Session
Less than 1 minute
Session
Authentication session middleware for protected routes.
class Session implements \Hazaar\Auth\Middleware\MiddlewareThis middleware extracts an auth token from the configured transport, loads session data from the configured backend, and injects the resolved session payload into the request attributes under session.
Behavior:
- Missing token: returns
403 Forbiddenunless optional mode is enabled. - Invalid/expired token: returns
401 Unauthorizedunless optional mode is enabled. - Valid token: forwards the request to the next handler.
Optional mode can be enabled via variadic handler args ($args[1] === true), allowing requests without valid auth to continue.
Properties
adapter
Authentication adapter providing backend and transport integrations.
private Adapter $adapterMethods
__construct
Creates session auth middleware.
public __construct(Adapter $adapter): voidParameters
| Parameter | Type | Description |
|---|---|---|
$adapter | Adapter | auth adapter used to extract/load session tokens |
handle
Handles request authentication using token-backed session lookup.
public handle(Request $request, callable $next, mixed $args): ResponseParameters
| Parameter | Type | Description |
|---|---|---|
$request | Request | incoming application request |
$next | callable | next middleware/controller handler |
$args | mixed |
Generated by Hazaar API Doc Generator on Tue, 21 Apr 2026 04:00:24 +0000