public-mirrors
/
composer
mirror of https://github.com/composer/composer
1
0
Fork 0
Code

Wording tweaks and docblock formatting, refs #2536

pull/1899/merge
Jordi Boggiano 2014-12-08 21:30:39 +00:00
parent 5c62e9b487
commit fa470be001
1 changed files with 39 additions and 31 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

70
doc/articles/http-basic-authentication.md
View File

@ -1,51 +1,59 @@
<!-- <!--
tagline: How to use http basic authentication tagline: Access privately hosted packages
--> -->
# Http basic authentication # HTTP basic authentication
Your [satis](handling-private-packages-with-satis.md) server could be Your [Satis or Toran Proxy](handling-private-packages-with-satis.md) server
secured with http basic authentication. In order to allow your project could be secured with http basic authentication. In order to allow your project
to have access to these packages you will have to tell composer how to to have access to these packages you will have to tell composer how to
authenticate with your credentials. authenticate with your credentials.
The most simple way to provide your credentials is providing your set The simplest way to provide your credentials is providing your set
of credentials inline with the repository specification such as: of credentials inline with the repository specification such as:
{ ```json
"repositories": [ {
{ "repositories": [
"type": "composer", {
"url": "http://extremely:secret@repo.example.org" "type": "composer",
} "url": "http://extremely:secret@repo.example.org"
] }
} ]
}
```
This will basically teach composer how to authenticate automatically This will basically teach composer how to authenticate automatically
when reading packages from the provided composer repository. when reading packages from the provided composer repository.
This does not work for everybody especially when you don't want to This does not work for everybody especially when you don't want to
hard code your credentials into your composer.json. There is a second hard code your credentials into your composer.json. There is a second
way to provide these details and is via interaction. If you don't way to provide these details and it is via interaction. If you don't
provide the authentication credentials composer will prompt you upon provide the authentication credentials composer will prompt you upon
connection to enter the username and password. connection to enter the username and password.
There is yet another way to provide these details and is via a file The third way if you want to pre-configure it is via an `auth.json` file
`auth.json` inside your `COMPOSER_HOME` which looks something like located in your `COMPOSER_HOME` or besides your `composer.json`.
`/Users/username/.composer/auth.json`
{ The file should contain a set of hostnames followed each with their own
"basic-auth": [ username/password pairs, for example:
"repo.example1.org": {
"username": "my-username1",
"password": "my-secret-password1"
},
"repo.example2.org": {
"username": "my-username2",
"password": "my-secret-password2"
}
]
}
This then will provide http basic authentication for two domains ```json
serving packages with two different sets of credentials. {
"basic-auth": [
"repo.example1.org": {
"username": "my-username1",
"password": "my-secret-password1"
},
"repo.example2.org": {
"username": "my-username2",
"password": "my-secret-password2"
}
]
}
```
The main advantage of the auth.json file is that it can be gitignored so
that every developer in your team can place their own credentials in there,
which makes revokation of credentials much easier than if you all share the
same.