::currentUser() will return the corresponding member. This should be configured by non-GraphQL requests.
  • A ApiKeyAuthenticator should be configured for GraphQL request and will return the authenticated member for GraphQL contexts to use, while not applying it to the CMS session.

Regular use

For regular module usage, use the RequestMiddleware class. The configuration to apply it is in this module's apikey.yml, but is commented out.

Copy the configuration and add it to your mysite/_config/apikey.yml file.

This will protect all of your frontend routes.

GraphQL

The GraphQL authenticator will work separately from the RequestMiddleware. If using this module for GraphQL, you will probably want to disable the RequestMiddleware. If you run both at the same time you will find that:

  • Authentication exceptions are thrown outside of the GraphQL context (i.e. not wrapped in JSON output)
  • Successful requests will register two "times used" each, since it's authenticated in two places

Limitations

  • You can't limit the rights that the API key has to be more granular than "all rights of the given user".
  • Keys can't be disabled, only deleted
  • No support for storing encrypted ("read-once") keys

Status

This should be considered experimental for now, and used with care. It has not received a security audit.

sminnee/silverstripe-apikey 适用场景与选型建议

sminnee/silverstripe-apikey 是一款 基于 PHP 开发的 Composer 扩展包,目前已累计 3.58k 次下载、GitHub Stars 达 6, 最近一次更新时间为 2015 年 12 月 03 日, 在 PHP 生态内属于活跃度较高的组件。

我们在过去多个企业项目中使用过 sminnee/silverstripe-apikey 或与其功能相近的方案,如果你在选型或落地过程中遇到问题,例如 版本兼容、二次改造、私有化封装、与内部系统对接、生产 BUG 排查,欢迎联系我们协助评估。

围绕 sminnee/silverstripe-apikey 我们能提供哪些服务?
定制开发 / 二次开发

基于 sminnee/silverstripe-apikey 在你已有业务上做功能扩展、字段裁剪、UI 适配、与内部账号 / 权限 / 日志系统的深度对接。

BUG 修复 & 性能优化

线上偶发问题、内存泄漏、慢查询、并发异常等排查修复;针对高流量场景做缓存、队列、索引层面的调优。

项目外包 & 长期维护

承接完整的项目从需求 → 设计 → 开发 → 上线 → 长期运维;也可按月提供技术保姆服务。

yvsm@zunyunkeji.com QQ:316430983 微信:yvsm316 西安尊云信息科技 · 专注 PHP / Go / 分布式系统研发

统计信息

  • 总下载量: 3.58k
  • 月度下载量: 0
  • 日度下载量: 0
  • 收藏数: 6
  • 点击次数: 22
  • 依赖项目数: 2
  • 推荐数: 0

GitHub 信息

  • Stars: 6
  • Watchers: 6
  • Forks: 19
  • 开发语言: PHP

其他信息

  • 授权协议: BSD-3-Clause
  • 更新时间: 2015-12-03