Middleware for the Slim 4 framework.
For Slim 3 use the 1.0.0 release.
With Composer:
composer require tkhamez/slim-role-auth
Example:
use Tkhamez\Slim\RoleAuth\RoleMiddleware;
use Tkhamez\Slim\RoleAuth\SecureRouteMiddleware;
$app = Slim\Factory\AppFactory::create();
// Deny access if a required role is missing.
$app->add(new SecureRouteMiddleware(
new Slim\Psr7\Factory\ResponseFactory(), // Any implementation of Psr\Http\Message\ResponseFactoryInterface.
[
// Route pattern => Roles, the first "starts-with" match is used.
'/secured/public' => ['any'],
'/secured' => ['user'],
],
['redirect_url' => null] // Adds the "Location" header instead of a 403 status code if set.
));
// Add roles to request attribute.
$app->add(new RoleMiddleware(
new App\RoleProvider(), // Any implementation of Tkhamez\Slim\RoleAuth\RoleProviderInterface.
['route_pattern' => ['/secured']] // Optionally limit to these routes.
));
// Add routing middleware last, so the Slim router is available from the request.
$app->addRoutingMiddleware();- The
SecureRouteMiddlewaredenies access to a route if the required role is missing in the request object. - The
RoleMiddlewareclass adds roles provided by theRoleProviderobject to the request object. - You can add multiple role providers for different paths.
For more information, see the inline documentation of the classes.
docker build --tag slim-role-auth .
docker run -it --mount type=bind,source="$(pwd)",target=/app --workdir /app slim-role-auth /bin/sh