PHPackages vimar/flarum-whoami - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Authentication & Authorization](/categories/authentication) 4. / 5. vimar/flarum-whoami ActiveFlarum-extension[Authentication & Authorization](/categories/authentication) vimar/flarum-whoami =================== Add Whoami endpoint to Flarum v1.0.0(2y ago)014MITPHPPHP ^8.0 Since Nov 7Pushed 2y ago1 watchersCompare [ Source](https://github.com/vimar/flarum-whoami)[ Packagist](https://packagist.org/packages/vimar/flarum-whoami)[ Docs](https://github.com/vimar/flarum-whoami/)[ RSS](/packages/vimar-flarum-whoami/feed)WikiDiscussions main Synced 1mo ago READMEChangelog (1)Dependencies (1)Versions (2)Used By (0) Whoami API by Vimar =================== [](#whoami-api-by-vimar) [![MIT license](https://camo.githubusercontent.com/7013272bd27ece47364536a221edb554cd69683b68a46fc0ee96881174c4214c/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f6c6963656e73652d4d49542d626c75652e737667)](https://github.com/vimar/flarum-whoami/blob/master/LICENSE.md) This extension adds a new endpoint "/api/whoami" which exposes the data of currently logged-in user. By using this route with the POST /api/token route, you can use Flarum as an identity provider for your site. Installation ------------ [](#installation) Install manually: ``` composer require vimar/flarum-whoami ``` Updating -------- [](#updating) ``` composer update vimar/flarum-whoami php flarum migrate php flarum cache:clear ``` Tutorial for Flarum Authentication ---------------------------------- [](#tutorial-for-flarum-authentication) ### Login [](#login) To emulate a login statement to Flarum, we just call the [Flarum POST /api/token](https://docs.flarum.org/rest-api#creation-1) in order to crate a token for registered user: ``` POST /api/token HTTP/1.1 { "identification": "John", "password": "pass7word", "remember": 1 } HTTP/1.1 200 OK { "token": "YACub2KLfe8mfmHPcUKtt6t2SMJOGPXnZbqhc3nX", "userId": "1" } ``` then we store this token as a cookie (eg: `flarum_token`) for future use (by default an access token lasts 1 hour unless you add the `remember` parameter, in which case it lasts for 5 years.). Note: To enable SSO between our website and flarum, we need to store a session\_remember token as `flarum_remember` cookie too; ### Verify logged-in user profile [](#verify-logged-in-user-profile) Now, each time we want to know if an user is logged-in, we only need to call the following endpoint: ``` POST /api/whoami HTTP/1.1 Authorization: Token YACub2KLfe8mfmHPcUKtt6t2SMJOGPXnZbqhc3nX HTTP/1.1 200 OK { "data": { "type": "users", "id": "4", "attributes": { "username": "John", "displayName": "Jon Doe", "slug": "John-Doe", "joinTime": "2003-04-02T20:29:29+00:00", "discussionCount": 125, "commentCount": 2799, "canEdit": true, "canEditCredentials": true, "canEditGroups": true, "canDelete": true, "lastSeenAt": "2023-11-07T09:43:13+00:00", "isEmailConfirmed": true, "email": "john@doe.com", "markedAllAsReadAt": null, "unreadNotificationCount": 0, "newNotificationCount": 0, "preferences": { ... }, "isAdmin": true, ... }, "relationships": { "groups": { "data": [ { "type": "groups", "id": "1" } ] } } }, "included": [ { "type": "groups", "id": "1", "attributes": { "nameSingular": "Admin", "namePlural": "Admins", "color": "#B72A2A", "icon": "fas fa-wrench", "isHidden": 0 } } ] } ``` ### Logout [](#logout) To logout, we need to delete our session cookie (containing access token) and eventually purge all of them on Flarum by calling ### Health Score 22 — LowBetter than 22% of packages Maintenance20 Infrequent updates — may be unmaintained Popularity6 Limited adoption so far Community7 Small or concentrated contributor base Maturity47 Maturing project, gaining track record Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Unknown Total 1 Last Release 921d ago ### Community Maintainers ![](https://www.gravatar.com/avatar/9d27212e06c6d7619b8ac058cea8096406a591b2963b22298746dae775ae174b?d=identicon)[vimar](/maintainers/vimar) --- Top Contributors [![vimar](https://avatars.githubusercontent.com/u/541354?v=4)](https://github.com/vimar "vimar (1 commits)") --- Tags Authenticationsingle sign onflarum ### Embed Badge ![Health badge](/badges/vimar-flarum-whoami/health.svg) ``` [![Health](https://phpackages.com/badges/vimar-flarum-whoami/health.svg)](https://phpackages.com/packages/vimar-flarum-whoami) ``` ### Alternatives [league/oauth2-client OAuth 2.0 Client Library 3.8k118.6M1.2k](/packages/league-oauth2-client)[league/oauth1-client OAuth 1.0 Client Library 99698.8M106](/packages/league-oauth1-client)[adam-paterson/oauth2-stripe Stripe OAuth 2.0 Client Provider for The PHP League OAuth2-Client 172.4M4](/packages/adam-paterson-oauth2-stripe)[adam-paterson/oauth2-slack Slack OAuth 2.0 Client Provider for The PHP League OAuth2-Client 22694.8k5](/packages/adam-paterson-oauth2-slack)[maicol07/flarum-ext-sso SSO for Flarum 468.3k](/packages/maicol07-flarum-ext-sso)[ecphp/cas-lib CAS Lib, a standard library for CAS authentication. 18166.9k4](/packages/ecphp-cas-lib) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)