PHPackages                             api-skeletons/laravel-doctrine-apikey - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [Database &amp; ORM](/categories/database)
4. /
5. api-skeletons/laravel-doctrine-apikey

ActiveLibrary[Database &amp; ORM](/categories/database)

api-skeletons/laravel-doctrine-apikey
=====================================

API keys with scopes for Laravel Doctrine

2.0.2(2y ago)07.7k↓71.9%1MITPHPPHP ^8.1

Since Dec 17Pushed 2y ago1 watchersCompare

[ Source](https://github.com/API-Skeletons/laravel-doctrine-apikey)[ Packagist](https://packagist.org/packages/api-skeletons/laravel-doctrine-apikey)[ RSS](/packages/api-skeletons-laravel-doctrine-apikey/feed)WikiDiscussions main Synced 3d ago

READMEChangelog (10)Dependencies (9)Versions (16)Used By (0)

Laravel Doctrine ApiKey
=======================

[](#laravel-doctrine-apikey)

[![Build Status](https://github.com/API-Skeletons/laravel-doctrine-apikey/actions/workflows/continuous-integration.yml/badge.svg)](https://github.com/API-Skeletons/laravel-doctrine-apikey/actions/workflows/continuous-integration.yml?query=branch%3Amain)[![Code Coverage](https://camo.githubusercontent.com/1978f57c954ec42ccf9ef4058c8e948fd17394a95d2aa2ad9a74b48abc08f907/68747470733a2f2f636f6465636f762e696f2f67682f4150492d536b656c65746f6e732f6c61726176656c2d646f637472696e652d6170696b65792f6272616e63682f6d61696e2f6772617068732f62616467652e737667)](https://codecov.io/gh/API-Skeletons/laravel-doctrine-apikey/branch/main)[![PHP Version](https://camo.githubusercontent.com/22ba21bb30e83a7a9721060e56e895b2e88b17b6844a36b5dfb235bfc91260b5/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f5048502d382e312532622d626c7565)](https://img.shields.io/badge/PHP-8.1%2b-blue)[![Total Downloads](https://camo.githubusercontent.com/f6abcc5e9da918d732d4609efcb25e92fab02792f815a3c184a1219fa7f38436/68747470733a2f2f706f7365722e707567782e6f72672f6170692d736b656c65746f6e732f6c61726176656c2d646f637472696e652d6170696b65792f646f776e6c6f616473)](//packagist.org/packages/api-skeletons/laravel-doctrine-apikey)[![License](https://camo.githubusercontent.com/406fb8fb5b8c6a33c9f31398fa09ae82839ddeff89bbd198f42d237a5e822c13/68747470733a2f2f706f7365722e707567782e6f72672f6170692d736b656c65746f6e732f6c61726176656c2d646f637472696e652d6170696b65792f6c6963656e7365)](//packagist.org/packages/api-skeletons/laravel-doctrine-apikey)

This repository provides a driver for Doctrine which can be added to an existing entity manager.
The driver provides a set of entities which enable ApiKey authorization through HTTP middleware. Scopes are supported! This was the missing piece of other repositories which catalyzed the creation of this library.

Installation
------------

[](#installation)

Run the following to install this library using [Composer](https://getcomposer.org/):

```
composer require api-skeletons/laravel-doctrine-apikey
```

Quick Start
-----------

[](#quick-start)

Add Service Provider to app.php

```
    'providers' => [
        ...
        ApiSkeletons\Laravel\Doctrine\ApiKey\ServiceProvider::class,
    ],
```

Add the route middleware to Http Kernel

```
use ApiSkeletons\Laravel\Doctrine\ApiKey\Http\Middleware\AuthorizeApiKey;

$routeMiddleware = [
    ...
    'auth.apikey' => AuthorizeApiKey:class
];
```

Initialize the ApiKey service for your entity manager in `App\Providers\AppServiceProvider`

```
use ApiSkeletons\Laravel\Doctrine\ApiKey\Service\ApiKeyService;

public function boot()
{
    app(ApiKeyService::class)->init(app('em'));
}
```

Add an API key through the console

```
$ php artisan apikey:generate yourapikeyname
```

Add the middleware to a protected route

```
Route::name('api.resource::fetch')
    ->get('resource', 'ResourceController::fetch')
    ->middleware('auth.apikey');
```

Begin making requests to your ApiKey protected resource using your apikey as a Bearer token in the Authorization header

```
Authorization: Bearer {apikey}
```

Schema
------

[](#schema)

[![Screen Shot 2021-12-17 at 12 20 03 AM](https://user-images.githubusercontent.com/493920/146505347-09778bde-9fff-4c46-819d-fbf2e83d3ad2.png)](https://user-images.githubusercontent.com/493920/146505347-09778bde-9fff-4c46-819d-fbf2e83d3ad2.png)

Using Scopes
------------

[](#using-scopes)

Scopes are permissions for ApiKeys. They are commonly used in OAuth2 and are less common in ApiKeys. Create a scope:

```
php artisan apikey:scope:generate {name}
```

Security with scopes is applied with the same middleware used to authenticate ApiKeys. Replace {scopeName} with your scope's name and the middleware will ensure the passed ApiKey has that scope to continue.

```
Route::name('api.resource::fetch')
    ->get('resource', 'ResourceController::fetch')
    ->middleware('auth.apikey:{scopeName}');
```

Access to ApiKey through request attributes
-------------------------------------------

[](#access-to-apikey-through-request-attributes)

The ApiKey entity which authenticates a request is assigned to the request attributes as 'apikey'.

```
$apiKey = request()->attributes->get('apikey');
```

Using foreign keys to ApiKey
----------------------------

[](#using-foreign-keys-to-apikey)

Because an ApiKey can be regenerated, there may be no reason to assign multiple API keys to the same entity. For instance, if each Customer has a 1:1 with ApiKey then you can safely disable that key, regenerate it, and so on; never needing to assign a new ApiKey.

To dynamically create a 1:1 relationship between a Customer entity and API key, create an event subscriber:

```
