/** * Authenticate a user via a token. * * @param mixed $token * * @return mixed */ public function authenticate($token = false) { $id = $this->getPayload($token)->get('sub'); if (!$this->auth->byId($id)) { return false; } return $this->auth->user(); }
/** * Authenticate a user via a token. * * @param mixed $token * @param Array $custom custom claims that must be equals (all custom fields indicated must be equals in token, this doesn't entail that the token must have only these claims) * @return mixed */ public function authenticate($token = false, $custom = []) { $payload = $this->getPayload($token); $id = $payload->get('sub'); foreach ($custom as $customK => $customV) { if (!isset($payload[$customK]) || $customV != $payload[$customK]) { return new InvalidClaimException('custom fields are wrong'); } } if (!$this->auth->byId($id)) { return false; } $user = $this->auth->user(); $this->setUserModelAsObject($user); return $user; }
public function postIndex(Request $request, JWTAuth $jwt, AuthInterface $auth) { $credentials = $request->only('email', 'password'); try { if ($auth->byCredentials($credentials)) { if ($auth->user()->group == User::GROUP_DISABLED) { throw new UserDisabledException('Account has been disabled.'); } $extraInfo = ['user' => $auth->user(), 'code' => Crypt::encrypt(md5($credentials['password']))]; if ($token = $jwt->fromUser($auth->user(), $extraInfo)) { event(new UserLoggedIn($auth->user())); return $this->jsonResponse(['token' => $token]); } } } catch (JWTException $e) { return $this->jsonResponse(['Error creating JWT token'], 401); } catch (UserDisabledException $e) { return $this->jsonResponse([$e->getMessage()], 401); } return $this->jsonResponse(['Invalid username or password'], 401); }