/**
* Authenticate a user via a token.
*
* @param mixed $token
*
* @return mixed
*/
public function authenticate($token = false)
{
$id = $this->getPayload($token)->get('sub');
if (!$this->auth->byId($id)) {
return false;
}
return $this->auth->user();
}
/**
* Authenticate a user via a token.
*
* @param mixed $token
* @param Array $custom custom claims that must be equals (all custom fields indicated must be equals in token, this doesn't entail that the token must have only these claims)
* @return mixed
*/
public function authenticate($token = false, $custom = [])
{
$payload = $this->getPayload($token);
$id = $payload->get('sub');
foreach ($custom as $customK => $customV) {
if (!isset($payload[$customK]) || $customV != $payload[$customK]) {
return new InvalidClaimException('custom fields are wrong');
}
}
if (!$this->auth->byId($id)) {
return false;
}
$user = $this->auth->user();
$this->setUserModelAsObject($user);
return $user;
}
public function postIndex(Request $request, JWTAuth $jwt, AuthInterface $auth)
{
$credentials = $request->only('email', 'password');
try {
if ($auth->byCredentials($credentials)) {
if ($auth->user()->group == User::GROUP_DISABLED) {
throw new UserDisabledException('Account has been disabled.');
}
$extraInfo = ['user' => $auth->user(), 'code' => Crypt::encrypt(md5($credentials['password']))];
if ($token = $jwt->fromUser($auth->user(), $extraInfo)) {
event(new UserLoggedIn($auth->user()));
return $this->jsonResponse(['token' => $token]);
}
}
} catch (JWTException $e) {
return $this->jsonResponse(['Error creating JWT token'], 401);
} catch (UserDisabledException $e) {
return $this->jsonResponse([$e->getMessage()], 401);
}
return $this->jsonResponse(['Invalid username or password'], 401);
}
