/** * @param array $params Request parameters * @param string $method Request method * @param array $headers Request headers * @return object|FALSE Returns false on error or the user object on success */ public function check($params, $method, $headers) { if (!isset($headers['Authorization'])) { return false; } list($jwt) = sscanf($headers['Authorization'], 'Bearer %s'); if (!$jwt) { return false; } $secret = Phramework::getSetting('jwt', 'secret'); $algorithm = Phramework::getSetting('jwt', 'algorithm'); try { $token = \Firebase\JWT\JWT::decode($jwt, $secret, [$algorithm]); //Call onAuthenticate callback if set if (($callback = Manager::getOnCheckCallback()) !== null) { call_user_func($callback, $token->data); } return $token->data; } catch (\Exception $e) { /* * the token was not able to be decoded. * this is likely because the signature was not able to be verified (tampered token) */ return false; } }
/** * @param array $params Request parameters * @param string $method Request method * @param array $headers Request headers * @return object|FALSE Returns false on error or the user object on success */ public function check($params, $method, $headers) { if (!isset($headers['Authorization'])) { return false; } list($token) = sscanf($headers['Authorization'], 'Basic %s'); if (!$token) { return false; } $tokenDecoded = base64_decode($token); $tokenParts = explode(':', $tokenDecoded); if (count($tokenParts) != 2) { return false; } $email = \Phramework\Validate\EmailValidator::parseStatic($tokenParts[0]); $password = $tokenParts[1]; list($user) = $this->authenticate(['email' => $email, 'password' => $password], $method, $headers); if ($user !== false && ($callback = Manager::getOnCheckCallback()) !== null) { call_user_func($callback, $user); } return $user; }