PHPackages                             cium/apiauth - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [Authentication &amp; Authorization](/categories/authentication)
4. /
5. cium/apiauth

ActiveLibrary[Authentication &amp; Authorization](/categories/authentication)

cium/apiauth
============

API 鉴权包

212PHP

Since Dec 7Pushed 6y agoCompare

[ Source](https://github.com/cium1/apiauth)[ Packagist](https://packagist.org/packages/cium/apiauth)[ RSS](/packages/cium-apiauth/feed)WikiDiscussions master Synced 3d ago

READMEChangelogDependenciesVersions (1)Used By (0)

apiauth
=======

[](#apiauth)

#### 介绍

[](#介绍)

这是一个 API 鉴权包。 PS: web 前端 API 没有绝对的安全，该项目的本意是给不暴露源码的客户端提供一种鉴权方案(如 service、APP客户端)。

#### 软件架构

[](#软件架构)

软件架构说明 采用 token 的鉴权方式，只要客户端不被反编译从而泄露密钥，该鉴权方式理论上来说是安全的。

#### 安装教程

[](#安装教程)

1. composer require cium/apiauth

#### 使用说明

[](#使用说明)

##### service

[](#service)

```
    use Cium\ApiAuth\Auth;
    use Cium\ApiAuth\Signatures\Md5;

    $config = [
          'status'            => Auth::STATUS_ON,
          'roles'             => [
              '9vOR0GSX5aszJDs3zHClnbH5w4yB2u9G' => [
                  'name'       => 'test',
                  'secret_key' => '8swzaObBtF0utwM19eoc3g2XezhRJgsu',
              ],
          ],
          'signature_methods' => [
              Md5::NAME => Md5::class,
          ],
          'skip'              => [
              'is'   => [Auth::class, 'defaultSkipHandler'],
              'urls' => [],
          ],
          'timeout'           => 0,
      ];

    try {
        $auth = new Auth($config);
        $roleName = $auth->check($url, $token);
    } catch (\Exception $e) {
        todo ...
    }

```

##### client

[](#client)

```
    const access_key = '{access_key}';  // 服务端生成的 access_key
    const secret_key = '{secret_key}';  // 服务端生成的 secret_key

    const timestamp = Date.parse(new Date()) / 1000;    // 取时间戳
    const rand_str = 'asldjaksdjlkjgqpojg64131321';      // 随机字符串自行生成

    const header = Base64.encode(JSON.stringify({
                       "alg": "md5",
                   }));
    const payload = Base64.encode(JSON.stringify({
                     "timestamp": timestamp,
                     "rand_str": rand_str,
                     "access_key": access_key
                 }));
    const signature_string = header  + '.' + payload;

    function md5Sign(string, secret){
        return md5(string + secret);
    }

    const api_token = signature_string + '.' + md5Sign(signature_string,secret_key);

    const requestConfig = {
        headers: {
            "api-token": api_token
        }
    };

    $.post('/api/example',{},requestConfig).then(res=>{

    });

```

###  Health Score

19

—

LowBetter than 10% of packages

Maintenance20

Infrequent updates — may be unmaintained

Popularity8

Limited adoption so far

Community6

Small or concentrated contributor base

Maturity35

Early-stage or recently created project

 Bus Factor1

Top contributor holds 100% of commits — single point of failure

How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window.

**Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores.

**Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement.

**Maturity (30%)** — Project age, version count, PHP version support, and release stability.

### Community

Maintainers

![](https://www.gravatar.com/avatar/c0e16d6534945a477adc5effc0bd18e352dddfb1e81d8f512f2e9729d86e825c?d=identicon)[cium1](/maintainers/cium1)

---

Top Contributors

[![cium1](https://avatars.githubusercontent.com/u/41278579?v=4)](https://github.com/cium1 "cium1 (11 commits)")

---

Tags

apiapiauthauthphp

### Embed Badge

![Health badge](/badges/cium-apiauth/health.svg)

```
[![Health](https://phpackages.com/badges/cium-apiauth/health.svg)](https://phpackages.com/packages/cium-apiauth)
```

###  Alternatives

[namshi/jose

JSON Object Signing and Encryption library for PHP.

1.8k99.6M101](/packages/namshi-jose)[league/oauth1-client

OAuth 1.0 Client Library

99698.8M106](/packages/league-oauth1-client)[bezhansalleh/filament-shield

Filament support for `spatie/laravel-permission`.

2.8k2.9M88](/packages/bezhansalleh-filament-shield)[gesdinet/jwt-refresh-token-bundle

Implements a refresh token system over Json Web Tokens in Symfony

70516.4M35](/packages/gesdinet-jwt-refresh-token-bundle)[league/oauth2-google

Google OAuth 2.0 Client Provider for The PHP League OAuth2-Client

41721.2M118](/packages/league-oauth2-google)[illuminate/auth

The Illuminate Auth package.

9327.3M1.0k](/packages/illuminate-auth)

PHPackages © 2026

[Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)