Skip to content
docsv0.1.0

AuthContextFactory

Bridges a PSR-7 request to the producer: extracts whatever credential a request carries (a Bearer header, a session cookie) and resolves it to an {@see AuthContext}. It is the HTTP entry point an authentication middleware calls once per request — the thing that lets a route stop trusting the transport and start trusting a verified context. Fail-closed: a request with no credential resolves to {@see AuthContext::anonymous()}, a bad one to {@see AuthContext::invalid()}.

AuthContextFactory::fromRequest()

abstract public function fromRequest(Psr\Http\Message\ServerRequestInterface $request): Milpa\Auth\AuthContext

Reads whatever credential `$request` carries and resolves it to an {@see AuthContext} — anonymous when none is present, invalid when one is present but rejected.

Parameters

Parameters of fromRequest()
NameTypeDescription
$requestPsr\Http\Message\ServerRequestInterface