Skip to content

Commit a70d13b

Browse files
committed
Add support for Bearer token auhentication
1 parent 25ff37b commit a70d13b

File tree

4 files changed

+43
-7
lines changed

4 files changed

+43
-7
lines changed

README.md

Lines changed: 20 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -31,6 +31,20 @@ return [
3131
];
3232
```
3333

34+
#### Authorization with Bearer token
35+
36+
If you want to use the `Authorization` header with `Bearer` token, you should set the `header` key to `Authorization` and the `prefix` key to `Bearer` in your `config/apiTokenAuthenticator.php` file.
37+
38+
```php
39+
<?php
40+
return [
41+
'ApiTokenAuthenticator' => [
42+
'header' => 'Authorization',
43+
'prefix' => 'Bearer',
44+
]
45+
];
46+
```
47+
3448
## Authentication
3549

3650
The plugin authentication workflow is the following.
@@ -39,19 +53,19 @@ At your client appliacation you should send a POST request to `/users/login.json
3953

4054
```json
4155
{
42-
"email": "[email protected]",
43-
"password": "rrd"
56+
"email": "[email protected]",
57+
"password": "rrd"
4458
}
4559
```
4660

4761
If the login was successful than you will get a response like this.
4862

4963
```json
5064
{
51-
"user": {
52-
"id": 1,
53-
"token": "yourSecretTokenComingFromTheDatabase"
54-
}
65+
"user": {
66+
"id": 1,
67+
"token": "yourSecretTokenComingFromTheDatabase"
68+
}
5569
}
5670
```
5771

composer.json

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
{
22
"name": "rrd108/api-token-authenticator",
33
"description": "A Simple Token Authentication Plugin for CakePHP 5 REST API-s",
4-
"version": "1.0.4",
4+
"version": "1.1.0",
55
"type": "cakephp-plugin",
66
"license": "MIT",
77
"autoload": {

config/apiTokenAuthenticator.php

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -7,8 +7,13 @@
77
'username' => 'email',
88
'password' => 'password'
99
],
10+
1011
// name of the header for the token
1112
'header' => 'Token',
13+
// for Bearer Athorization use this instead of the default
14+
//'header' => 'Authorization
15+
//'tokenPrefix' => 'Bearer',
16+
1217
// login controller and action
1318
'login' => [
1419
'controller' => 'Users',

tests/TestCase/Authentication/Authenticator/ProvisoryTokenAuthenticatorTest.php

Lines changed: 17 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -75,4 +75,21 @@ public function testAuthenticateWithExpiredToken()
7575
$result = $tokenAuth->authenticate($requestWithHeader);
7676
$this->assertSame('TOKEN_EXPIRED', $result->getStatus());
7777
}
78+
79+
public function testAuthenticateWithBearerToken()
80+
{
81+
$options = Configure::read('ApiTokenAuthenticator');
82+
$extraOptions = ['header' => 'Authorization', 'tokenPrefix' => 'Bearer'];
83+
Configure::write('ApiTokenAuthenticator', $extraOptions + $options);
84+
$tokenAuth = new ProvisoryTokenAuthenticator($this->identifiers, $extraOptions + $options);
85+
86+
$request = ServerRequestFactory::fromGlobals(
87+
['REQUEST_URI' => '/testpath'],
88+
[],
89+
['username' => 'rrd', 'password' => 'webmania']
90+
);
91+
$requestWithHeader = $request->withAddedHeader('Authorization', 'Bearer token-1');
92+
$result = $tokenAuth->authenticate($requestWithHeader);
93+
$this->assertSame(Result::SUCCESS, $result->getStatus());
94+
}
7895
}

0 commit comments

Comments
 (0)