Neo4j PHP OGM with Authentication

Question

I was wondering: what is the best practice to create a connection to Neo4j through the neo4j-php-ogm library if I am using username and password authentication?

In the documentation it states that connections are created by following:

use GraphAware\Neo4j\OGM\EntityManager;
$manager = EntityManager::create('http://localhost:7474');

So I am using the same in my graph manager:

$client = Manager::create('http://username:password@localhost:7474');

I have a feeling that this is not the safest way because I am only using http and sending the credentials in the URL. What would be a better way to establish a connection including authentication?

Sidenote: The Manager::create instead of the EntityManager::create as noted in the documentation is because installing the library via composer gets an older version than currently on GitHub if im not mistaken.

Answer 1

You can just provide them as part of the uri defined for your connection :

$manager = EntityManager::create('http://neo4j:password@localhost:7474');

Note that there are not sent as such for security reasons, instead the username and password are extracted with parse_url and provided as connection parameters.

For the second part, yes the current 1.0 branch reflects changes that are not tagged yet. I should make a new beta release this week.