Skip to content

This bundle provides authentication based on the response from Cloudflare Turnstile.

License

Notifications You must be signed in to change notification settings

nuvolapl/cf-turnstile-authenticator-bundle

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Nuvola Cloudflare Turnstile Authenticator Bundle

.github/workflows/main.yaml

This bundle provides authentication based on the response from Cloudflare Turnstile.

Configuration

To install the bundle, follow these steps:

  • The following parameters are required for bundle configuration in the ./config/packages/cf_turnstile_authenticator.yaml file:
cf_turnstile_authenticator:
    secret_key: '%env(string:CF_TURNSTILE_AUTHENTICATOR_SECRET_KEY)%'
  • add the CF_TURNSTILE_AUTHENTICATOR_SECRET_KEY environment variable to the .env file with a dummy secret key
  • add the CF_TURNSTILE_AUTHENTICATOR_SECRET_KEY environment variable to the .env.local file with the secret key from Cloudflare Turnstile

Installation

To install the bundle, follow these steps:

  • Run the following command to install the bundle:
composer require nuvola/cloudflare-turnstile-authenticator-bundle
  • add the bundle to the ./config/bundles.php file:
<?php
// ...
    Nuvola\CloudflareTurnstileAuthenticatorBundle\CloudflareTurnstileAuthenticatorBundle::class => ['all' => true],
// ...
  • to use the bundle, add the following code to the ./config/packages/security.yaml file:
security:
# ...
    firewalls:
# ...
        # adjust the name and pattern to your application!
        public:
            pattern: ^/api/public/
            stateless: true
            custom_authenticators:
              - Nuvola\CloudflareTurnstileAuthenticatorBundle\Security\CloudflareTurnstileAuthenticator
# ...
    access_control:
      - { path: ^/api/public/, roles: IS_AUTHENTICATED_FULLY }
# ...

After adding this configuration, only authenticated by response token from the Cloudflare Turnstile will be passed.

Usage

curl -H "x-cf-turnstile-response: $RESPONSE" https://api.nuvola.pl/api/public/users/7ff847d9-a2e0-4f93-9c00-b59ecd51a766