 |
VOOZH | about |
|
VOOZH | about |
This page provides an overview of all contracts (interfaces) defined in the hypervel/auth package and explains their purpose, relationships, and role in the system architecture. Contracts form the foundation of the authentication and authorization system, enabling dependency injection, testability, and extensibility.
For detailed documentation of specific contracts and their implementations, see:
The hypervel/auth package defines seven core contracts located in the src/Contracts/ namespace. These interfaces establish the contract between different components of the authentication and authorization system, allowing implementations to be swapped without modifying dependent code.
Contracts provide several key benefits:
The contracts are organized into two primary categories based on their role in the system:
| Category | Contracts | Purpose |
|---|---|---|
| Authentication | Authenticatable, Guard, StatefulGuard, UserProvider, Factory | Define how users are identified, validated, and managed |
| Authorization | Authorizable, Gate | Define how access permissions are checked and enforced |
Sources: src/Contracts/Guard.php1-39 src/Contracts/Authenticatable.php1-24 src/Contracts/UserProvider.php1-26 src/Contracts/Factory.php1-19 src/Contracts/Authorizable.php1-14
The Authenticatable contract defines the interface that all user models must implement. It provides methods for retrieving the user's unique identifier and authentication password.
Location: src/Contracts/Authenticatable.php8-23
Key Methods:
getAuthIdentifierName(): Returns the name of the unique identifier field (e.g., 'id')getAuthIdentifier(): Returns the user's unique identifier valuegetAuthPassword(): Returns the user's hashed passwordSee: Authenticatable Contract for detailed documentation.
The Guard contract defines the base interface that all authentication guards must implement. Guards are responsible for authenticating users and maintaining authentication state.
Location: src/Contracts/Guard.php7-38
Key Methods:
check(): Determine if user is authenticatedguest(): Determine if user is a guest (not authenticated)user(): Get the currently authenticated userid(): Get the authenticated user's identifiervalidate(array $credentials): Validate credentials without authenticationsetUser(Authenticatable $user): Manually set the authenticated userSee: Guard Contract for detailed documentation including StatefulGuard.
The UserProvider contract defines how users are retrieved from persistent storage and how credentials are validated.
Location: src/Contracts/UserProvider.php8-25
Key Methods:
retrieveById($identifier): Retrieve user by unique identifierretrieveByCredentials(array $credentials): Retrieve user by credentials (e.g., username)validateCredentials(Authenticatable $user, array $credentials): Validate password against userSee: UserProvider Contract for detailed documentation.
The Factory contract defines the interface for creating and managing guard instances. The AuthManager class implements this contract.
Location: src/Contracts/Factory.php7-18
Key Methods:
guard(?string $name): Get or create a guard instance by nameshouldUse(string $name): Set the default guard nameSee: Factory Contract for detailed documentation.
The Authorizable contract defines the interface for entities (typically users) that can be authorized to perform actions.
Location: src/Contracts/Authorizable.php7-13
Key Methods:
can(iterable|string $abilities, mixed $arguments): Check if entity has given abilitiesSee: Authorizable Contract for detailed documentation.
Sources: src/Contracts/Factory.php1-19 src/Contracts/Guard.php1-39 src/Contracts/UserProvider.php1-26 src/Contracts/Authenticatable.php1-24
Sources: src/Contracts/Authorizable.php1-14 src/Access/Authorizable.php1-44 src/Access/AuthorizesRequests.php1-77
While not contracts themselves, several traits provide default implementations of contract methods:
Provides default implementation of the Authenticatable contract for Eloquent models.
Namespace: Hypervel\Auth\Authenticatable
See: Authenticatable Contract for usage details.
Provides implementation of the Authorizable contract with convenient authorization methods.
Location: src/Access/Authorizable.php10-43
Methods Provided:
can(iterable|string $abilities, mixed $arguments): Check abilitiescanAny(iterable|string $abilities, mixed $arguments): Check any abilitycant(iterable|string $abilities, mixed $arguments): Check inability (negation)cannot(iterable|string $abilities, mixed $arguments): Alias for cant()All methods delegate to the Gate contract implementation via dependency injection.
Sources: src/Access/Authorizable.php1-44
Provides authorization methods for controller classes.
Location: src/Access/AuthorizesRequests.php11-76
Methods Provided:
authorize(mixed $ability, mixed $arguments): Authorize for current userauthorizeForUser(?Authenticatable $user, mixed $ability, mixed $arguments): Authorize for specific userparseAbilityAndArguments(mixed $ability, mixed $arguments): Parse ability name from controller methodnormalizeGuessedAbilityName(string $ability): Map controller methods to abilitiesresourceAbilityMap(): Define controller method to ability mappingsThe trait automatically maps RESTful controller methods to authorization abilities:
| Controller Method | Ability |
|---|---|
index | viewAny |
show | view |
create, store | create |
edit, update | update |
destroy | delete |
Sources: src/Access/AuthorizesRequests.php1-77
Sources: src/Contracts/Factory.php1-19 src/Contracts/Guard.php1-39 src/Contracts/UserProvider.php1-26 src/Contracts/Authenticatable.php1-24 src/Contracts/Authorizable.php1-14
To create a custom guard, implement the Guard contract (or StatefulGuard for session-based guards):
Register the guard via AuthManager::extend().
To create a custom user provider, implement the UserProvider contract:
Register the provider via AuthManager::provider().
To make a model authenticatable, implement the Authenticatable contract:
Or use the Authenticatable trait for default implementation.
To enable authorization checks on a model, implement the Authorizable contract:
This enables calls like $user->can('edit-post', $post).
| Contract | Namespace | Key Methods | Implemented By |
|---|---|---|---|
Authenticatable | Hypervel\Auth\Contracts | getAuthIdentifier(), getAuthPassword() | User models, GenericUser |
Guard | Hypervel\Auth\Contracts | check(), user(), validate() | SessionGuard, JwtGuard, RequestGuard |
StatefulGuard | Hypervel\Auth\Contracts | Extends Guard, adds login(), logout() | SessionGuard |
UserProvider | Hypervel\Auth\Contracts | retrieveById(), validateCredentials() | EloquentUserProvider, DatabaseUserProvider |
Factory | Hypervel\Auth\Contracts | guard(), shouldUse() | AuthManager |
Authorizable | Hypervel\Auth\Contracts | can() | User models (via trait) |
Gate | Hypervel\Auth\Contracts | allows(), denies(), authorize() | Gate class |
Sources: src/Contracts/Guard.php1-39 src/Contracts/Authenticatable.php1-24 src/Contracts/UserProvider.php1-26 src/Contracts/Factory.php1-19 src/Contracts/Authorizable.php1-14
The contracts enable dependency injection throughout the system. The ConfigProvider registers contract bindings in the DI container:
This allows components to depend on contracts rather than concrete implementations:
The DI container automatically resolves these dependencies at runtime.
All guard methods follow a consistent pattern:
check(), guest()): Return booluser(), id()): Return nullable valuesvalidate()): Accept credentials array, return boolsetUser()): Accept Authenticatable, return voidSources: src/Contracts/Guard.php7-38
All provider methods use type-safe signatures:
?Authenticatable (nullable)boolarray type for flexibilitySources: src/Contracts/UserProvider.php8-25
Authorization methods accept flexible parameters:
iterable|string for single or multiple checksmixed for resource-specific databoolSources: src/Contracts/Authorizable.php7-13 src/Access/Authorizable.php15-42
The contracts in hypervel/auth establish a clear separation between interface and implementation, enabling:
For implementation details of each contract, refer to the child pages listed at the beginning of this document.
Refresh this wiki