PHPackages baraja-core/structured-api-token-authorizator - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Authentication & Authorization](/categories/authentication) 4. / 5. baraja-core/structured-api-token-authorizator ActiveLibrary[Authentication & Authorization](/categories/authentication) baraja-core/structured-api-token-authorizator ============================================= A simple token authorizer for authenticating HTTP requests. v1.3.1(4y ago)4801[1 PRs](https://github.com/baraja-core/structured-api-token-authorizator/pulls)PHPPHP ^8.0 Since Dec 29Pushed 1y ago1 watchersCompare [ Source](https://github.com/baraja-core/structured-api-token-authorizator)[ Packagist](https://packagist.org/packages/baraja-core/structured-api-token-authorizator)[ Docs](https://github.com/baraja-core/structured-api-token-authorizator)[ RSS](/packages/baraja-core-structured-api-token-authorizator/feed)WikiDiscussions master Synced yesterday READMEChangelog (6)Dependencies (8)Versions (11)Used By (0) ![BRJ logo](https://camo.githubusercontent.com/813c67e02a7ab7e4dc900316a4521c3ddf5846fe2cabba7140f3f4b78afda198/68747470733a2f2f63646e2e62726a2e6170702f696d616765732f62726a2d6c6f676f2f6c6f676f2d6461726b2e706e67) [BRJ organisation](https://brj.app) --- Structured API token authorizator ================================= [](#structured-api-token-authorizator) [![Integrity check](https://github.com/baraja-core/structured-api-token-authorizator/workflows/Integrity%20check/badge.svg)](https://github.com/baraja-core/structured-api-token-authorizator/workflows/Integrity%20check/badge.svg) A simple token authorizer for authenticating HTTP requests. This package is the official extension for the [Baraja Structured API](https://github.com/baraja-core/structured-api). 📦 Installation -------------- [](#-installation) It's best to use [Composer](https://getcomposer.org) for installation, and you can also find the package on [Packagist](https://packagist.org/packages/baraja-core/structured-api-token-authorizator) and [GitHub](https://github.com/baraja-core/structured-api-token-authorizator). To install, simply use the command: ``` $ composer require baraja-core/structured-api-token-authorizator ``` You can use the package manually by creating an instance of the internal classes, or register a DIC extension to link the services directly to the Nette Framework. Simple usage ------------ [](#simple-usage) Install this package using Composer and register the DIC extension (if you use [Baraja Package manager](https://github.com/baraja-core/package-manager), it will be registered automatically). Extension definition for manual usage: ``` extensions: tokenAuthorizator: Baraja\TokenAuthorizator\TokenAuthorizatorExtension ``` The package automatically disables the default system method of authenticating requests through Nette User and will require token authentication. A token is any valid string in the query parameter `token`, or in BODY (in the case of a POST request). The token evaluates as an endpoint call parameter and can be passed to the target endpoint as a string. Request verification -------------------- [](#request-verification) If you are not using your own token authentication implementation, the default `SimpleStrategy` will be used, which you can configure the token via NEON configuration. If you do not set a token, all requests (even without a token) will be considered valid. Simple configuration example: ``` tokenAuthorizator: token: abcd ``` This configuration accepts requests as: `/api/v1/user?token=abcd`. Token verification at the endpoint level ---------------------------------------- [](#token-verification-at-the-endpoint-level) Token usage is verified at the endpoint level. By default, all endpoints have access enabled and are governed by the `PublicEndpoint` attribute defined by the baraja-core/structured-api package. If you want to require token authentication in your endpoint, set the attribute directly above the endpoint definition. For example: ``` #[PublicEndpoint(requireToken: true)] class ArticleEndpoint extends BaseEndpoint { } ``` Custom authentication --------------------- [](#custom-authentication) If you need more complex authentication logic, implement a service that implements the `VerificationStrategy` interface and register it with the DIC. This service will be called automatically when all requests are verified. 📄 License --------- [](#-license) `baraja-core/structured-api-token-authorizator` is licensed under the MIT license. See the [LICENSE](https://github.com/baraja-core/structured-api-token-authorizator/blob/master/LICENSE) file for more details. ### Health Score 32 — LowBetter than 72% of packages Maintenance27 Infrequent updates — may be unmaintained Popularity14 Limited adoption so far Community11 Small or concentrated contributor base Maturity64 Established project with proven stability Bus Factor1 Top contributor holds 84% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~79 days Recently: every ~89 days Total 6 Last Release 1559d ago PHP version history (3 changes)v1.0.0PHP >=7.4.0 v1.1.0PHP ^7.4 || ^8.0 v1.2.0PHP ^8.0 ### Community Maintainers ![](https://avatars.githubusercontent.com/u/3382204?v=4)[baraja](/maintainers/baraja)[@baraja](https://github.com/baraja) --- Top Contributors [![janbarasek](https://avatars.githubusercontent.com/u/4738758?v=4)](https://github.com/janbarasek "janbarasek (21 commits)")[![dependabot-preview[bot]](https://avatars.githubusercontent.com/in/2141?v=4)](https://github.com/dependabot-preview[bot] "dependabot-preview[bot] (2 commits)")[![Langriklol](https://avatars.githubusercontent.com/u/20239181?v=4)](https://github.com/Langriklol "Langriklol (2 commits)") --- Tags apiapi-authorizatorauthauthorizatorbarajaregistertoken ### Code Quality Static AnalysisPHPStan Type Coverage Yes ### Embed Badge ![Health badge](/badges/baraja-core-structured-api-token-authorizator/health.svg) ``` [![Health](https://phpackages.com/badges/baraja-core-structured-api-token-authorizator/health.svg)](https://phpackages.com/packages/baraja-core-structured-api-token-authorizator) ``` ### Alternatives [namshi/jose JSON Object Signing and Encryption library for PHP. 1.8k99.6M101](/packages/namshi-jose)[league/oauth1-client OAuth 1.0 Client Library 99698.8M106](/packages/league-oauth1-client)[bezhansalleh/filament-shield Filament support for `spatie/laravel-permission`. 2.8k2.9M88](/packages/bezhansalleh-filament-shield)[gesdinet/jwt-refresh-token-bundle Implements a refresh token system over Json Web Tokens in Symfony 70516.4M35](/packages/gesdinet-jwt-refresh-token-bundle)[league/oauth2-google Google OAuth 2.0 Client Provider for The PHP League OAuth2-Client 41721.2M118](/packages/league-oauth2-google)[illuminate/auth The Illuminate Auth package. 9327.3M1.0k](/packages/illuminate-auth) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)