});
// Routes
$app->post('/login', function(Request $request) use($users, $privateKey) {
$name = $request->get('name');
$user = $users->findOne(['name' => $name]);
$password = $request->get('password');
if (null === $user || $password !== $user['password']) {
throw new HttpException(Response::HTTP_FORBIDDEN, 'Invalid username or password.');
}
// Generate new JSON Web Token.
$builder = new JWT\Builder();
$builder
->setNotBefore(time())
->setIssuer($request->getSchemeAndHttpHost())
->setId($user['_id']->{'$id'})
;
foreach (['name', 'email', 'given_name', 'family_name', 'email_verified', 'gender'] as $field) {
$builder->set($field, $user[$field]);
}
$builder->sign(new JWT\Signer\Rsa\Sha256(), $privateKey);
$token = $builder->getToken();
return new Response($token, 200, ['Access-Control-Allow-Origin' => '*', 'Content-Type' => 'application/jwt']);
});
$app->get('/images', function(Request $request) use($app, $images) {
/**
* Generates a user token
* @return string
*/
public function getToken($data = null)
{
$time = time();
$signer = new Sha256();
$token = new Builder();
$token->setIssuer(Router::url('/', true));
$token->setAudience($this->request->clientIp());
$token->setIssuedAt($time);
$token->setNotBefore($time);
$token->setExpiration($time + Configure::read('Security.timeout'));
$token->set('data', json_encode($data));
return (string) $token->sign($signer, Configure::read('Security.salt'))->getToken();
}
