/**
* @param array $params Request parameters
* @param string $method Request method
* @param array $headers Request headers
* @return object|FALSE Returns false on error or the user object on success
*/
public function check($params, $method, $headers)
{
if (!isset($headers['Authorization'])) {
return false;
}
list($jwt) = sscanf($headers['Authorization'], 'Bearer %s');
if (!$jwt) {
return false;
}
$secret = Phramework::getSetting('jwt', 'secret');
$algorithm = Phramework::getSetting('jwt', 'algorithm');
try {
$token = \Firebase\JWT\JWT::decode($jwt, $secret, [$algorithm]);
//Call onAuthenticate callback if set
if (($callback = Manager::getOnCheckCallback()) !== null) {
call_user_func($callback, $token->data);
}
return $token->data;
} catch (\Exception $e) {
/*
* the token was not able to be decoded.
* this is likely because the signature was not able to be verified (tampered token)
*/
return false;
}
}
/**
* @param array $params Request parameters
* @param string $method Request method
* @param array $headers Request headers
* @return object|FALSE Returns false on error or the user object on success
*/
public function check($params, $method, $headers)
{
if (!isset($headers['Authorization'])) {
return false;
}
list($token) = sscanf($headers['Authorization'], 'Basic %s');
if (!$token) {
return false;
}
$tokenDecoded = base64_decode($token);
$tokenParts = explode(':', $tokenDecoded);
if (count($tokenParts) != 2) {
return false;
}
$email = \Phramework\Validate\EmailValidator::parseStatic($tokenParts[0]);
$password = $tokenParts[1];
list($user) = $this->authenticate(['email' => $email, 'password' => $password], $method, $headers);
if ($user !== false && ($callback = Manager::getOnCheckCallback()) !== null) {
call_user_func($callback, $user);
}
return $user;
}
