PHPackages yatilabs/laravel-api-access - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Authentication & Authorization](/categories/authentication) 4. / 5. yatilabs/laravel-api-access ActiveLibrary[Authentication & Authorization](/categories/authentication) yatilabs/laravel-api-access =========================== Laravel package for comprehensive API key management with domain restrictions, usage tracking, and secure authentication v1.0.1(7mo ago)00MITPHPPHP ^8.0 Since Sep 24Pushed 7mo agoCompare [ Source](https://github.com/yatilabs/laravel-api-access)[ Packagist](https://packagist.org/packages/yatilabs/laravel-api-access)[ RSS](/packages/yatilabs-laravel-api-access/feed)WikiDiscussions main Synced 1mo ago READMEChangelog (2)Dependencies (3)Versions (4)Used By (0) Laravel API Access Package ========================== [](#laravel-api-access-package) A comprehensive Laravel package for managing API keys with domain restrictions, secret authentication and middleware protection with logging for enabling secure API access for partner applications. ✨ Features ---------- [](#-features) - **Complete API Key Management**: Create, update, delete, and manage API keys with full metadata - **Model Owner Support**: Link API keys to specific model instances (Users, Organizations, etc.) - **Domain Restrictions**: Restrict API keys to specific domains with wildcard pattern support - **Secure Authentication**: Multiple authentication methods with bcrypt secret hashing - **Test/Live Modes**: Separate environments with different validation rules - **Beautiful UI**: Modern responsive interface with copy buttons and modals - **Built-in Controllers & Routes**: No need to create controllers in your app - **Usage Tracking**: Track API key usage and last used timestamps - **API Request Logging**: Log all API requests with filtering and export options - **Middleware for Protection**: Easy-to-use middleware to protect your API routes - **Copy-to-Clipboard**: Easy copying of API keys and secrets - **Soft Deletes**: API keys are soft deleted for data integrity 🚀 Quick Installation -------------------- [](#-quick-installation) ### 1. Install via Composer [](#1-install-via-composer) ``` composer require yatilabs/laravel-api-access ``` ### 2. Publish and Run Migrations [](#2-publish-and-run-migrations) ``` php artisan vendor:publish --provider="Yatilabs\ApiAccess\ApiAccessServiceProvider" --tag="migrations" php artisan migrate ``` ### 3. Publish Assets (CSS) [](#3-publish-assets-css) ``` php artisan vendor:publish --provider="Yatilabs\ApiAccess\ApiAccessServiceProvider" --tag="assets" ``` ### 4. Publish Configuration (Optional) [](#4-publish-configuration-optional) ``` php artisan vendor:publish --provider="Yatilabs\ApiAccess\ApiAccessServiceProvider" --tag="config" ``` 📋 Usage ------- [](#-usage) ### Built-in Routes [](#built-in-routes) The package automatically registers routes for you! No need to create controllers. By default, the management interface is available at: **`/api-access`** ### Configuration [](#configuration) Publish and edit the config file: ``` ## Configuration After installation, you can customize the package behavior by editing the published configuration file. ### Layout Integration To integrate the API Access management interface with your existing Laravel application layout: 1. **Set your layout file** in the configuration: ```php 'layout' => 'layouts.app', // Your app's main layout ``` 2. **Ensure your layout has the required sections**: ``` @yield('content') @stack('scripts') ``` 3. **Required Dependencies**: The management interface requires: - Bootstrap 5.3+ - Font Awesome 6.0+ - jQuery 3.7+ - CSRF token meta tag If you leave `layout` as `null`, the package will use its own standalone layout with all dependencies included. ### Force Publishing Configuration [](#force-publishing-configuration) To update your configuration file after package updates, use the dedicated command: ``` php artisan api-access:publish-config --force ``` This command provides helpful information about configuration options and safely overwrites your existing config file. ``` ### Available Routes The package provides these routes automatically: - `GET /api-access` - Main management interface - `POST /api-access/api-keys` - Create API key - `POST /api-access/api-keys/{id}/update` - Update API key - `POST /api-access/api-keys/{id}/delete` - Delete API key - `POST /api-access/api-keys/{id}/regenerate-secret` - Regenerate secret - `POST /api-access/api-keys/{id}/toggle-status` - Toggle active status - `POST /api-access/domains` - Create domain restriction - `POST /api-access/domains/{id}/update` - Update domain restriction - `POST /api-access/domains/{id}/delete` - Delete domain restriction ### Navigation Simply visit `/api-access` in your application (after authenticating) to access the management interface. ## 🛡️ API Authentication ### Using the Middleware Add the middleware to protect your API routes: ```php // In your routes/api.php or routes/web.php Route::middleware('api.key')->group(function () { Route::get('/protected', function () { return 'This is protected!'; }); }); ``` ### Authentication Methods [](#authentication-methods) The package supports multiple authentication methods: 1. **Bearer Token** (Recommended) ``` curl -H "Authorization: Bearer your-api-key" http://your-app.com/api/protected ``` 2. **Custom Header** ``` curl -H "X-API-Key: your-api-key" -H "X-API-Secret: your-secret" http://your-app.com/api/protected ``` 3. **Query Parameters** ``` curl "http://your-app.com/api/protected?api_key=your-api-key&api_secret=your-secret" ``` 4. **Request Body** ``` { "api_key": "your-api-key", "api_secret": "your-secret" } ``` 🔧 Advanced Usage ---------------- [](#-advanced-usage) ### Custom Middleware [](#custom-middleware) You can create custom middleware that uses the API key verification: ```