Skip to content

Commit

Permalink
Gc 79 add jwt token auth (#40)
Browse files Browse the repository at this point in the history 
* Added jwt config plus simplified error handler

* Updated packages

* Updated cms to 0.3.0 to use cms error handler

* Cors config, fixed allowedHeaders for api requests

* composer update

* Newest admin package
  • Loading branch information
@PSkierniewski @AdrianSkierniewski
PSkierniewski authored and AdrianSkierniewski committed Aug 21, 2016
1 parent ca15823 commit ff059d3
Show file tree
Hide file tree
Showing 8 changed files with 534 additions and 282 deletions.
3 changes: 3 additions & 0 deletions .env.example
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,9 @@ MAIL_PORT=2525
MAIL_USERNAME=null
MAIL_PASSWORD=null

JWT_SECRET=
JWT_BLACKLIST_ENABLED=

OAUTH_GOOGLE_CLIENT_ID=
OAUTH_GOOGLE_CLIENT_SECRET=

Expand Down
91 changes: 2 additions & 89 deletions app/Exceptions/Handler.php
View file
Original file line number Diff line number Diff line change
@@ -1,28 +1,10 @@
<?php namespace App\Exceptions;

use Exception;
use Illuminate\Support\Facades\App;
use Whoops\Run;
use Whoops\Handler\PrettyPageHandler;
use Gzero\Validator\ValidationException;
use Gzero\Api\AccessForbiddenException;
use Illuminate\Foundation\Exceptions\Handler as ExceptionHandler;
use Gzero\Core\Exceptions\Handler as ExceptionHandler;

class Handler extends ExceptionHandler {

const VALIDATION_ERROR = 400; // (Bad Request)
const SERVER_ERROR = 500; // (Internal Server Error)
const FORBIDDEN_ERROR = 403; // (Forbidden Error)

/**
* A list of the exception types that should not be reported.
*
* @var array
*/
protected $dontReport = [
'Symfony\Component\HttpKernel\Exception\HttpException'
];

/**
* Report or log an exception.
*
Expand All @@ -47,75 +29,6 @@ public function report(Exception $e)
*/
public function render($request, Exception $e)
{
if ($request->ajax() || preg_match('/^api/', $request->getHost())) {
/** @var $CORS \Asm89\Stack\CorsService */
$CORS = app()->make('Asm89\Stack\CorsService');
if ($e instanceof ValidationException) {
return $CORS->addActualRequestHeaders(
response()->json(
[
'code' => self::VALIDATION_ERROR,
'error' => $e->getErrors()
],
self::VALIDATION_ERROR
),
$request
);
} elseif ($e instanceof AccessForbiddenException) {
return $CORS->addActualRequestHeaders(
response()->json(
[
'code' => self::FORBIDDEN_ERROR,
'error' => ($e->getMessage()) ? $e->getMessage() : 'Forbidden.'
],
self::FORBIDDEN_ERROR
),
$request
);
} else {
if (App::environment() == 'production') {
return $CORS->addActualRequestHeaders(
response()->json(
[
'code' => self::SERVER_ERROR,
'error' => [
'message' => ($e->getMessage()) ? $e->getMessage() : 'Internal Server Error',
]
],
self::SERVER_ERROR
),
$request
);
} else {
return $CORS->addActualRequestHeaders(
response()->json(
[
'code' => self::SERVER_ERROR,
'error' => [
'type' => get_class($e),
'message' => ($e->getMessage()) ? $e->getMessage() : 'Internal Server Error',
'file' => $e->getFile(),
'line' => $e->getLine(),
]
],
self::SERVER_ERROR
),
$request
);
}
}
} else {
if (config('app.debug')) {
$whoops = new Run;
$whoops->pushHandler(new PrettyPageHandler);
return response(
$whoops->handleException($e),
method_exists($e, 'getStatusCode') ? $e->getStatusCode() : self::SERVER_ERROR,
method_exists($e, 'getHeaders') ? $e->getHeaders() : []
);
} else {
return parent::render($request, $e);
}
}
return parent::render($request, $e);
}
}
17 changes: 8 additions & 9 deletions app/Http/Controllers/UserController.php
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,5 @@
<?php namespace App\Http\Controllers;

use Auth;
use Gzero\Repository\UserRepository;
use Gzero\Validator\BaseUserValidator;
use Gzero\Validator\ValidationException;
Expand Down Expand Up @@ -46,15 +45,15 @@ public function __construct(UserRepository $userRepo, BaseUserValidator $validat

public function login()
{
if (Auth::check()) {
if (auth()->check()) {
return redirect()->route('account');
}
return view('auth.login');
}

public function logout()
{
Auth::logout();
auth()->logout();
return redirect()->route('home');
}

Expand All @@ -63,8 +62,8 @@ public function postLogin()
try {
$input = $this->validator->validate('login');
$remember = Input::get('remember', false);
if (Auth::validate($input)) {
if (Auth::check() || Auth::viaRemember() || Auth::attempt($input, $remember)) {
if (auth()->validate($input)) {
if (auth()->check() || auth()->viaRemember() || auth()->attempt($input, $remember)) {
return redirect()->route('home');
}
return redirect()->route('login');
Expand All @@ -87,7 +86,7 @@ public function postLogin()

public function register()
{
if (Auth::check()) {
if (auth()->check()) {
return redirect()->route('home');
}
return view('auth.register');
Expand All @@ -104,7 +103,7 @@ public function postRegister()
$input['password'] = Hash::make($input['password']);
$user = $this->userRepo->create($input);
if (!empty($user)) {
Auth::login($user);
auth()->login($user);
try {
$subject = Lang::get('emails.welcome.subject', ['siteName' => Config::get('gzero.siteName')]);
Mail::send( // welcome email
Expand Down Expand Up @@ -134,7 +133,7 @@ function ($message) use ($input, $subject) {
*/
public function remind()
{
if (Auth::check()) {
if (auth()->check()) {
return redirect()->route('home');
}
return view('auth.password');
Expand Down Expand Up @@ -195,7 +194,7 @@ public function reset($token = null)
{
if (is_null($token)) {
App::abort(404);
} elseif (Auth::check()) {
} elseif (auth()->check()) {
return redirect()->route('home');
}

Expand Down
1 change: 0 additions & 1 deletion app/Http/Kernel.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,6 @@ class Kernel extends HttpKernel {
*/
protected $routeMiddleware = [
'auth' => \Gzero\Core\Middleware\Auth::class,
'admin.api.access' => \Gzero\Core\Middleware\AdminApiAccess::class,
'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class,
];
Expand Down
9 changes: 5 additions & 4 deletions composer.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,9 +15,9 @@
}
],
"require": {
"gzero/cms": "0.2.*",
"gzero/api": "0.2.*",
"gzero/admin": "0.2.*",
"gzero/cms": "0.3.*",
"gzero/api": "dev-GC-79_add_jwt_token_auth as 0.3",
"gzero/admin": "0.3.*",
"gzero/social": "^1.0",
"gzero/vanilla-integration": "^1.0",
"thomaswelton/laravel-gravatar": "~1.0",
Expand All @@ -31,7 +31,8 @@
"phpspec/phpspec": "~2.1",
"codeception/codeception": "2.1.4",
"fzaninotto/faker": "1.4.0",
"satooshi/php-coveralls": "dev-master"
"satooshi/php-coveralls": "dev-master",
"flow/jsonpath": "^0.3.1"
},
"autoload": {
"classmap": [
Expand Down
Loading

0 comments on commit ff059d3

Please sign in to comment.