Menu
Leaf Token
Leaf Docs
Getting Started New in v1.4.2
Versions
Version v1.4.2 Version 1.4.1 Version 1.4.2
Introduction
Re-routing to index Your First Leaf App
Config
Database App Headers
Core Modules
Simple Authentication Simple field Validation Date Manipulation Request Response Session File System Leaf Token Core Api Controller Core Controller Core Model
Routing
Simple routing 404 handling Sub routing Named parameters PCRE based patterns Optional Sub-patterns Using Controllers Integrating with other libraries Using Middleware Sub-folder Support
Helpers
Constants JWT

Leaf Token
Simple token authentication without JWT

Overview

Leaf v1.4.2 has added a new method of token authentication to it's arsenal. Leaf token has a much simpler and cleaner syntax, also, it's very easy to work with, though it's not so secure at the moment.

Including Leaf Token

To include the Token object in a route, use this:

$token = new Leaf\Core\Token;

Leaf Token currently has security issues, therefore, it's not recommended for anything but personal projects

Unlike the tokens you're used to, Leaf token saves all data passed into it as an object which can be used later for authentication or something else.

Token Methods

generateSimpleToken

This method creates a simple base 64 token which contains JSON encoded data. It takes in 3 parameters, a username, a user id and an expiry time in seconds. The expiry time for the token is optional: if none is set, it sets the expiry time to 1 week.

$token = new Leaf\Core\Token; $userToken = $token->generateSimpleToken("Mychi Darko", 2, (7 * 24 * 60 * 60));

This will encode the data passed into it and return it as the token value.

generateToken

As the name implies, generateToken also generates a base64 encoded token, the same as generateSimpleToken, but unlike generateSimpleToken, generateToken takes in 2 parameters: the token data to encode and the expiry time of the token. The expiry time for the token is optional: if none is set, it sets the expiry time to 1 week.

$token = new Leaf\Core\Token; $userToken = $token->generateToken(array( "username" => "Mychi Darko", "email" => "mickdd22@gmail.com", "token_secret" => "tdt672d81d678" ), (7 * 24 * 60 * 60));

This will encode the data passed into it and return it as the token value.

validateToken

This is where Leaf Token gets interesting. Validate token just checks to see if the token is a valid leaf app token, also, it checks if the token is still active (not expired), from there, it just returns the token data. validateToken takes in just one parameter: the token returned from the user.

use Leaf\Core\Token; $token = new Token; $leaf->post('/login', function() use($token) { $data = $token->validateToken('token gotten from user......'); $username = $data['username']; });

With Leaf Token, you can save data in your token and retrieve it after validating the token, quite handy๐Ÿ˜Ž๐Ÿ‘Œ

Next Steps

File System
Response
Simple Authentication
Database Config
pic
Free & Open Source (MIT)