/** * Get the currently authenticated user or null. * * @return Illuminate\Auth\UserInterface|null */ protected function user($request) { if (!($token = $this->auth->setRequest($request)->getToken())) { return 401; } try { $user = $this->auth->authenticate($token); } catch (JWTException $e) { return 401; } if (!$user) { return 401; } return $user; }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param Closure $next * @param string|null $guard * * @return \Illuminate\Http\RedirectResponse|\Symfony\Component\HttpFoundation\Response * * @fires JsonWebTokenExpired */ public function handle($request, Closure $next, $guard = null) { $autheticated_user = Auth::guard($guard)->user(); $has_valid_token = false; // Is the user has used "remember me" the token may not be in their session when they return if ($request->session()->has('jwt')) { $token = $request->session()->get('jwt'); try { $token_user = $this->auth->authenticate($token); if ($token_user->id !== $autheticated_user->id) { throw new JWTException('Token does not belong to the authenticated user'); } $has_valid_token = true; } catch (TokenExpiredException $e) { $has_valid_token = false; } catch (JWTException $e) { if ($request->ajax()) { return response('Unauthorized.', 401); } else { return redirect()->guest('login'); } } } // If there is no valid token, generate one if (!$has_valid_token) { event(new JsonWebTokenExpired($autheticated_user)); } return $next($request); }
/** * Authenticate a user using JWT token. * * @return \Symfony\Component\HttpFoundation\Response * @throws \Tymon\JWTAuth\Exceptions\JWTException */ public function verify() { if (!($user = $this->auth->parseToken()->authenticate())) { return response()->json(['user_not_found'], 404); } // the token is valid and we have found the user via the sub claim return response()->json(['data' => compact('user')]); }
public function getRefresh(JWTAuth $jwt) { try { $token = $jwt->refresh($jwt->getToken()); } catch (JWTException $e) { return $this->jsonResponse(null, 401); } return $this->jsonResponse(['token' => $token]); }
/** * Authenticate request with a JWT. * * @param \Illuminate\Http\Request $request * @param \Dingo\Api\Routing\Route $route * * @return mixed */ public function authenticate(Request $request, Route $route) { $token = $this->getToken($request); try { return $this->auth->setToken($token)->authenticate(); } catch (JWTException $e) { throw new UnauthorizedHttpException('JWTAuth', $e->getMessage()); } return $user; }
/** * Handle the event. * * @param Login|\REBELinBLUE\Deployer\Events\JsonWebTokenExpired $event */ public function handle(Login $event) { $tokenId = base64_encode(str_random(32)); $issuedAt = Carbon::now()->timestamp; $notBefore = $issuedAt; $expire = $notBefore + 3 * 60 * 60; // Adding 3 hours // Create the token $config = ['iat' => $issuedAt, 'jti' => $tokenId, 'iss' => config('app.url'), 'nbf' => $notBefore, 'exp' => $expire, 'data' => ['userId' => $event->user->id]]; Session::put('jwt', $this->auth->fromUser($event->user, $config)); }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, \Closure $next) { if (!($token = $this->auth->setRequest($request)->getToken())) { return response()->json(\JsonHelper::getErrorResponse(\HttpResponse::HTTP_BAD_REQUEST, 'Token is missing.'), \HttpResponse::HTTP_BAD_REQUEST); } $user = $this->auth->authenticate($token); if (!$user) { return response()->json(\JsonHelper::getErrorResponse(\HttpResponse::HTTP_NOT_FOUND, 'User not found.'), \HttpResponse::HTTP_NOT_FOUND); } return $next($request); }
/** * Authenticate request with a JWT. * * @param \Illuminate\Http\Request $request * @param \Dingo\Api\Routing\Route $route * * @return mixed */ public function authenticate(Request $request, Route $route) { $token = $this->getToken($request); try { if (!($user = $this->auth->authenticate($token))) { throw new UnauthorizedHttpException('JWTAuth', 'Unable authenticate with invalid token.'); } } catch (JWTException $exception) { throw new UnauthorizedHttpException('JWTAuth', $exception->getMessage()); } return $user; }
public function signUp(SignUpRequest $request, JWTAuth $JWTAuth) { $user = new User($request->all()); if (!$user->save()) { throw new HttpException(500); } if (!Config::get('boilerplate.sign_up.release_token')) { return response()->json(['status' => 'ok'], 201); } $token = $JWTAuth->fromUser($user); return response()->json(['status' => 'ok', 'token' => $token], 201); }
public function login(LoginRequest $request, JWTAuth $JWTAuth) { $credentials = $request->only(['email', 'password']); try { $token = $JWTAuth->attempt($credentials); if (!$token) { throw new AccessDeniedHttpException(); } } catch (JWTException $e) { throw new HttpException(500); } return response()->json(['status' => 'ok', 'token' => $token]); }
public function resetPassword(ResetPasswordRequest $request, JWTAuth $JWTAuth) { $response = $this->broker()->reset($this->credentials($request), function ($user, $password) { $this->reset($user, $password); }); if ($response !== Password::PASSWORD_RESET) { throw new HttpException(500); } if (!Config::get('boilerplate.reset_password.release_token')) { return response()->json(['status' => 'ok']); } $user = User::where('email', '=', $request->get('email'))->first(); return response()->json(['status' => 'ok', 'token' => $JWTAuth->fromUser($user)]); }
/** * Validate Token * * returns Illuminate\Http\JsonResponse */ public function validate() { try { if (!($user = $this->jwt->parseToken()->authenticate())) { return $this->returnUnauthenticatedUserResponse(); } } catch (TokenExpiredException $exception) { return $this->returnTokenExceptionResponse('token_expired', 401); } catch (TokenInvalidException $exception) { return $this->returnTokenExceptionResponse('token_invalid', 401); } catch (JWTException $exception) { return $this->returnTokenExceptionResponse('token_absent', 401); } return $this->returnAuthenticatedUserResponse(compact('user')); }
/** * Action to authenticate existing user * * @param Request $request * @return \Illuminate\Http\JsonResponse */ public function authenticate(Request $request) { $credentials = $request->only('email', 'password'); try { // verify the credentials and create a token for the user if (!($token = $this->jwtAuth->attempt($credentials))) { abort(401); } } catch (JWTException $e) { // something went wrong abort(500); } // if no errors are encountered we can return a JWT return response()->json(compact('token')); }
/** * Authenticate the user to get a token. * * @param \Illuminate\Http\Request $request * @return \Illuminate\Http\JsonResponse */ public function authenticate(Request $request) { try { if (Auth::check()) { $token = $this->jwt->fromUser(Auth::user()); } else { $credentials = $request->only('email', 'password'); if (!($token = $this->jwt->attempt($credentials))) { return response()->json(['error' => 'invalid_credentials'], 401); } } } catch (JWTException $e) { return response()->json(['error' => 'could_not_create_token'], 500); } return response()->json(compact('token')); }
public function handle($request, Closure $next) { $jwt = new JWTAuth(); try { if (!($user = $jwt->parseToken()->authenticate())) { return response()->json(['user_not_found'], 404); } } catch (TokenExpiredException $e) { return response()->json(['token_expired'], $e->getStatusCode()); } catch (TokenInvalidException $e) { return response()->json(['token_invalid'], $e->getStatusCode()); } catch (JWTException $e) { return response()->json(['token_absent'], $e->getStatusCode()); } // the token is valid and we have found the user via the sub claim return $next($request, $user); }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { // Step 1. Fail immediately if we don't have a token in the request. if (!($token = $this->auth->setRequest($request)->getToken())) { return new JsonResponse(['error' => 'authorization required'], Response::HTTP_UNAUTHORIZED); } try { // Step 2. Validate the given token. $member = $this->auth->authenticate($token); $permissions = array_merge(['level' => 1000, 'roles' => []], array_get(config('route.permissions'), $request->route()->getName(), [])); // This ensures that super roles are not overwritten by // route permission configurations. $permissions['roles'] = array_merge($permissions['roles'], $this->roles); $level = $permissions['level']; // Step 3. Check the auth level encoded in the token. if ($this->auth->getPayload()->get('level') < $level) { return new JsonResponse(['error' => 'authentication level not high enough'], Response::HTTP_FORBIDDEN); } // Step 4. Verify the role(s) of the member. $roles = $permissions['roles']; if (!$member->hasRole($roles)) { return new JsonResponse(['error' => 'invalid permissions'], Response::HTTP_FORBIDDEN); } // Step 5. Attach member to the current request. $request->member = $member; } catch (TokenExpiredException $e) { return new JsonResponse(['error' => 'token has expired'], Response::HTTP_FORBIDDEN); } catch (TokenInvalidException $e) { return new JsonResponse(['error' => 'token is invalid'], Response::HTTP_FORBIDDEN); } catch (JWTException $e) { return new JsonResponse(['error' => 'unknown error'], Response::HTTP_INTERNAL_SERVER_ERROR); } // Step 6. ??? if (!$member) { return new JsonResponse(['error' => 'entity does not exist'], Response::HTTP_INTERNAL_SERVER_ERROR); } // Step 7. Profit! return $next($request); }
public function getAuthenticatedUser(Request $request) { try { if (!($user = JWTAuth::parseToken()->authenticate())) { return response()->json(['error' => 'user_not_found'], 404); } } catch (Tymon\JWTAuth\Exceptions\TokenExpiredException $e) { return response()->json(['error' => 'token_expired'], $e->getStatusCode()); } catch (Tymon\JWTAuth\Exceptions\TokenInvalidException $e) { return response()->json(['error' => 'token_invalid'], $e->getStatusCode()); } catch (Tymon\JWTAuth\Exceptions\JWTException $e) { return response()->json(['error' => 'token_absent'], $e->getStatusCode()); } return response()->json(compact('user')); }
public function getAuthenticatedUser() { try { if (!($user = JWTAuth::parseToken()->authenticate())) { return response()->json(['user_not_found'], 404); } } catch (Tymon\JWTAuth\Exceptions\TokenExpiredException $e) { return response()->json(['token_expired'], $e->getStatusCode()); } catch (Tymon\JWTAuth\Exceptions\TokenInvalidException $e) { return response()->json(['token_invalid'], $e->getStatusCode()); } catch (Tymon\JWTAuth\Exceptions\JWTException $e) { return response()->json(['token_absent'], $e->getStatusCode()); } // the token is valid and we have found the user via the sub claim return response()->json(compact('user')); }
/** * Register the bindings for the main JWTAuth class. */ protected function registerJWTAuth() { $this->app['tymon.jwt.auth'] = $this->app->share(function ($app) { $auth = new JWTAuth($app['tymon.jwt.manager'], $app['tymon.jwt.provider.user'], $app['tymon.jwt.provider.auth'], $app['request']); return $auth->setIdentifier($this->config('identifier')); }); }
public function __construct(JWTAuth $auth) { $this->auth = $auth; $this->currentUser = $auth->toUser(); }
/** * Get the JWTManager instance. * * @return \Tymon\JWTAuth\JWTManager * @static */ public static function manager() { return \Tymon\JWTAuth\JWTAuth::manager(); }
/** * @param JWTAuth $jwt * @param \Laravel\Socialite\Contracts\User $login * @param string $provider * @return \Illuminate\Http\Response */ private function handleSocialLogin(JWTAuth $jwt, $login, $provider) { $token = UserSocialLogin::firstOrNew(['token' => $login->getId(), 'provider' => $provider]); if (!$token->exists) { $user = $this->createOrFindUser($login); $token->user_id = $user->id; $token->data = json_encode($login); } else { $user = $token->user; } $token->save(); try { if ($token = $jwt->fromUser($user)) { return redirect("/login/handle/{$token}"); } } catch (JWTException $e) { // return error on exception or empty token } return new JsonResponse(['Error creating JWT token'], 401); }
/** * Check the request for the presence of a token. * * @param \Illuminate\Http\Request $request * * @throws \Symfony\Component\HttpKernel\Exception\BadRequestHttpException */ public function checkForToken(Request $request) { if (!$this->auth->parser()->setRequest($request)->hasToken()) { throw new BadRequestHttpException('Token not provided'); } }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @return int */ public function handle($request) { $token = $this->auth->setRequest($request)->getToken(); $owner_id = env('acl.middleware.owner_id', 'owner_id'); return $this->auth->getPayload($token)->get($owner_id); }
/** @test */ public function it_should_throw_an_exception_when_token_not_present_in_request() { $this->setExpectedException('Tymon\\JWTAuth\\Exceptions\\JWTException'); $request = Request::create('/foo', 'GET'); $jwtAuth = new JWTAuth($this->manager, $this->user, $this->auth, $request); $jwtAuth->parseToken(); }
public function refresh(JWTAuth $auth) { $token = $auth->parseToken()->refresh(); return $this->response->success($token); }
/** * @param $user * @return string */ protected function getUserToken($user) { return $this->jwt->fromUser($user, $this->createClaims($user)); }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { $this->jwt->setRequest($request)->parseToken()->invalidate(); return $next($request); }
/** * Generate token from Eloquent Model. * * @param array $claims * @param Model|null $user * * @return string */ public function generateToken(array $claims = [], Model $user = null) { $user = $user ?: $this->request->user(); $subject = new JWTSubject($user, $claims); return $this->auth->fromUser($subject); }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { if (!($token = $this->auth->setRequest($request)->getToken())) { return $this->respond('tymon.jwt.absent', 'Token is not provided.', 400); } try { $user = $this->auth->authenticate($token); } catch (TokenExpiredException $e) { return $this->respond('tymon.jwt.expired', 'Token has expired.', $e->getStatusCode(), [$e]); } catch (JWTException $e) { return $this->respond('tymon.jwt.invalid', 'Token is invalid.', $e->getStatusCode(), [$e]); } if (!$user) { return $this->respond('tymon.jwt.user_not_found', 'User not found.', 404); } $this->events->fire('tymon.jwt.valid', $user); return $next($request); }