Mika Tuupola

Now I remember. By default middleware does not have any information about current route. Middleware is also executed for all requests, even those which are made against nonexistent route. As...

Going through unanswered issues and PRs. This is a good addition and quite common use case. Currently you can do same thing with the [before](https://github.com/tuupola/slim-basic-auth#before) setting. ```php $app->add(new Tuupola\Middleware\HttpBasicAuthentication([ "users"...

Underlying library `firebase/php-jwt` seems to have these: https://github.com/firebase/php-jwt/blob/master/src/JWT.php#L58-L62

Yeah, documentation is always lacking... Will keep this in mind. Thanks for the heads up!

Normal regexps should work. Something like following? `'ignore' => [ '/user/[0-9]+/activate/' ]`

Good question. This seems to be one use case I did no think about. Kludgish way would be to store the current url in another middleware for the error callback....

Changing the error handler signature would be a BC break. Putting `$request` back there as it was would require major version bump. It is my plan in near future, but...

According to [RFC2617](https://tools.ietf.org/html/rfc2617) the authentication scheme is case-insensitive. > HTTP provides a simple challenge-response authentication mechanism that MAY be used by a server to challenge a client request and by...

You could try to set `PHP_AUTH_USER` in the callback. ```php $app->add(new \Slim\Middleware\HttpBasicAuthentication([ ... "callback" => function ($request, $response, $arguments) { $_SERVER['PHP_AUTH_USER'] = $arguments['username']; } ])); ``` That said middleware could...

Set RS256 as the [algorithm](https://github.com/tuupola/slim-jwt-auth#algorithm) and the public key as the secret. ```php $app = new Slim\App; $app->add(new Tuupola\Middleware\JwtAuthentication([ "secret" => $publickey "algorithm" => ["RS256"] ])); ``` You can find...