/**
* The register method is responsible for checking/validating
* the given input (email and password) and either return an error code or
* create a new user.
*
* @return mixed
*/
public function register()
{
$validateUser = $this->validateUser();
if ($validateUser->status == 'error') {
return \Response::json($validateUser);
} else {
//All's good, create a new user
$user = User::create(['name' => \Request::get('name'), 'email' => \Request::get('email'), 'password' => bcrypt(\Request::get('password'))]);
if (!\Request::has('role')) {
$role['role'] = 'mobile';
} else {
$role['role'] = 'web';
}
//assign role to user
$role = Role::where('name', $role)->first();
$user->roles()->save($role);
$device = $this->sanitizeDevice($user->id);
$this->deviceService->store($user->id, $device);
//Retrieve the JWT and send back to the Controller
$token = \JWTAuth::fromUser($user);
$response = new ApiResponse();
$response->status = 'success';
$response->message = ['token' => $token];
}
return \Response::json($response);
}
/**
* Decode token request header
*
* @return object
*/
public static function getToken()
{
$jwt = \JWTAuth::getToken();
if (!$jwt) {
return null;
}
return \JWTAuth::decode($jwt)->get();
}
protected function login()
{
if (isset($this->token)) {
return;
}
$user = User::where('email', '=', env('TEST_MAIL'))->get()[0];
$this->token = JWTAuth::fromUser($user);
}
public function testRoute()
{
$customer = Customer::whereEmail('*****@*****.**')->first();
$token1 = JWTAuth::attempt(["email" => '*****@*****.**', "password" => "admin"]);
$token2 = JWTAuth::fromUser($customer);
$access_token = $token1;
$response = $this->call('GET', '/testtoken', [], [], array('HTTP_authorization' => 'bearer ' . $access_token, "HTTP_custom" => "custom header"));
$this->assertTrue($response->isOk());
}
/**
* @param \App\User $user
*/
protected function headers($user = null)
{
$headers = ['Accept' => 'application/json'];
if (!is_null($user)) {
$token = JWTAuth::fromUser($user);
JWTAuth::setToken($token);
$headers['HTTP_AUTHORIZATION'] = 'Bearer ' . (string) $token;
}
return $headers;
}
public function info()
{
try {
$token = \JWTAuth::getToken();
$payload = \JWTAuth::getPayload($token);
} catch (JWTException $e) {
return ['error' => 'no auth token provided'];
}
$user = User::where('id', $payload['user_id'])->first();
return $user;
}
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
if (!\JWTAuth::getToken()) {
return response()->json(['status' => 401, 'error' => 'token_absent'], 200);
} else {
try {
$authenticate = \JWTAuth::parseToken()->authenticate();
if (!$authenticate) {
return response()->json(['status' => 401, 'error' => 'user_not_found'], 200);
}
} catch (Tymon\JWTAuth\Exceptions\TokenExpiredException $e) {
return response()->json(['status' => 401, 'error' => 'token_expired'], 200);
} catch (Tymon\JWTAuth\Exceptions\TokenInvalidException $e) {
return response()->json(['status' => 401, 'error' => 'token_invalid'], 200);
}
}
return $next($request);
}
/**
*
* @param Request $request
*/
public function __construct(Request $request)
{
$this->request = $request;
$this->middleware('jwt.auth');
$this->middleware('api', ['except' => 'GenerateApiKey']);
$user = \JWTAuth::parseToken()->authenticate();
$this->user = $user;
$ticket = new TicketController();
$this->ticket = $ticket;
$model = new Tickets();
$this->model = $model;
$thread = new Ticket_Thread();
$this->thread = $thread;
$attach = new Ticket_attachments();
$this->attach = $attach;
$ticketRequest = new TicketRequest();
$this->ticketRequest = $ticketRequest;
$faveoUser = new User();
$this->faveoUser = $faveoUser;
$team = new Teams();
$this->team = $team;
$setting = new Settings();
$this->setting = $setting;
$helptopic = new Help_topic();
$this->helptopic = $helptopic;
$slaPlan = new Sla_plan();
$this->slaPlan = $slaPlan;
$priority = new Priority();
$this->priority = $priority;
$department = new Department();
$this->department = $department;
$source = new Ticket_source();
$this->source = $source;
}
/**
* Update a address by id
* @return array
*/
public function update(Request $request, $id)
{
$jugador_data = json_decode($request->getContent(), true);
\JWTAuth::parseToken();
$user = \JWTAuth::parseToken()->authenticate();
$editedJugador = NULL;
try {
if ($id == $user->id_jugador) {
$editedJugador = $this->repository->update($jugador_data, $id);
$file = $request->file("foto");
if (!empty($file)) {
$file->move("images/jugadores/", $user->id_jugador . ".jpg");
}
return response()->json($editedJugador);
} else {
return ResponseMessage::invalidPermission();
}
} catch (\Exception $e) {
if ($e instanceof ValidatorException) {
return response()->json($e->toArray(), 400);
} else {
return response()->json($e->getMessage(), 500);
}
}
}
public function join($eventId)
{
$user = \JWTAuth::parseToken()->toUser();
$event = \App\Event::find($eventId);
$event->users()->attach($user->id);
response()->json(['message' => 'User Joined Event'], 200);
}
public function login(Request $request)
{
$credentials = $request->only('email', 'password');
if (!($token = \JWTAuth::attempt($credentials))) {
return response()->json(['error' => 'invalid_credentials'], 401);
}
return response()->json(['token' => $token, 'user' => ['id' => \JWTAuth::toUser($token)->id, 'name' => \JWTAuth::toUser($token)->name, 'email' => \JWTAuth::toUser($token)->email]]);
}
/**
* Updates particular creator
*
* @param int $id
* @return boolean
*/
public function update()
{
$user = JWTAuth::parseToken()->toUser();
$creator = $this->creator->createCreator(Input::all(), $user['id']);
return $this->response->array($creator);
// $user = JWTAuth::parseToken()->toUser();
// $creator = $this->creator->updateCreator(Input::all(), $user['id']);
// return $this->response->array($creator);
}
/**
* @param \App\User $user
*/
protected function headers($user = null)
{
$headers = ['Accept' => 'application/json'];
if (!is_null($user)) {
$token = JWTAuth::fromUser($user);
JWTAuth::setToken($token);
$headers['Authorization'] = 'Bearer ' . $token;
}
return $headers;
}
public function call($method, $uri, $params = array(), $cookies = array(), $files = array(), $headers = array(), $content = null)
{
if (!$this->noTokenNextReq) {
$headers['HTTP_Authorization'] = 'Bearer ' . $this->token;
} else {
$this->noTokenNextReq = false;
JWTAuth::unsetToken();
}
parent::call($method, $uri, $params, $cookies, $files, $headers, $content);
}
public function authenticate($userCredentials)
{
if(!$token = \JWTAuth::attempt($credentials)) {
//throw exception
}
$user = \JWTAuth::setToken($token)->toUser();
return $user;
}
public function authenticate(Request $request)
{
try {
$credentials = \Request::only('email', 'password');
if (!($token = \JWTAuth::attempt($credentials))) {
return \Response::json(['error' => 'invalid_credentials'], 401);
}
return \Response::json(compact('token'));
} catch (JWTException $e) {
return \Response::json(['error' => 'could_not_create_token'], 500);
}
}
/**
* Handle login request to the application.
*
* @param \Illuminate\Http\Request $request
* @return \Illuminate\Http\RedirectResponse|\Illuminate\Routing\Redirector
*/
public function store(Request $request)
{
$validator = \Validator::make($request->all(), ['email' => 'required|email', 'password' => 'required|min:6']);
if ($validator->fails()) {
return $this->respondValidationError($validator);
}
$token = is_api_request() ? \JWTAuth::attempt($request->only('email', 'password')) : Auth::attempt($request->only('email', 'password'), $request->has('remember'));
if (!$token) {
return $this->respondLoginFailed();
}
event('users.login', [Auth::user()]);
return $this->respondCreated($request->input('return'), $token);
}
public function storeToken()
{
try {
if ($user = Sentinel::stateless(Input::only('email', 'password'))) {
return \JWTAuth::fromUser($user);
} else {
throw new UnauthorizedHttpException('Invalid Credentials');
}
} catch (\Exception $e) {
//dd(get_class($e));
throw new UnauthorizedHttpException('Unauthorized', $e->getMessage());
}
}
/**
* Authenticate the user by their credentials
*
* @param array $data
* @return \Illuminate\Http\JsonResponse
*/
public function authenticate(array $data)
{
try {
// Attempt to verify the credentials and create a token for the user
if (!($token = \JWTAuth::attempt($data))) {
return $this->response()->array(['error' => 'invalid_credentials'])->setStatusCode(401);
}
} catch (JWTException $e) {
// Something went wrong whilst attempting to encode the token
return $this->response()->array(['error' => 'could_not_create_token'])->setStatusCode(500);
}
// Authentication passed and return the token
return $token;
}
public function authenticate(Request $request)
{
$credentials = $request->only('email', 'password');
try {
// verify the credentials and create a token for the user
if (!($token = JWTAuth::attempt($credentials))) {
return response()->json(['error' => 'invalid_credentials'], 401);
}
} catch (JWTException $e) {
// something went wrong
return response()->json(['error' => 'could_not_create_token'], 500);
}
// if no errors are encountered we can return a JWT
return response()->json(compact('token'));
}
public function expired($e)
{
$token = \JWTAuth::parseToken();
Config::package('tymon/jwt-auth', 'jwt');
$ttl = Config::get('jwt::refresh_ttl');
$iat = Carbon::createFromTimestamp($token->getPayload()->get('iat'));
$now = Carbon::now();
// if renew ttl is expired too, return 401, otherwise let
// the application generate a new token to frontend
if ($iat->diffInMinutes($now) >= $ttl) {
unset($iat, $now, $ttl);
return response_failure(Lang::get('errors.api.auth.expired'), Config::get('status.error.unauthorized'));
}
unset($iat, $now, $ttl);
}
public function getAuthenticatedUser()
{
try {
if (!($user = JWTAuth::parseToken()->authenticate())) {
return response()->json(['user_not_found'], 404);
}
} catch (Tymon\JWTAuth\Exceptions\TokenExpiredException $e) {
return response()->json(['token_expired'], $e->getStatusCode());
} catch (Tymon\JWTAuth\Exceptions\TokenInvalidException $e) {
return response()->json(['token_invalid'], $e->getStatusCode());
} catch (Tymon\JWTAuth\Exceptions\JWTException $e) {
return response()->json(['token_absent'], $e->getStatusCode());
}
// the token is valid and we have found the user via the sub claim
return response()->json(compact('user'));
}
public function createUser(Request $request)
{
Log::debug("JWTAuthController.createUser.begin");
try {
$credentials = $request->json()->all();
$credentials['password'] = Hash::make($credentials['password']);
Log::debug("JWTAuthController.createUser:"******"JWTAuthController.createUser.exception:" . $e->getMessage());
return response()->json($e->getMessage());
}
Log::debug("JWTAuthController.createUser.end");
return response()->json('ok');
}
/**
* Update a address by id
* @return array
*/
public function update(Request $request, $id)
{
\JWTAuth::parseToken();
$user = \JWTAuth::parseToken()->authenticate();
$alert_data = json_decode($request->getContent(), true);
try {
$alert = $this->repository->update($alert_data, $id);
return response()->json($alert);
} catch (\Exception $e) {
if ($e instanceof ValidatorException) {
return response()->json($e->toArray(), 400);
} else {
return response()->json($e->getMessage(), 500);
}
}
}
public function signin()
{
$credentials = \Input::only('email', 'password');
$validator = \Validator::make($credentials, User::getApiAuthRules());
if ($validator->passes()) {
try {
if (!($token = \JWTAuth::attempt($credentials))) {
return \API::response()->array(['error' => 'invalid_credentials'])->statusCode(401);
}
} catch (JWTException $e) {
return \API::response()->array(['error' => 'could_not_create_token'])->statusCode(500);
}
} else {
throw new \Dingo\Api\Exception\StoreResourceFailedException('Could not signin.', $validator->errors());
}
return compact('token');
}
public function debug()
{
$passport['id'] = 0;
$passport['name'] = 'guest';
$passport['roles'] = ['guest'];
try {
$user = \JWTAuth::parseToken()->authenticate();
} catch (JWTException $e) {
$user = null;
}
if ($user) {
$passport['id'] = $user->getId();
$passport['name'] = $user->name;
$passport['roles'] = array_values($user->getRoles());
}
return response()->json($passport);
}
public function testChangePassword()
{
// Check authenticate
$res = $this->call('PUT', '/me/password');
$results = json_decode($res->getContent());
$this->assertEquals('error', $results->status);
$this->assertEquals('authenticate', $results->type);
$this->assertEquals('Token is not provided.', $results->message);
$credentials = ['email' => '*****@*****.**', 'password' => '123456'];
$token = JWTAuth::attempt($credentials);
// Input is empty
$res = $this->call('PUT', '/me/password', [], [], [], ['HTTP_Authorization' => "Bearer {$token}"]);
$this->assertEquals(400, $res->getStatusCode());
$results = json_decode($res->getContent());
$this->assertEquals('error', $results->status);
$this->assertEquals('validation', $results->type);
$this->assertObjectHasAttribute('old_password', $results->errors);
$this->assertEquals('The old password field is required.', $results->errors->old_password[0]);
$this->assertObjectHasAttribute('password', $results->errors);
$this->assertEquals('The password field is required.', $results->errors->password[0]);
// Check validate input
$res = $this->call('PUT', '/me/password', ['old_password' => '1234', 'password' => '1234', 'password_confirmation' => '123'], [], [], ['HTTP_Authorization' => "Bearer {$token}"]);
$this->assertEquals(400, $res->getStatusCode());
$results = json_decode($res->getContent());
$this->assertEquals('error', $results->status);
$this->assertEquals('validation', $results->type);
$this->assertObjectHasAttribute('old_password', $results->errors);
$this->assertEquals('The old password must be at least 6 characters.', $results->errors->old_password[0]);
$this->assertObjectHasAttribute('password', $results->errors);
$this->assertEquals('The password confirmation does not match.', $results->errors->password[0]);
$this->assertEquals('The password must be at least 6 characters.', $results->errors->password[1]);
// Old password is wrong
$res = $this->call('PUT', '/me/password', ['old_password' => '123456789', 'password' => '12345678', 'password_confirmation' => '12345678'], [], [], ['HTTP_Authorization' => "Bearer {$token}"]);
$this->assertEquals(400, $res->getStatusCode());
$results = json_decode($res->getContent());
$this->assertEquals('error', $results->status);
$this->assertEquals("The old password is incorrect.", $results->message);
$this->assertEquals('validation', $results->type);
// Change password success
$res = $this->call('PUT', '/me/password', ['old_password' => '123456', 'password' => '12345678', 'password_confirmation' => '12345678'], [], [], ['HTTP_Authorization' => "Bearer {$token}"]);
$this->assertEquals(204, $res->getStatusCode());
$checkPassword = Auth::attempt(['id' => 1, 'password' => '12345678']);
$this->assertTrue($checkPassword);
}
public function testWorkflow()
{
$customer = Customer::whereEmail('*****@*****.**')->first();
$customer->cart = null;
$customer->wishlist = null;
$token = JWTAuth::fromUser($customer);
//Initial get without login
$response = $this->call('GET', '/');
$app = app();
$shoppingCart = $app->settings->carts[Cart::SHOPPING_CART];
$this->assertEquals(0, count($shoppingCart->items));
$response = $this->action('POST', 'StoreController@addToCart', array('cart_type' => Cart::SHOPPING_CART, 'product_id' => 43, 'quantity' => 1));
$response = $this->call('GET', '/');
$response = $this->action('POST', 'StoreController@addToCart', array('cart_type' => Cart::SHOPPING_CART, 'product_id' => 44, 'quantity' => 1));
$this->assertEquals(2, count($shoppingCart->items));
//login
$response = $this->call('GET', '/', [], [], array('HTTP_authorization' => 'bearer ' . $token));
$this->assertEquals(2, count($shoppingCart->items));
}
public function authenticate(Request $request)
{
$credentials = $request->only('email', 'password');
try {
// verify the credentials and create a token for the user
if (!($token = \JWTAuth::attempt($credentials))) {
$response = new ApiResponse();
$response->status = 'error';
$response->message = ['id' => '', 'code' => 'invalid_credentials', 'description' => 'The credentials provided are not valid'];
return \Response::json($response);
}
} catch (JWTException $e) {
// something went wrong
$response = new ApiResponse();
$response->status = 'error';
$response->message = ['id' => '', 'code' => 'could_not_create_token', 'description' => 'The token could not be created'];
return \Response::json($response);
}
// if no errors are encountered we can return a JWT
$response = new ApiResponse();
$response->status = 'success';
$response->message = ['token' => $token];
return \Response::json($response);
}
/**
* Make a success response.
*
* @param \App\User $user
* @return \Illuminate\Http\JsonResponse
*/
protected function respondCreated(User $user)
{
return json()->setMeta(['token' => \JWTAuth::fromUser($user)])->created();
}