Authentication

Introduction

Authentication in Maravel, while using the same underlying libraries as Maravelith, is configured quite differently from the full Maravelith framework. Since Maravel does not support session state, incoming requests that you wish to authenticate must be authenticated via a stateless mechanism such as API tokens.

Getting Started

Authentication Service Provider

Note: Before using Maravel’s authentication features, you should uncomment the call to register the AuthServiceProvider service provider in your bootstrap/app.php file.

The AuthServiceProvider located in your app/Providers directory contains a single call to Auth::viaRequest. The viaRequest method accepts a Closure which will be called when the incoming request needs to be authenticated. Within this Closure, you may resolve your App\User instance however you wish. If no authenticated user can be found for the request, the Closure should return null:

$this->app['auth']->viaRequest('api', function ($request) {
	// Return User or null...
});

Again, you may retrieve the authenticated user however you wish. You may use an API token in the request headers or query string, a bearer token on the request, or using any other approach your application requires.

If your project does not use Eloquent, you may return an instance of the Illuminate\Auth\GenericUser class. This class accepts an array of attributes as its only constructor argument:

use Illuminate\Auth\GenericUser;

return new GenericUser(['id' => 1, 'name' => 'Taylor']);

Accessing The Authenticated User

Just like in the full Maravelith framework, you may use the Auth::user() method to retrieve the current user. Alternatively, you may use the $request->user() method on an Illuminate\Http\Request instance:

use Illuminate\Http\Request;

$router->get('/post/{id}', ['middleware' => 'auth', function (Request $request, $id) {
	$user = Auth::user();

	$user = $request->user();

	//
}]);

Note: If you would like to use Auth::user() to access the currently authenticated user, you should uncomment the $app->withFacades() method in your bootstrap/app.php file.

Of course, any routes you wish to authenticate should be assigned the auth middleware, so you should uncomment the call to $app->routeMiddleware() in your bootstrap/app.php file:

$app->routeMiddleware([
    'auth' => App\Http\Middleware\Authenticate::class,
]);
This site uses Just the Docs, a documentation theme for Jekyll.