PHPackages                             meta-tech/pws-auth - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [HTTP &amp; Networking](/categories/http)
4. /
5. meta-tech/pws-auth

ActiveLibrary[HTTP &amp; Networking](/categories/http)

meta-tech/pws-auth
==================

PwsAuth is an authentication protocol throught http header designed to web services

2.1.7(1y ago)13.3k↓50%2MITPHPPHP &gt;=5.4

Since Mar 15Pushed 1y ago1 watchersCompare

[ Source](https://github.com/meta-tech/pws-auth)[ Packagist](https://packagist.org/packages/meta-tech/pws-auth)[ Docs](https://github.com/meta-tech/pws-auth)[ RSS](/packages/meta-tech-pws-auth/feed)WikiDiscussions master Synced 1mo ago

READMEChangelogDependenciesVersions (9)Used By (2)

PwsAuth
=======

[](#pwsauth)

PwsAuth is an authentication protocol throught http header designed to web services

Request Headers
---------------

[](#request-headers)

Request headers must be define as follow :

```
Pws-Authorization : $type $token
Pws-Ident : $userkey

```

The **$token** can be either a `loginToken` or a `sessionToken`

The **$token** is divided in four part

- a datetime formatted with the `Authenticator::DATE_FORMAT` format
- an obfuscate part 's token builded by date, common salt &amp; the third token 's part
- a loginToken representing a user signed token for a specific login at given date OR a session token representing the session id
- noise data to be removed

The complete token is valid only if obfuscate part can be rebuild.
This simple mecanism ensure that **sessionId** is valid and can be safety load

Authenticator 's configuration comes with a `hash.session.index` and `hash.noise.length` values wich can be redefined to move the session token part into the complete token

```
                                                    >                             >
|----------------------------------------------------------------------------------------------------------------|
|- type ||-- date ---|------------ obfuscate token ----------------------- session token ---------------- noise -|
|       ||     1     |                    2                    |                         3                         |     4     |
 PwsAuth2 242003031711e1a6104135f04c6c01e6cd5952ecafbb53c928603b0gb64tqo609qse6ovd7lhdvk4fnaqk7cdl26e4d4qh7jb41eu5f1zb5y79m8pgu3

```

### Requirements

[](#requirements)

PHP &gt;= 5.4

### Install

[](#install)

The package can be installed using [ Composer ](https://getcomposer.org/).

```
composer require meta-tech/pws-auth

```

Or add the package to your `composer.json`.

```
"require": {
    "meta-tech/pws-auth" : "^2.1"
}

```

### Authenticator instanciation

[](#authenticator-instanciation)

```