diff --git a/app/Http/Controllers/UserController.php b/app/Http/Controllers/UserController.php index ab9d4f5..62b1890 100644 --- a/app/Http/Controllers/UserController.php +++ b/app/Http/Controllers/UserController.php @@ -8,6 +8,8 @@ use Illuminate\Support\Facades\DB; use Illuminate\Http\Request; use Illuminate\Http\Response; use Illuminate\Support\Facades\Log; +use Tymon\JWTAuth\Facades\JWTAuth; +use Tymon\JWTAuth\Exceptions\JWTException; class UserController extends Controller { public function getUsers() { // /api/rpc/user/user/getusers @@ -81,33 +83,43 @@ class UserController extends Controller { $login_ok = false; try { - $check_password = hash('sha256', $request->password . $getUser[0]->salt); + $check_password = hash('sha256', $request->password . $getUser[0]->salt); - for ($round = 0; $round < 65536; $round++) { - $check_password = hash('sha256', $check_password . $getUser[0]->salt); - } + for ($round = 0; $round < 65536; $round++) { + $check_password = hash('sha256', $check_password . $getUser[0]->salt); + } - if ($check_password === $getUser[0]->password) { - $login_ok = true; + if ($check_password === $getUser[0]->password) { + $login_ok = true; - if (session_start()) { + $credentials = $request->only('username', $check_password); // grab credentials from the request + + try { + if (!$token = JWTAuth::attempt($credentials)) { // attempt to verify the credentials and create a token for the user + return response()->json(['error' => 'invalid_credentials'], 401); + } + } + catch (JWTException $e) { + return response()->json(['error' => 'could_not_create_token'], 500); // something went wrong whilst attempting to encode the token + } + + return response()->json(['token' => "Bearer $token"]); //return $_SERVER['HTTP_HOST']; // setcookie("username", $_POST['username'], time()+3600*24*30*72, "/", $_SERVER['HTTP_HOST'], false, true); // setcookie("password", $check_password, time()+3600*24*30*72, "/", $_SERVER['HTTP_HOST'], false, true); - $cookieU = $request->cookie('username', $request->username, time()+3600*24*30*72); - $cookieP = $request->cookie('password', $check_password, time()+3600*24*30*72); + //$cookieU = $request->cookie('username', $request->username, time()+3600*24*30*72); + //$cookieP = $request->cookie('password', $check_password, time()+3600*24*30*72); //dd($cookieP); //dd($request); //dd($cookie->name)); - return response('') - ->cookie('username', $cookieU) - ->cookie('password', $cookieP); + //return response('') + //->cookie('username', $cookieU) + //->cookie('password', $cookieP); + } } - } - - return "bad"; + return "bad"; } catch (Exception $e) { return $e->getMessage(); diff --git a/app/Http/Kernel.php b/app/Http/Kernel.php index a70c17f..be761af 100644 --- a/app/Http/Kernel.php +++ b/app/Http/Kernel.php @@ -56,6 +56,7 @@ class Kernel extends HttpKernel 'bindings' => \Illuminate\Routing\Middleware\SubstituteBindings::class, 'can' => \Illuminate\Auth\Middleware\Authorize::class, 'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class, + 'jwt' => \App\Http\Middleware\RefreshToken::class, 'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class, ]; } diff --git a/app/Http/Middleware/RefreshToken.php b/app/Http/Middleware/RefreshToken.php new file mode 100644 index 0000000..e172f8f --- /dev/null +++ b/app/Http/Middleware/RefreshToken.php @@ -0,0 +1,54 @@ +checkForToken($request); // Check presence of a token. + + try { + if (!$this->auth->parseToken()->authenticate()) { // Check user not found. Check token has expired. + throw new UnauthorizedHttpException('jwt-auth', 'User not found'); + } + $payload = $this->auth->manager()->getPayloadFactory()->buildClaimsCollection()->toPlainArray(); + return $next($request); // Token is valid. User logged. Response without any token. + } catch (TokenExpiredException $t) { // Token expired. User not logged. + $payload = $this->auth->manager()->getPayloadFactory()->buildClaimsCollection()->toPlainArray(); + $key = 'block_refresh_token_for_user_' . $payload['sub']; + $cachedBefore = (int) Cache::has($key); + if ($cachedBefore) { // If a token alredy was refreshed and sent to the client in the last JWT_BLACKLIST_GRACE_PERIOD seconds. + \Auth::onceUsingId($payload['sub']); // Log the user using id. + return $next($request); // Token expired. Response without any token because in grace period. + } + try { + $newtoken = $this->auth->refresh(); // Get new token. + $gracePeriod = $this->auth->manager()->getBlacklist()->getGracePeriod(); + $expiresAt = Carbon::now()->addSeconds($gracePeriod); + Cache::put($key, $newtoken, $expiresAt); + } catch (JWTException $e) { + throw new UnauthorizedHttpException('jwt-auth', $e->getMessage(), $e, $e->getCode()); + } + } + + $response = $next($request); // Token refreshed and continue. + + return $this->setAuthenticationHeader($response, $newtoken); // Response with new token on header Authorization. + } + +} \ No newline at end of file diff --git a/app/Models/ForUser.php b/app/Models/ForUser.php index 18e7a06..3423ac9 100644 --- a/app/Models/ForUser.php +++ b/app/Models/ForUser.php @@ -8,6 +8,7 @@ namespace App\Models; use Reliese\Database\Eloquent\Model as Eloquent; +use Tymon\JWTAuth\Contracts\JWTSubject; /** * Class ForUser @@ -72,6 +73,24 @@ use Reliese\Database\Eloquent\Model as Eloquent; */ class ForUser extends Eloquent { + /** + * Get the identifier that will be stored in the subject claim of the JWT. + * + * @return mixed + */ + public function getJWTIdentifier() { + return $this->getKey(); // Eloquent Model method + } + + /** + * Return a key value array, containing any custom claims to be added to the JWT. + * + * @return array + */ + public function getJWTCustomClaims() { + return []; + } + public $timestamps = false; protected $casts = [ diff --git a/composer.json b/composer.json index 320f405..d730c7a 100644 --- a/composer.json +++ b/composer.json @@ -8,7 +8,8 @@ "php": ">=7.0.0", "fideloper/proxy": "~3.3", "laravel/framework": "5.5.*", - "laravel/tinker": "~1.0" + "laravel/tinker": "~1.0", + "tymon/jwt-auth": "1.0.0-rc.1" }, "require-dev": { "filp/whoops": "~2.0", diff --git a/composer.lock b/composer.lock index 3caa4ed..d68d7ee 100644 --- a/composer.lock +++ b/composer.lock @@ -4,7 +4,7 @@ "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#composer-lock-the-lock-file", "This file is @generated automatically" ], - "content-hash": "9393b497bc1dfff9785b67f85b4d656d", + "content-hash": "2ccdbbf2bff90c3d38d19329c7f31c2f", "packages": [ { "name": "dnoegel/php-xdg-base-dir", @@ -408,16 +408,16 @@ }, { "name": "laravel/framework", - "version": "v5.5.32", + "version": "v5.5.33", "source": { "type": "git", "url": "https://github.com/laravel/framework.git", - "reference": "254e4c3e133f5bc8d6068cdf28ea062abc10adf2" + "reference": "ef7880e665390f999f4def7c9f78133636f973cf" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/laravel/framework/zipball/254e4c3e133f5bc8d6068cdf28ea062abc10adf2", - "reference": "254e4c3e133f5bc8d6068cdf28ea062abc10adf2", + "url": "https://api.github.com/repos/laravel/framework/zipball/ef7880e665390f999f4def7c9f78133636f973cf", + "reference": "ef7880e665390f999f4def7c9f78133636f973cf", "shasum": "" }, "require": { @@ -538,7 +538,7 @@ "framework", "laravel" ], - "time": "2018-01-18T13:27:23+00:00" + "time": "2018-01-30T15:06:13+00:00" }, { "name": "laravel/tinker", @@ -605,16 +605,16 @@ }, { "name": "league/flysystem", - "version": "1.0.41", + "version": "1.0.42", "source": { "type": "git", "url": "https://github.com/thephpleague/flysystem.git", - "reference": "f400aa98912c561ba625ea4065031b7a41e5a155" + "reference": "09eabc54e199950041aef258a85847676496fe8e" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/thephpleague/flysystem/zipball/f400aa98912c561ba625ea4065031b7a41e5a155", - "reference": "f400aa98912c561ba625ea4065031b7a41e5a155", + "url": "https://api.github.com/repos/thephpleague/flysystem/zipball/09eabc54e199950041aef258a85847676496fe8e", + "reference": "09eabc54e199950041aef258a85847676496fe8e", "shasum": "" }, "require": { @@ -625,12 +625,13 @@ }, "require-dev": { "ext-fileinfo": "*", - "mockery/mockery": "~0.9", - "phpspec/phpspec": "^2.2", - "phpunit/phpunit": "~4.8" + "phpspec/phpspec": "^3.4", + "phpunit/phpunit": "^5.7" }, "suggest": { "ext-fileinfo": "Required for MimeType", + "ext-ftp": "Allows you to use FTP server storage", + "ext-openssl": "Allows you to use FTPS server storage", "league/flysystem-aws-s3-v2": "Allows you to use S3 storage with AWS SDK v2", "league/flysystem-aws-s3-v3": "Allows you to use S3 storage with AWS SDK v3", "league/flysystem-azure": "Allows you to use Windows Azure Blob storage", @@ -684,7 +685,7 @@ "sftp", "storage" ], - "time": "2017-08-06T17:41:04+00:00" + "time": "2018-01-27T16:03:56+00:00" }, { "name": "monolog/monolog", @@ -808,6 +809,69 @@ ], "time": "2017-01-23T04:29:33+00:00" }, + { + "name": "namshi/jose", + "version": "7.2.3", + "source": { + "type": "git", + "url": "https://github.com/namshi/jose.git", + "reference": "89a24d7eb3040e285dd5925fcad992378b82bcff" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/namshi/jose/zipball/89a24d7eb3040e285dd5925fcad992378b82bcff", + "reference": "89a24d7eb3040e285dd5925fcad992378b82bcff", + "shasum": "" + }, + "require": { + "ext-date": "*", + "ext-hash": "*", + "ext-json": "*", + "ext-pcre": "*", + "ext-spl": "*", + "php": ">=5.5", + "symfony/polyfill-php56": "^1.0" + }, + "require-dev": { + "phpseclib/phpseclib": "^2.0", + "phpunit/phpunit": "^4.5|^5.0", + "satooshi/php-coveralls": "^1.0" + }, + "suggest": { + "ext-openssl": "Allows to use OpenSSL as crypto engine.", + "phpseclib/phpseclib": "Allows to use Phpseclib as crypto engine, use version ^2.0." + }, + "type": "library", + "autoload": { + "psr-4": { + "Namshi\\JOSE\\": "src/Namshi/JOSE/" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Alessandro Nadalin", + "email": "alessandro.nadalin@gmail.com" + }, + { + "name": "Alessandro Cinelli (cirpo)", + "email": "alessandro.cinelli@gmail.com" + } + ], + "description": "JSON Object Signing and Encryption library for PHP.", + "keywords": [ + "JSON Web Signature", + "JSON Web Token", + "JWS", + "json", + "jwt", + "token" + ], + "time": "2016-12-05T07:27:31+00:00" + }, { "name": "nesbot/carbon", "version": "1.22.1", @@ -863,16 +927,16 @@ }, { "name": "nikic/php-parser", - "version": "v3.1.3", + "version": "v3.1.4", "source": { "type": "git", "url": "https://github.com/nikic/PHP-Parser.git", - "reference": "579f4ce846734a1cf55d6a531d00ca07a43e3cda" + "reference": "e57b3a09784f846411aa7ed664eedb73e3399078" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/nikic/PHP-Parser/zipball/579f4ce846734a1cf55d6a531d00ca07a43e3cda", - "reference": "579f4ce846734a1cf55d6a531d00ca07a43e3cda", + "url": "https://api.github.com/repos/nikic/PHP-Parser/zipball/e57b3a09784f846411aa7ed664eedb73e3399078", + "reference": "e57b3a09784f846411aa7ed664eedb73e3399078", "shasum": "" }, "require": { @@ -910,7 +974,7 @@ "parser", "php" ], - "time": "2017-12-26T14:43:21+00:00" + "time": "2018-01-25T21:31:33+00:00" }, { "name": "paragonie/random_compat", @@ -1313,16 +1377,16 @@ }, { "name": "symfony/console", - "version": "v3.4.3", + "version": "v3.4.4", "source": { "type": "git", "url": "https://github.com/symfony/console.git", - "reference": "8394c8ef121949e8f858f13bc1e34f05169e4e7d" + "reference": "26b6f419edda16c19775211987651cb27baea7f1" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/symfony/console/zipball/8394c8ef121949e8f858f13bc1e34f05169e4e7d", - "reference": "8394c8ef121949e8f858f13bc1e34f05169e4e7d", + "url": "https://api.github.com/repos/symfony/console/zipball/26b6f419edda16c19775211987651cb27baea7f1", + "reference": "26b6f419edda16c19775211987651cb27baea7f1", "shasum": "" }, "require": { @@ -1378,11 +1442,11 @@ ], "description": "Symfony Console Component", "homepage": "https://symfony.com", - "time": "2018-01-03T07:37:34+00:00" + "time": "2018-01-29T09:03:43+00:00" }, { "name": "symfony/css-selector", - "version": "v4.0.3", + "version": "v4.0.4", "source": { "type": "git", "url": "https://github.com/symfony/css-selector.git", @@ -1435,16 +1499,16 @@ }, { "name": "symfony/debug", - "version": "v3.4.3", + "version": "v3.4.4", "source": { "type": "git", "url": "https://github.com/symfony/debug.git", - "reference": "603b95dda8b00020e4e6e60dc906e7b715b1c245" + "reference": "53f6af2805daf52a43b393b93d2f24925d35c937" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/symfony/debug/zipball/603b95dda8b00020e4e6e60dc906e7b715b1c245", - "reference": "603b95dda8b00020e4e6e60dc906e7b715b1c245", + "url": "https://api.github.com/repos/symfony/debug/zipball/53f6af2805daf52a43b393b93d2f24925d35c937", + "reference": "53f6af2805daf52a43b393b93d2f24925d35c937", "shasum": "" }, "require": { @@ -1487,11 +1551,11 @@ ], "description": "Symfony Debug Component", "homepage": "https://symfony.com", - "time": "2018-01-03T17:14:19+00:00" + "time": "2018-01-18T22:16:57+00:00" }, { "name": "symfony/event-dispatcher", - "version": "v4.0.3", + "version": "v4.0.4", "source": { "type": "git", "url": "https://github.com/symfony/event-dispatcher.git", @@ -1554,7 +1618,7 @@ }, { "name": "symfony/finder", - "version": "v3.4.3", + "version": "v3.4.4", "source": { "type": "git", "url": "https://github.com/symfony/finder.git", @@ -1603,16 +1667,16 @@ }, { "name": "symfony/http-foundation", - "version": "v3.4.3", + "version": "v3.4.4", "source": { "type": "git", "url": "https://github.com/symfony/http-foundation.git", - "reference": "4a213be1cc8598089b8c7451529a2927b49b5d26" + "reference": "8c39071ac9cc7e6d8dab1d556c990dc0d2cc3d30" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/symfony/http-foundation/zipball/4a213be1cc8598089b8c7451529a2927b49b5d26", - "reference": "4a213be1cc8598089b8c7451529a2927b49b5d26", + "url": "https://api.github.com/repos/symfony/http-foundation/zipball/8c39071ac9cc7e6d8dab1d556c990dc0d2cc3d30", + "reference": "8c39071ac9cc7e6d8dab1d556c990dc0d2cc3d30", "shasum": "" }, "require": { @@ -1653,20 +1717,20 @@ ], "description": "Symfony HttpFoundation Component", "homepage": "https://symfony.com", - "time": "2018-01-03T17:14:19+00:00" + "time": "2018-01-29T09:03:43+00:00" }, { "name": "symfony/http-kernel", - "version": "v3.4.3", + "version": "v3.4.4", "source": { "type": "git", "url": "https://github.com/symfony/http-kernel.git", - "reference": "1c2a82d6a8ec9b354fe4ef48ad1ad3f1a4f7db0e" + "reference": "911d2e5dd4beb63caad9a72e43857de984301907" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/symfony/http-kernel/zipball/1c2a82d6a8ec9b354fe4ef48ad1ad3f1a4f7db0e", - "reference": "1c2a82d6a8ec9b354fe4ef48ad1ad3f1a4f7db0e", + "url": "https://api.github.com/repos/symfony/http-kernel/zipball/911d2e5dd4beb63caad9a72e43857de984301907", + "reference": "911d2e5dd4beb63caad9a72e43857de984301907", "shasum": "" }, "require": { @@ -1674,7 +1738,7 @@ "psr/log": "~1.0", "symfony/debug": "~2.8|~3.0|~4.0", "symfony/event-dispatcher": "~2.8|~3.0|~4.0", - "symfony/http-foundation": "^3.3.11|~4.0" + "symfony/http-foundation": "^3.4.4|^4.0.4" }, "conflict": { "symfony/config": "<2.8", @@ -1741,20 +1805,20 @@ ], "description": "Symfony HttpKernel Component", "homepage": "https://symfony.com", - "time": "2018-01-05T08:33:00+00:00" + "time": "2018-01-29T12:29:46+00:00" }, { "name": "symfony/polyfill-mbstring", - "version": "v1.6.0", + "version": "v1.7.0", "source": { "type": "git", "url": "https://github.com/symfony/polyfill-mbstring.git", - "reference": "2ec8b39c38cb16674bbf3fea2b6ce5bf117e1296" + "reference": "78be803ce01e55d3491c1397cf1c64beb9c1b63b" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/symfony/polyfill-mbstring/zipball/2ec8b39c38cb16674bbf3fea2b6ce5bf117e1296", - "reference": "2ec8b39c38cb16674bbf3fea2b6ce5bf117e1296", + "url": "https://api.github.com/repos/symfony/polyfill-mbstring/zipball/78be803ce01e55d3491c1397cf1c64beb9c1b63b", + "reference": "78be803ce01e55d3491c1397cf1c64beb9c1b63b", "shasum": "" }, "require": { @@ -1766,7 +1830,7 @@ "type": "library", "extra": { "branch-alias": { - "dev-master": "1.6-dev" + "dev-master": "1.7-dev" } }, "autoload": { @@ -1800,20 +1864,76 @@ "portable", "shim" ], - "time": "2017-10-11T12:05:26+00:00" + "time": "2018-01-30T19:27:44+00:00" }, { - "name": "symfony/polyfill-php70", - "version": "v1.6.0", + "name": "symfony/polyfill-php56", + "version": "v1.7.0", "source": { "type": "git", - "url": "https://github.com/symfony/polyfill-php70.git", - "reference": "0442b9c0596610bd24ae7b5f0a6cdbbc16d9fcff" + "url": "https://github.com/symfony/polyfill-php56.git", + "reference": "ebc999ce5f14204c5150b9bd15f8f04e621409d8" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/symfony/polyfill-php70/zipball/0442b9c0596610bd24ae7b5f0a6cdbbc16d9fcff", - "reference": "0442b9c0596610bd24ae7b5f0a6cdbbc16d9fcff", + "url": "https://api.github.com/repos/symfony/polyfill-php56/zipball/ebc999ce5f14204c5150b9bd15f8f04e621409d8", + "reference": "ebc999ce5f14204c5150b9bd15f8f04e621409d8", + "shasum": "" + }, + "require": { + "php": ">=5.3.3", + "symfony/polyfill-util": "~1.0" + }, + "type": "library", + "extra": { + "branch-alias": { + "dev-master": "1.7-dev" + } + }, + "autoload": { + "psr-4": { + "Symfony\\Polyfill\\Php56\\": "" + }, + "files": [ + "bootstrap.php" + ] + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Nicolas Grekas", + "email": "p@tchwork.com" + }, + { + "name": "Symfony Community", + "homepage": "https://symfony.com/contributors" + } + ], + "description": "Symfony polyfill backporting some PHP 5.6+ features to lower PHP versions", + "homepage": "https://symfony.com", + "keywords": [ + "compatibility", + "polyfill", + "portable", + "shim" + ], + "time": "2018-01-30T19:27:44+00:00" + }, + { + "name": "symfony/polyfill-php70", + "version": "v1.7.0", + "source": { + "type": "git", + "url": "https://github.com/symfony/polyfill-php70.git", + "reference": "3532bfcd8f933a7816f3a0a59682fc404776600f" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/symfony/polyfill-php70/zipball/3532bfcd8f933a7816f3a0a59682fc404776600f", + "reference": "3532bfcd8f933a7816f3a0a59682fc404776600f", "shasum": "" }, "require": { @@ -1823,7 +1943,7 @@ "type": "library", "extra": { "branch-alias": { - "dev-master": "1.6-dev" + "dev-master": "1.7-dev" } }, "autoload": { @@ -1859,20 +1979,72 @@ "portable", "shim" ], - "time": "2017-10-11T12:05:26+00:00" + "time": "2018-01-30T19:27:44+00:00" }, { - "name": "symfony/process", - "version": "v3.4.3", + "name": "symfony/polyfill-util", + "version": "v1.7.0", "source": { "type": "git", - "url": "https://github.com/symfony/process.git", - "reference": "ff69f110c6b33fd33cd2089ba97d6112f44ef0ba" + "url": "https://github.com/symfony/polyfill-util.git", + "reference": "e17c808ec4228026d4f5a8832afa19be85979563" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/symfony/process/zipball/ff69f110c6b33fd33cd2089ba97d6112f44ef0ba", - "reference": "ff69f110c6b33fd33cd2089ba97d6112f44ef0ba", + "url": "https://api.github.com/repos/symfony/polyfill-util/zipball/e17c808ec4228026d4f5a8832afa19be85979563", + "reference": "e17c808ec4228026d4f5a8832afa19be85979563", + "shasum": "" + }, + "require": { + "php": ">=5.3.3" + }, + "type": "library", + "extra": { + "branch-alias": { + "dev-master": "1.7-dev" + } + }, + "autoload": { + "psr-4": { + "Symfony\\Polyfill\\Util\\": "" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Nicolas Grekas", + "email": "p@tchwork.com" + }, + { + "name": "Symfony Community", + "homepage": "https://symfony.com/contributors" + } + ], + "description": "Symfony utilities for portability of PHP codes", + "homepage": "https://symfony.com", + "keywords": [ + "compat", + "compatibility", + "polyfill", + "shim" + ], + "time": "2018-01-31T18:08:44+00:00" + }, + { + "name": "symfony/process", + "version": "v3.4.4", + "source": { + "type": "git", + "url": "https://github.com/symfony/process.git", + "reference": "09a5172057be8fc677840e591b17f385e58c7c0d" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/symfony/process/zipball/09a5172057be8fc677840e591b17f385e58c7c0d", + "reference": "09a5172057be8fc677840e591b17f385e58c7c0d", "shasum": "" }, "require": { @@ -1908,20 +2080,20 @@ ], "description": "Symfony Process Component", "homepage": "https://symfony.com", - "time": "2018-01-03T07:37:34+00:00" + "time": "2018-01-29T09:03:43+00:00" }, { "name": "symfony/routing", - "version": "v3.4.3", + "version": "v3.4.4", "source": { "type": "git", "url": "https://github.com/symfony/routing.git", - "reference": "e2b6d6fe7b090c7af720b75c7722c6dfa7a52658" + "reference": "235d01730d553a97732990588407eaf6779bb4b2" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/symfony/routing/zipball/e2b6d6fe7b090c7af720b75c7722c6dfa7a52658", - "reference": "e2b6d6fe7b090c7af720b75c7722c6dfa7a52658", + "url": "https://api.github.com/repos/symfony/routing/zipball/235d01730d553a97732990588407eaf6779bb4b2", + "reference": "235d01730d553a97732990588407eaf6779bb4b2", "shasum": "" }, "require": { @@ -1986,20 +2158,20 @@ "uri", "url" ], - "time": "2018-01-04T15:09:34+00:00" + "time": "2018-01-16T18:03:57+00:00" }, { "name": "symfony/translation", - "version": "v3.4.3", + "version": "v3.4.4", "source": { "type": "git", "url": "https://github.com/symfony/translation.git", - "reference": "17b5962d252b2d6d1d37a2485ebb7ddc5b2bef0a" + "reference": "10b32cf0eae28b9b39fe26c456c42b19854c4b84" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/symfony/translation/zipball/17b5962d252b2d6d1d37a2485ebb7ddc5b2bef0a", - "reference": "17b5962d252b2d6d1d37a2485ebb7ddc5b2bef0a", + "url": "https://api.github.com/repos/symfony/translation/zipball/10b32cf0eae28b9b39fe26c456c42b19854c4b84", + "reference": "10b32cf0eae28b9b39fe26c456c42b19854c4b84", "shasum": "" }, "require": { @@ -2054,20 +2226,20 @@ ], "description": "Symfony Translation Component", "homepage": "https://symfony.com", - "time": "2018-01-03T07:37:34+00:00" + "time": "2018-01-18T22:16:57+00:00" }, { "name": "symfony/var-dumper", - "version": "v3.4.3", + "version": "v3.4.4", "source": { "type": "git", "url": "https://github.com/symfony/var-dumper.git", - "reference": "545be7e78ccbec43e599f10ff7500d0b09eda9d0" + "reference": "472a9849930cf21f73abdb02240f17cf5b5bd1a7" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/symfony/var-dumper/zipball/545be7e78ccbec43e599f10ff7500d0b09eda9d0", - "reference": "545be7e78ccbec43e599f10ff7500d0b09eda9d0", + "url": "https://api.github.com/repos/symfony/var-dumper/zipball/472a9849930cf21f73abdb02240f17cf5b5bd1a7", + "reference": "472a9849930cf21f73abdb02240f17cf5b5bd1a7", "shasum": "" }, "require": { @@ -2123,7 +2295,7 @@ "debug", "dump" ], - "time": "2018-01-03T17:14:19+00:00" + "time": "2018-01-29T09:03:43+00:00" }, { "name": "tijsverkoyen/css-to-inline-styles", @@ -2172,6 +2344,80 @@ "homepage": "https://github.com/tijsverkoyen/CssToInlineStyles", "time": "2017-11-27T11:13:29+00:00" }, + { + "name": "tymon/jwt-auth", + "version": "1.0.0-rc.1", + "source": { + "type": "git", + "url": "https://github.com/tymondesigns/jwt-auth.git", + "reference": "6adc5c9df836405c47abc2f4c836872effb71ead" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/tymondesigns/jwt-auth/zipball/6adc5c9df836405c47abc2f4c836872effb71ead", + "reference": "6adc5c9df836405c47abc2f4c836872effb71ead", + "shasum": "" + }, + "require": { + "illuminate/auth": "5.1.* || 5.2.* || 5.3.* || 5.4.* || 5.5.*", + "illuminate/contracts": "5.1.* || 5.2.* || 5.3.* || 5.4.* || 5.5.*", + "illuminate/http": "5.1.* || 5.2.* || 5.3.* || 5.4.* || 5.5.*", + "illuminate/support": "5.1.* || 5.2.* || 5.3.* || 5.4.* || 5.5.*", + "namshi/jose": "^7.0", + "nesbot/carbon": "^1.0", + "php": "^5.5.9 || ^7.0" + }, + "require-dev": { + "cartalyst/sentinel": "2.0.*", + "illuminate/console": "5.1.* || 5.2.* || 5.3.* || 5.4.* || 5.5.*", + "illuminate/database": "5.1.* || 5.2.* || 5.3.* || 5.4.* || 5.5.*", + "illuminate/routing": "5.1.* || 5.2.* || 5.3.* || 5.4.* || 5.5.*", + "mockery/mockery": "0.9.*", + "phpunit/phpunit": "~4.8 || ~6.0" + }, + "type": "library", + "extra": { + "branch-alias": { + "dev-develop": "1.0-dev" + }, + "laravel": { + "aliases": { + "JWTAuth": "Tymon\\JWTAuth\\Facades\\JWTAuth", + "JWTFactory": "Tymon\\JWTAuth\\Facades\\JWTFactory" + }, + "providers": [ + "Tymon\\JWTAuth\\Providers\\LaravelServiceProvider" + ] + } + }, + "autoload": { + "psr-4": { + "Tymon\\JWTAuth\\": "src/" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Sean Tymon", + "email": "tymon148@gmail.com", + "homepage": "https://tymon.xyz", + "role": "Developer" + } + ], + "description": "JSON Web Token Authentication for Laravel and Lumen", + "homepage": "https://github.com/tymondesigns/jwt-auth", + "keywords": [ + "Authentication", + "JSON Web Token", + "auth", + "jwt", + "laravel" + ], + "time": "2017-08-30T17:57:47+00:00" + }, { "name": "vlucas/phpdotenv", "version": "v2.4.0", @@ -3060,16 +3306,16 @@ }, { "name": "phpdocumentor/reflection-docblock", - "version": "4.2.0", + "version": "4.3.0", "source": { "type": "git", "url": "https://github.com/phpDocumentor/ReflectionDocBlock.git", - "reference": "66465776cfc249844bde6d117abff1d22e06c2da" + "reference": "94fd0001232e47129dd3504189fa1c7225010d08" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/phpDocumentor/ReflectionDocBlock/zipball/66465776cfc249844bde6d117abff1d22e06c2da", - "reference": "66465776cfc249844bde6d117abff1d22e06c2da", + "url": "https://api.github.com/repos/phpDocumentor/ReflectionDocBlock/zipball/94fd0001232e47129dd3504189fa1c7225010d08", + "reference": "94fd0001232e47129dd3504189fa1c7225010d08", "shasum": "" }, "require": { @@ -3107,7 +3353,7 @@ } ], "description": "With this component, a library can provide support for annotations via DocBlocks or otherwise retrieve information that is embedded in a DocBlock.", - "time": "2017-11-27T17:38:31+00:00" + "time": "2017-11-30T07:14:17+00:00" }, { "name": "phpdocumentor/type-resolver", @@ -3470,16 +3716,16 @@ }, { "name": "phpunit/phpunit", - "version": "6.5.5", + "version": "6.5.6", "source": { "type": "git", "url": "https://github.com/sebastianbergmann/phpunit.git", - "reference": "83d27937a310f2984fd575686138597147bdc7df" + "reference": "3330ef26ade05359d006041316ed0fa9e8e3cefe" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/sebastianbergmann/phpunit/zipball/83d27937a310f2984fd575686138597147bdc7df", - "reference": "83d27937a310f2984fd575686138597147bdc7df", + "url": "https://api.github.com/repos/sebastianbergmann/phpunit/zipball/3330ef26ade05359d006041316ed0fa9e8e3cefe", + "reference": "3330ef26ade05359d006041316ed0fa9e8e3cefe", "shasum": "" }, "require": { @@ -3550,7 +3796,7 @@ "testing", "xunit" ], - "time": "2017-12-17T06:31:19+00:00" + "time": "2018-02-01T05:57:37+00:00" }, { "name": "phpunit/phpunit-mock-objects", @@ -3710,21 +3956,21 @@ }, { "name": "sebastian/comparator", - "version": "2.1.2", + "version": "2.1.3", "source": { "type": "git", "url": "https://github.com/sebastianbergmann/comparator.git", - "reference": "11c07feade1d65453e06df3b3b90171d6d982087" + "reference": "34369daee48eafb2651bea869b4b15d75ccc35f9" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/sebastianbergmann/comparator/zipball/11c07feade1d65453e06df3b3b90171d6d982087", - "reference": "11c07feade1d65453e06df3b3b90171d6d982087", + "url": "https://api.github.com/repos/sebastianbergmann/comparator/zipball/34369daee48eafb2651bea869b4b15d75ccc35f9", + "reference": "34369daee48eafb2651bea869b4b15d75ccc35f9", "shasum": "" }, "require": { "php": "^7.0", - "sebastian/diff": "^2.0", + "sebastian/diff": "^2.0 || ^3.0", "sebastian/exporter": "^3.1" }, "require-dev": { @@ -3770,7 +4016,7 @@ "compare", "equality" ], - "time": "2018-01-12T06:34:42+00:00" + "time": "2018-02-01T13:46:46+00:00" }, { "name": "sebastian/diff", @@ -4224,16 +4470,16 @@ }, { "name": "symfony/thanks", - "version": "v1.0.3", + "version": "v1.0.5", "source": { "type": "git", "url": "https://github.com/symfony/thanks.git", - "reference": "8c12bbe4baabcb8e640efaaaab40e3a4497c9fb4" + "reference": "c757ee0c9dcfcc0e9e30fbbbdcadeb9dcc9aaaf4" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/symfony/thanks/zipball/8c12bbe4baabcb8e640efaaaab40e3a4497c9fb4", - "reference": "8c12bbe4baabcb8e640efaaaab40e3a4497c9fb4", + "url": "https://api.github.com/repos/symfony/thanks/zipball/c757ee0c9dcfcc0e9e30fbbbdcadeb9dcc9aaaf4", + "reference": "c757ee0c9dcfcc0e9e30fbbbdcadeb9dcc9aaaf4", "shasum": "" }, "require": { @@ -4263,7 +4509,7 @@ } ], "description": "Give thanks (in the form of a GitHub ⭐) to your fellow PHP package maintainers (not limited to Symfony components)!", - "time": "2018-01-19T16:12:41+00:00" + "time": "2018-01-26T10:44:34+00:00" }, { "name": "theseer/tokenizer", @@ -4307,16 +4553,16 @@ }, { "name": "webmozart/assert", - "version": "1.2.0", + "version": "1.3.0", "source": { "type": "git", "url": "https://github.com/webmozart/assert.git", - "reference": "2db61e59ff05fe5126d152bd0655c9ea113e550f" + "reference": "0df1908962e7a3071564e857d86874dad1ef204a" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/webmozart/assert/zipball/2db61e59ff05fe5126d152bd0655c9ea113e550f", - "reference": "2db61e59ff05fe5126d152bd0655c9ea113e550f", + "url": "https://api.github.com/repos/webmozart/assert/zipball/0df1908962e7a3071564e857d86874dad1ef204a", + "reference": "0df1908962e7a3071564e857d86874dad1ef204a", "shasum": "" }, "require": { @@ -4353,12 +4599,14 @@ "check", "validate" ], - "time": "2016-11-23T20:04:58+00:00" + "time": "2018-01-29T19:49:41+00:00" } ], "aliases": [], "minimum-stability": "stable", - "stability-flags": [], + "stability-flags": { + "tymon/jwt-auth": 5 + }, "prefer-stable": false, "prefer-lowest": false, "platform": { diff --git a/config/app.php b/config/app.php index b46dcce..c23f5e9 100644 --- a/config/app.php +++ b/config/app.php @@ -167,6 +167,7 @@ return [ /* * Package Service Providers... */ + Tymon\JWTAuth\Providers\LaravelServiceProvider::class, /* * Application Service Providers... @@ -208,6 +209,8 @@ return [ 'File' => Illuminate\Support\Facades\File::class, 'Gate' => Illuminate\Support\Facades\Gate::class, 'Hash' => Illuminate\Support\Facades\Hash::class, + 'JWTAuth' => Tymon\JWTAuth\Facades\JWTAuth::class, + 'JWTFactory' => Tymon\JWTAuth\Facades\JWTFactory::class, 'Lang' => Illuminate\Support\Facades\Lang::class, 'Log' => Illuminate\Support\Facades\Log::class, 'Mail' => Illuminate\Support\Facades\Mail::class, diff --git a/config/jwt.php b/config/jwt.php new file mode 100644 index 0000000..b12ac03 --- /dev/null +++ b/config/jwt.php @@ -0,0 +1,173 @@ + + * + * For the full copyright and license information, please view the LICENSE + * file that was distributed with this source code. + */ + +return [ + + /* + |-------------------------------------------------------------------------- + | JWT Authentication Secret + |-------------------------------------------------------------------------- + | + | Don't forget to set this, as it will be used to sign your tokens. + | A helper command is provided for this: `php artisan jwt:generate` + | + */ + + 'secret' => env('JWT_SECRET', 'changeme'), + + /* + |-------------------------------------------------------------------------- + | JWT time to live + |-------------------------------------------------------------------------- + | + | Specify the length of time (in minutes) that the token will be valid for. + | Defaults to 1 hour + | + */ + + 'ttl' => 60, + + /* + |-------------------------------------------------------------------------- + | Refresh time to live + |-------------------------------------------------------------------------- + | + | Specify the length of time (in minutes) that the token can be refreshed + | within. I.E. The user can refresh their token within a 2 week window of + | the original token being created until they must re-authenticate. + | Defaults to 2 weeks + | + */ + + 'refresh_ttl' => 20160, + + /* + |-------------------------------------------------------------------------- + | JWT hashing algorithm + |-------------------------------------------------------------------------- + | + | Specify the hashing algorithm that will be used to sign the token. + | + | See here: https://github.com/namshi/jose/tree/2.2.0/src/Namshi/JOSE/Signer + | for possible values + | + */ + + 'algo' => 'HS256', + + /* + |-------------------------------------------------------------------------- + | User Model namespace + |-------------------------------------------------------------------------- + | + | Specify the full namespace to your User model. + | e.g. 'Acme\Entities\User' + | + */ + + 'user' => 'App\User', + + /* + |-------------------------------------------------------------------------- + | User identifier + |-------------------------------------------------------------------------- + | + | Specify a unique property of the user that will be added as the 'sub' + | claim of the token payload. + | + */ + + 'identifier' => 'id', + + /* + |-------------------------------------------------------------------------- + | Required Claims + |-------------------------------------------------------------------------- + | + | Specify the required claims that must exist in any token. + | A TokenInvalidException will be thrown if any of these claims are not + | present in the payload. + | + */ + + 'required_claims' => ['iss', 'iat', 'exp', 'nbf', 'sub', 'jti'], + + /* + |-------------------------------------------------------------------------- + | Blacklist Enabled + |-------------------------------------------------------------------------- + | + | In order to invalidate tokens, you must have the blacklist enabled. + | If you do not want or need this functionality, then set this to false. + | + */ + + 'blacklist_enabled' => env('JWT_BLACKLIST_ENABLED', true), + + /* + |-------------------------------------------------------------------------- + | Providers + |-------------------------------------------------------------------------- + | + | Specify the various providers used throughout the package. + | + */ + + 'providers' => [ + + /* + |-------------------------------------------------------------------------- + | User Provider + |-------------------------------------------------------------------------- + | + | Specify the provider that is used to find the user based + | on the subject claim + | + */ + + 'user' => 'Tymon\JWTAuth\Providers\User\EloquentUserAdapter', + + /* + |-------------------------------------------------------------------------- + | JWT Provider + |-------------------------------------------------------------------------- + | + | Specify the provider that is used to create and decode the tokens. + | + */ + + 'jwt' => 'Tymon\JWTAuth\Providers\JWT\NamshiAdapter', + + /* + |-------------------------------------------------------------------------- + | Authentication Provider + |-------------------------------------------------------------------------- + | + | Specify the provider that is used to authenticate users. + | + */ + + 'auth' => 'Tymon\JWTAuth\Providers\Auth\IlluminateAuthAdapter', + + /* + |-------------------------------------------------------------------------- + | Storage Provider + |-------------------------------------------------------------------------- + | + | Specify the provider that is used to store tokens in the blacklist + | + */ + + 'storage' => 'Tymon\JWTAuth\Providers\Storage\IlluminateCacheAdapter', + + ], + +]; diff --git a/routes/class/user.php b/routes/class/user.php index b7c1ec6..c222d6e 100644 --- a/routes/class/user.php +++ b/routes/class/user.php @@ -14,6 +14,10 @@ Route::post('/api/rpc/user/auth/isauth', 'UserController@isAuth'); Route::post('/api/rpc/user/auth/login', 'UserController@login'); Route::post('/api/rpc/user/auth/register', 'UserController@register'); Route::post('/api/rpc/user/auth/logout', 'UserController@logout'); +Route::group(['middleware' => 'jwt'], function () { + // Protected routes + Route::resource('getUserPosts', 'BoardController'); +}); // Owner Route::get('/api/rpc/user/owner/countownersoffile/{id}', 'OwnerController@countOwnersOfFile');