Userfile is a Laravel package that allows storing user data in yaml files. It also supports Bearer type API authentication.
Generate Laravel's default auth scafffolding. php artisan make:auth.
You can install the package by running
composer require randohinn/userfile
Laravel will auto-detect and register the neccessary provider and auth configuration.
Next, run
php artisan vendor:publish
This will create a config/userfile.php file in your app.
Userfile uses the default Laravel user model. Therefore, it is necessary to make these changes to the model.
Add public $incrementing = false; to the model. This enables the use of string-based uuids, that Userfile generates for your users.
Add id and api_token to the $fillable array of the model. This allows the package to populate those fields on your model instances. It is in this array where you will later define any custom fields you would like to store in the user file.
By default, Userfile expects to find a userfile folder in your storage folder. You can change this, by creating a custom filesystem disk in the filyesystem config, and editing config/userfile.php to state the name of the new disk, instead of userfile. In this file, you can also define a subfolder or your user files, if that is what you want.
The last part, is to set your config/auth.php to contain 'guard' => 'userfile', instead of the default 'guard' => 'web'. You may the delete unnecessary auth controllers.
Userfile expects to find files in your configured disk's configured subfolder. Filenames go by the standard of user-email.yaml. For example [email protected].
At the bare minimum, when creating a new user file, it needs to contin the user's email, name and password (in plaintext). The password will be encrypted on first log-in!
For example:
name: 'Rando Hinn'
email: [email protected]
password: qwertyAfter you log in with the first user, for the first time, several things will happen:
- The user will be generated a uuid and an api key
- The user's password will be encryped and the encrypted hash stored instead of plaintext
- An
id_mapping.yamlandapi_mapping.yamlfile will be created next to the user file. These files hold the mapping of id's and API tokens back to user e-mails, to facilitate faster lookups, and should not be deleted.
As a result, your user file may look something like this:
name: 'Rando Hinn'
email: [email protected]
password: $2y$10$RHOsWnmZjAQ2o1fceqZ.Nu.Isa6XBIdFAXmEGlb7SZEWfU/cfTScq
id: fb4ac678-0802-473b-be64-dcba94b40e8a
api_token: UmikrAAteG8KWneIREBnp4sQRCbA0HDFjWAUsrQ59m5e5b6RWtS72uQzdiQTShould you want to add any fields, just add them to this file, and define them in the model's $fillable array, like you normally would.
The MIT License. See License.md for more information.
All contributions welcome. Before you start working on something, please create an issue for it.
If you find a security-related bug, please write directly to [email protected] . Do not create a GitHub issue!