Extras for nette/http
Install with Composer
composer require orisai/nette-httpHTTP authentication via WWW-Authenticate basic auth
- Ideal for hiding publicly available dev version of the app.
- Runs only in HTTP mode, CLI mode is not affected.
Register and enable extension
extensions:
orisai.http.auth: OriNette\Http\Auth\DI\HttpAuthExtension
orisai.http.auth:
enabled: trueAdd list of authorized users
- in
username: passwordformat - both plain passwords and passwords hashed via password_hash are accepted
orisai.http.auth:
users:
user1: password
user2: $2y$10$kP2nVtmSOLA2LIDnwNxa9.MpL0VnCddBOGltj1zySsLF7AxYQae3aIntegration with debugger
- If user is not authorized, Tracy is set to production mode, so it does not leak debug info
- If you use any other debugger, please raise an issue
[Optional] Exclude paths from http authentication
- ideal for APIs which don't expect human interaction and would need API client to be modified for basic auth support
- if your app runs in path (base url is e.g. https://example.com/script) then don't include the
/scriptpart in excluded path, it is handled automatically
orisai.http.auth:
exclude:
paths:
- /api[Optional] Change realm and possible (random) error responses from default ones (if you don't like Lord Of The Rings)
orisai.http.auth:
# string|null
realm: App
# list<string>
errorResponses:
- Not allowedImplementation of Nette\Http\IResponse which does not send data immediately and instead keeps them inside value
object.
Use for testing classes which set data to response. It is currently not integrated with nette/application and should not be used for a runtime code.
use OriNette\Http\Tester\TestResponse;
$response = new TestResponse();Tracy panel shows current request and response
extensions:
orisai.http.panel: OriNette\Http\Tracy\DI\HttpPanelExtension
orisai.http.panel:
enabled: %debugMode%