Skip to content

Commit

Permalink
GH-7 (#9)
Browse files Browse the repository at this point in the history
  • Loading branch information
gammamatrix authored Feb 11, 2024
1 parent 592c15a commit 09d5356
Show file tree
Hide file tree
Showing 3 changed files with 59 additions and 27 deletions.
63 changes: 56 additions & 7 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,12 @@ composer require gammamatrix/playground-auth

**NOTE:** This package is required by [Playground: Login Blade](https://github.com/gammamatrix/playground-login-blade)

## `artisan about`

Playground Auth provides information in the `artisan about` command.

<img src="resources/docs/artisan-about-playground-auth.png" alt="screenshot of artisan about command with Playground Auth.">


## Configuration

Expand All @@ -30,7 +36,56 @@ See the contents of the published config file: [config/playground-auth.php](conf

The default configuration utitlizes:
- Sanctum with role based abilities
- Users may have additional abilities in the model Playground\Models\User: `users.abilities`
- Users may have additional abilities in the [`Playground\Models\User`](https://github.com/gammamatrix/playground/blob/develop/src/Models/User.php): `users.abilities`
- The Playground user model uses a UUID primary key along with additional fields. See the [migration for `Playground\Models\User`](https://github.com/gammamatrix/playground/blob/develop/database/migrations-playground/2014_10_12_000000_create_users_table.php)

## Abilities, Privileges, Roles and Sanctum

Depending on your needs, there are multiple middleware, authentication and authorization options available.

Abilities may be used with wildcards at multiple levels. Optionally, these abilities may be used with [Sanctum](https://laravel.com/docs/10.x/sanctum) for API Tokens.

Here is an example of the configurable abilities:
```php
'abilities' => [
'root' => [
'*',
],
'admin' => [
'app:*',
'playground:*',
'playground-auth:*',
'playground-cms:*',
'playground-cms-resource:*',
'playground-matrix:*',
'playground-matrix-resource:*',
],
'manager' => [
'app:view',

'playground:view',

'playground-auth:logout',
'playground-auth:reset-password',
// ...
'user' => [
'app:view',
// ...
],
// No abilities for guests:
'guest' => [
'none',
],
// Allow abilities for guests:
'guest' => [
'app:view',

'playground:view',

'playground-auth:logout',
'playground-auth:reset-password',
// ...
```

### Environment Variables

Expand Down Expand Up @@ -106,12 +161,6 @@ composer format
composer test
```

## `artisan about`

Playground Auth provides information in the `artisan about` command.

<img src="resources/docs/artisan-about-playground-auth.png" alt="screenshot of artisan about command with Playground Auth.">

## Changelog

Please see [CHANGELOG](CHANGELOG.md) for more information on what has changed recently.
Expand Down
4 changes: 2 additions & 2 deletions composer.json
Original file line number Diff line number Diff line change
Expand Up @@ -22,10 +22,10 @@
],
"require": {
"php": "^8.1",
"gammamatrix/playground": "dev-develop|dev-master|^73.0"
"gammamatrix/playground": "dev-develop|dev-master|dev-feature/*|^73.0"
},
"require-dev": {
"gammamatrix/playground-test": "dev-develop|dev-master|^73.0"
"gammamatrix/playground-test": "dev-develop|dev-master|dev-feature/*|^73.0"
},
"minimum-stability": "dev",
"prefer-stable": true,
Expand Down
19 changes: 1 addition & 18 deletions src/Issuer.php
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@
*/
namespace Playground\Auth;

use Illuminate\Foundation\Auth\User as Authenticatable;
use Illuminate\Contracts\Auth\Authenticatable;
use Illuminate\Support\Carbon;
// use Illuminate\Support\Facades\Auth;
use Laravel\Sanctum\Contracts\HasApiTokens;
Expand Down Expand Up @@ -56,19 +56,6 @@ protected function abilitiesByGroup(string $group): array
}

/**
* TODO This should work with any kind of authentication system. Identify what is supported.
*
* Types:
* - User::$priviliges
* - User::hasPrivilige()
* - User::$roles
* - User::hasRole() - with string or array?
* - User::hasRoles()
* - Auth::user()?->currentAccessToken()?->can('app:*')
* - Auth::user()?->currentAccessToken()?->can($withPrivilege.':create')
*
* @experimental Subject to change
*
* @return array<int, string>
*/
protected function abilities(Authenticatable $user): array
Expand Down Expand Up @@ -219,10 +206,6 @@ public function sanctum(HasApiTokens $user): array
$expiresAt = Carbon::parse($config['expires']);
}

// dd([
// '__METHOD__' => __METHOD__,
// 'createToken' => $user->createToken($name, $abilities, $expiresAt)->toArray(),
// ]);
$tokens[$name] = $user->createToken(
$name,
$this->abilities($user)
Expand Down

0 comments on commit 09d5356

Please sign in to comment.