/**
  * Register the bindings for the main JWTAuth class
  */
 protected function registerJWTAuth()
 {
     $this->app['tymon.jwt.auth'] = $this->app->share(function ($app) {
         $auth = new JWTAuth($app['tymon.jwt.manager'], $app['tymon.jwt.provider.user'], $app['tymon.jwt.provider.auth'], $app['request']);
         return $auth->setIdentifier($this->config('identifier'));
     });
 }
 /**
  * Handle an incoming request.
  *
  * @param  Request  $request
  * @param  Closure  $next
  * @param  string   $action
  * @param  string   $resource
  * @return mixed
  */
 public function handle(Request $request, Closure $next, $action, $resource = null)
 {
     $user = $this->jwtAuth->getUser();
     $lock = $this->lock->makeCallerLockAware($user);
     if (!$user->can($action, $resource)) {
         throw new ForbiddenException();
     }
     return $next($request);
 }
Beispiel #3
0
 /**
  * Set permissions to be used in the controller.
  *
  * @param  Request  $request
  * @return void
  */
 public function permissions(Request $request)
 {
     $this->lock->setRole(User::$userTypes);
     $user = $this->jwtAuth->user();
     $owner = [User::class, 'userIsOwner', $user, last($request->segments())];
     $this->lock->role(User::USER_TYPE_ADMIN)->permit(['readAll', 'readOne', 'update', 'delete']);
     $this->lock->role(User::USER_TYPE_GUEST)->permit(['readOne', 'update'], [$owner]);
     $this->middleware('permission:readAll', ['only' => 'getAllPaginated']);
     $this->middleware('permission:readOne', ['only' => 'getOne']);
     $this->middleware('permission:update', ['only' => 'patchOne']);
     $this->middleware('permission:delete', ['only' => 'deleteOne']);
 }
Beispiel #4
0
 /**
  * Provide a requester with user information for single sign on.
  *
  * @param  string  $requester
  * @param  Request $request
  *
  * @return Response
  */
 public function singleSignOn($requester, Request $request)
 {
     // A single sign on request might have different requirements and
     // methods how to deal with a non logged in user. So we get the user
     // if possible, and if not we pass in a null user and let the the
     // requester class deal with it according to the requester's definitions
     if ($token = $request->cookie(self::JWT_AUTH_TOKEN_COOKIE)) {
         $user = $this->jwtAuth->toUser($token);
     } else {
         $user = null;
     }
     $requester = SingleSignOnFactory::create($requester, $request, $user);
     return $requester->getResponse();
 }