laravel-signer maintained by hotrush
Laravel Signer
Package to create and validate signatures for laravel models.
Installation
composer require hotrush/laravel-signer
Usage
-
Add
Signablecontract to your modeluse Hotrush\Signer\Contracts\Signable; class Post extends Model implements Signable { } -
Implement contract methods. To simplify this process
CanBeSignedtrait can be used.use Hotrush\Signer\Contracts\Signable; use Hotrush\Signer\Contracts\Traits\CanBeSigned; class Post extends Model implements Signable { use CanBeSigned; /** * Return null if never expires. * * @return Carbon|null */ public function getSignExpiration(): ?Carbon { return null; } /** * Payload used for making signature hash. * * @return array */ public function getSignPayload(): array { return [ $this->getKeyName() => $this->getKey(), 'field' => $this->field, ]; } /** * Payload put into encoded code. Will be publicly accessible. * * @return array */ public function getPublicSignPayload(): array { return [ $this->getKeyName() => $this->getKey(), ]; } /** * Define where clause for getting signable model instance by signature. * Only values from public payload can be used. */ public static function signableClauses(Signature $signature): \Closure { return function (Builder $query) use ($signature) { $query->where('id', '=', $signature->payload['id']); }; } } -
Use facade to generate signature
use Hotrush\Signer\Facades\Signer; $signable = Post::find(1); $signature = Signer::generate($signable); echo (string) $signature;Signature can be converted into a string and send a confirmation code for example.
-
To verify code facade can be used as well. But first need to decode signature.
use Hotrush\Signer\Facades\Signer; use Hotrush\Signer\Signature; // decode signature $signature = Signature::decode('signature-string-value'); // get signable $signable = Post::findSignable($signature); // verify $valid = Signer::validate($signable, $signature);
Testing
composer test