Yii Auth JWT

The package provides JWT authentication method for Yii Auth.

Requirements

• PHP 8.0 or higher.

Installation

The package could be installed with Composer:

composer require yiisoft/auth-jwt

General usage

Configuring within Yii

1. Set JWT parameters in your params.php config file:

   'yiisoft/auth-jwt' => [
       'algorithms' => [
           // your signature algorithms
       ],
       'serializers' => [
           // your token serializers
       ],
       'key' => [
           'secret' => 'your-secret',
           'file' => 'your-certificate-file',
       ],
   ],
   

2. Setup definitions, required for \Yiisoft\Auth\Middleware\Authentication middleware in a config, for example, in config/web/auth.php:

   /** @var array $params */
   
   use Yiisoft\Auth\Jwt\TokenManagerInterface;
   use Yiisoft\Auth\Jwt\TokenManager;
   use Yiisoft\Auth\AuthenticationMethodInterface;
   use Yiisoft\Auth\Jwt\JwtMethod;
   
   return [
       KeyFactoryInterface::class => [
           'class' => FromSecret::class,
           '__construct()' => [
               $params['yiisoft/auth-jwt']['key']['secret']
           ],
       ],
   
       AuthenticationMethodInterface::class => JwtMethod::class,
   ];
   

   Note: Don't forget to declare your implementations of \Yiisoft\Auth\IdentityInterface and \Yiisoft\Auth\IdentityRepositoryInterface.

3. Use Yiisoft\Auth\Middleware\Authentication middleware. Read more about middlewares in the middleware guide.

Configuring independently

You can configure Authentication middleware manually:

/** @var \Yiisoft\Auth\IdentityRepositoryInterface $identityRepository */
$identityRepository = getIdentityRepository();

$tokenRepository = $container->get(\Yiisoft\Auth\Jwt\TokenRepositoryInterface::class);

$authenticationMethod = new \Yiisoft\Auth\Jwt\JwtMethod($identityRepository, $tokenRepository);

$middleware = new \Yiisoft\Auth\Middleware\Authentication(
    $authenticationMethod,
    $responseFactory, // PSR-17 ResponseFactoryInterface.
    $failureHandler // Optional, \Yiisoft\Auth\Handler\AuthenticationFailureHandler by default.
);

Documentation

• Internals

If you need help or have a question, the Yii Forum is a good place for that. You may also check out other Yii Community Resources.

License

The Yii Auth JWT is free software. It is released under the terms of the BSD License. Please see LICENSE for more information.

Maintained by Yii Software.

Support the project

Follow updates