leafsphp
diff --git a/‎src/docs/auth/index.md‎
Lines changed: 0 additions & 28 deletions b/‎src/docs/auth/index.md‎
Lines changed: 0 additions & 28 deletions
diff --git a/‎src/docs/auth/mvc.md‎
Lines changed: 239 additions & 0 deletions b/‎src/docs/auth/mvc.md‎
Lines changed: 239 additions & 0 deletions
@@ -91,34 +91,6 @@ auth()->dbConnection($db);
 
 :::
 
-## Auth + Leaf MVC
-
-If you are using Leaf MVC, you can set up Leaf Auth to work with your default database connection by heading over to the `public/index.php` file and uncommenting the line that connects to the database:
-
-```php
-/*
-|--------------------------------------------------------------------------
-| Sync Leaf Db with ORM and connect
-|--------------------------------------------------------------------------
-|
-| Sync Leaf Db with ORM and connect to the database
-| This allows you to use Leaf Db without having
-| to initialize it in your controllers.
-|
-| If you want to use a different connection from those
-| used in your models, you can remove the line below and
-| add your own connection with:
-| db()->connect(...)
-|
-| **Uncomment the line below to use Leaf Db**
-| **You don't need this line to use Leaf Auth**
-*/
-// \Leaf\Database::initDb(); [!code --]
-\Leaf\Database::initDb(); // [!code ++]
-```
-
-That's all you need to do. Leaf Auth will automatically connect to your database using the details in your environment file. The auth configuration for your project can be found in the `config/auth.php` file. You can edit this file to change the configuration of Leaf Auth.
-
 ## Database Considerations
 
 Leaf Auth doesn't give you any structure for your database, with that, you can structure your database in any way you prefer. However, there are some things you should note:
 
@@ -5,6 +5,245 @@ prev: false
 
 # Auth in Leaf MVC
 
+Leaf Auth comes with everything you need to authenticate users, including login, registration, account verification and more. You can add it to your Leaf MVC project using the Leaf CLI or composer:
+
+::: code-group
+
+```bash:no-line-numbers [Leaf CLI]
+leaf install auth
+```
+
+```bash:no-line-numbers [Composer]
+composer require leafs/auth
+```
+
+:::
+
+Leaf Auth will automatically pick up your default database connection and will work with it, so you can immediately start working with it without any config. Checkout the following pages to authenticate users:
+
+- [Login](/docs/auth/login)
+- [Register](/docs/auth/register)
+- [User Data](/docs/auth/user)
+- [Protected routes](/docs/auth/protected-routes)
+- [Roles & Permissions](/docs/auth/permissions)
+
+## Configuring Auth
+
+Although Leaf Auth works out of the box for most applications, you may have some specific requirements that you need to configure. You can configure Leaf Auth using your `.env` file:
+
+```txt [.env]
+AUTH_DB_TABLE=users
+AUTH_DB_ID=id
+AUTH_TIMESTAMPS=true
+AUTH_TIMESTAMPS_FORMAT='YYYY-MM-DD HH:mm:ss'
+AUTH_SESSIONS=true
+```
+
+These are options for the database table to store users, the primary key of the table, whether to use timestamps and the format of the timestamps, and whether to use sessions. If you need to configure something else, you will need to publish the entire auth config using the MVC CLI:
+
+```bash:no-line-numbers
+php leaf config:publish auth
+```
+
+This will generate a `config/auth.php` file with the default auth config. You can then edit this file to suit your needs.
+
+```php
+<?php
+
+use Leaf\Helpers\Password;
+
+return [
+    /*
+    |--------------------------------------------------------------------------
+    | Database table
+    |--------------------------------------------------------------------------
+    |
+    | This is the table that leaf auth will perform authentication
+    | checks on and edit/retrieve users from.
+    |
+    */
+    'db.table' => _env('AUTH_DB_TABLE', 'users'),
+
+    /*
+    |--------------------------------------------------------------------------
+    | ID Key
+    |--------------------------------------------------------------------------
+    |
+    |  Set your primary key name. For instance, you might have used id_user instead of id.
+    |  This setting allows you to quickly switch your key name
+    |
+    */
+    'id.key' => _env('AUTH_DB_ID', 'id'),
+
+    /*
+    |--------------------------------------------------------------------------
+    | Generate timestamps
+    |--------------------------------------------------------------------------
+    |
+    | Automatically generate created_at/updated_at timestamps for register
+    | and update methods
+    |
+    */
+    'timestamps' => true,
+
+    /*
+    |--------------------------------------------------------------------------
+    | Set timestamps format
+    |--------------------------------------------------------------------------
+    |
+    | Use this property to specify the format that you want your timestamps to be saved in.
+    | Be aware that auth uses the leafs/date module, so the accepted formats are listed in the leafs/date documentation
+    |
+    */
+    'timestamps.format' => 'YYYY-MM-DD HH:mm:ss',
+
+    /*
+    |--------------------------------------------------------------------------
+    | Encode password
+    |--------------------------------------------------------------------------
+    |
+    | Password encode is run when leaf wants to encode passwords on register
+    | This exact method is used by default in Leaf, so you can set it to null
+    | if you want to.
+    |
+    | You can set your own implementation instead of Password::hash
+    |
+    */
+    'password.encode' => function ($password) {
+        return Password::hash($password);
+    },
+
+    /*
+    |--------------------------------------------------------------------------
+    | Verify Password
+    |--------------------------------------------------------------------------
+    |
+    | This function is run to verify the password. This implementation is done
+    | by default, so you can set it to null, and it will still work fine.
+    |
+    | You can add your own implementation instead of Password::verify
+    |
+    */
+    'password.verify' => function ($password, $hashedPassword) {
+        return Password::verify($password, $hashedPassword);
+    },
+
+    /*
+    |--------------------------------------------------------------------------
+    | Password Key
+    |--------------------------------------------------------------------------
+    |
+    | The default password key. Leaf will expect this key to hold passwords
+    | in your database.
+    |
+    */
+    'password.key' => 'password',
+
+    /*
+    |--------------------------------------------------------------------------
+    | Unique fields
+    |--------------------------------------------------------------------------
+    |
+    | This is a list of items that should be unique to each user eg: email
+    |
+    */
+    'unique' => ['email'],
+
+    /*
+    |--------------------------------------------------------------------------
+    | Hidden fields
+    |--------------------------------------------------------------------------
+    |
+    | This is a list of items that should be hidden when
+    | a user object is returned. You should use the field name
+    | exactly as it is in the database.
+    |
+    */
+    'hidden' => ['field.id', 'field.password'],
+
+    /*
+    |--------------------------------------------------------------------------
+    | Use session
+    |--------------------------------------------------------------------------
+    |
+    | Use session based authentication instead of the default JWT based auth.
+    |
+    */
+    'session' => _env('AUTH_SESSION', true),
+
+    /*
+    |--------------------------------------------------------------------------
+    | Session lifetime
+    |--------------------------------------------------------------------------
+    |
+    | Set the lifetime of the session. After this time, the session will expire and the user will have to login again.
+    | You can either use '1 day' format or as an integer: 86400
+    | You can also set session.lifetime to 0 to disable session expiration.
+    |
+    */
+    'session.lifetime' => 60 * 60 * 24,
+
+    /*
+    |--------------------------------------------------------------------------
+    | SESSION COOKIE PARAMS
+    |--------------------------------------------------------------------------
+    |
+    | Set the session cookie params
+    | Read more: https://www.php.net/manual/en/function.session-set-cookie-params.php
+    |
+    | secure: cookie should only be sent over secure connections (https)
+    | httponly: cookie should only be accessible through HTTP requests
+    | samesite: cookie should be sent with "SameSite" directives :-
+    |       Possible values for samesite: 'strict', 'lax', 'none' or null
+    |
+    |
+    */
+    'session.cookie' => ['secure' => false, 'httponly' => true, 'samesite' => 'lax'],
+
+    /*
+    |--------------------------------------------------------------------------
+    | JWT Lifetime
+    |--------------------------------------------------------------------------
+    |
+    | How long should JWT be valid for?
+    |
+    */
+    'token.lifetime' => 60 * 60 * 24 * 365,
+
+    /*
+    |--------------------------------------------------------------------------
+    | JWT Token Secret
+    |--------------------------------------------------------------------------
+    |
+    | Secret string to encode JWT
+    |
+    */
+    'token.secret' => _env('AUTH_TOKEN_SECRET', '@leaf$MVC*JWT#AUTH.Secret'),
+
+    /*
+    |--------------------------------------------------------------------------
+    | Login params error
+    |--------------------------------------------------------------------------
+    |
+    | Error to show when the login params aren't found in db
+    |
+    */
+    'messages.loginParamsError' => 'Incorrect credentials!',
+
+    /*
+    |--------------------------------------------------------------------------
+    | Password error
+    |--------------------------------------------------------------------------
+    |
+    | Error to show when the login password is wrong
+    |
+    */
+    'messages.loginPasswordError' => 'Password is incorrect!',
+];
+```
+
+While this is quite lengthy, it offers fine-grained control over how Leaf Auth works in your application.
+
 ## What to read next
 
 Now that you have built a simple pre-launch page, the next step is to get you familiar with the basics of building a full-stack application with Leaf. So you can build and launch your next big idea *fast*.