Skip to content

Add IndieAuth and token endpoints to your Laravel app

License

Notifications You must be signed in to change notification settings

janboddez/laravel-indieauth

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

24 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

laravel-indieauth

Adds the following routes to your Laravel application:

/indieauth (GET/POST)
├── /metadata (GET)
└── /token (GET/POST)
    └── /revocation (POST)

After installation, run php artisan migrate. This will add a url column to Laravel's (default) users table, and nothing more.

To modify the simple authorization form, publish it to resources/views/vendor/indieauth:

php artisan vendor:publish --provider="janboddez\IndieAuth\IndieAuthServiceProvider" --tag="views"

Finally, for IndieAuth clients to be able to use your (token) endpoint, add the following to your Laravel application's head:

<link rel="authorization_endpoint" href="/indieauth">
<link rel="token_endpoint" href="/indieauth/token">

Sanctum

This package uses Laravel Sanctum to issue and verify tokens. By default, tokens never expire. It is, however, possible to define an expiration time.

Token Revocation

Tokens can be revoked simply by sending a POST request to /token/revocation, using the token (i.e., as a bearer token in an authorization header) you wish to revoke.

Alternatively, sending a POST request to the token endpoint itself (i.e., /token) with the following two parameters in its body will work as well:

action=revoke&token=<the-token-in-question>

About

Add IndieAuth and token endpoints to your Laravel app

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published