This project is not covered by Drupal’s security advisory policy.
Hawk is an HTTP authentication scheme using a message authentication code (MAC) algorithm to provide partial HTTP request cryptographic verification. This module implements Hawk authentication protocol for Drupal giving an alternative schema for authentication other than Basic Auth and Cookie which come by default with Drupal.
Currently only compatible with Drupal 8.
- Put the module in drupal/modules directory
- Install composer_manager module and load the dependencies (see composer_manager's documentation for more details)
- Dependencies can be loaded by running
composer drupal-updatecommand while under the drupal/core directory, if you haven't initialised composer manager yet you can do so by running it's init.sh script or
- Enable Hawk Auth from Admin > Extend under Web Services section
- Grant required users permissions from Admin > People > Permissions to create hawk credentials
- Now the permitted users can generate hawk credentials from User > Profile > Hawk Credentials
Hawk can be used with Drupal's REST services module amongst other things, the example here is one of the applications. See examples/example.php within the module for some code example
- Enable REST module (optional: get REST UI module from drupal.org for easier management).
- Enable one of the routes (/node/ as an example) and enable hawk_auth as an authentication provider for the route and methods.
- Create a hawk credential from Profile > Hawk Credential, the ID here will be the Credential ID for Hawk.
- See https://github.com/Dragooon/php-hawk/blob/master/docs/Getting%20Started.... for an example to see how to make requests as a client
- Perform GET and POST requests at /node/ using Credentials generated from the profile area.
- Maintenance status: Actively maintained
- Development status: Under active development
- Module categories: User Access & Authentication
- Downloads: 430
- Last modified: 11 August 2015
- This project is not covered by the security advisory policy.
Use at your own risk! It may have publicly disclosed vulnerabilities.