/** * Register the bindings for the main JWTAuth class */ protected function registerJWTAuth() { $this->app['tymon.jwt.auth'] = $this->app->share(function ($app) { $auth = new JWTAuth($app['tymon.jwt.manager'], $app['tymon.jwt.provider.user'], $app['tymon.jwt.provider.auth'], $app['request']); return $auth->setIdentifier($this->config('identifier')); }); }
/** * Handle an incoming request. * * @param Request $request * @param Closure $next * @param string $action * @param string $resource * @return mixed */ public function handle(Request $request, Closure $next, $action, $resource = null) { $user = $this->jwtAuth->getUser(); $lock = $this->lock->makeCallerLockAware($user); if (!$user->can($action, $resource)) { throw new ForbiddenException(); } return $next($request); }
/** * Set permissions to be used in the controller. * * @param Request $request * @return void */ public function permissions(Request $request) { $this->lock->setRole(User::$userTypes); $user = $this->jwtAuth->user(); $owner = [User::class, 'userIsOwner', $user, last($request->segments())]; $this->lock->role(User::USER_TYPE_ADMIN)->permit(['readAll', 'readOne', 'update', 'delete']); $this->lock->role(User::USER_TYPE_GUEST)->permit(['readOne', 'update'], [$owner]); $this->middleware('permission:readAll', ['only' => 'getAllPaginated']); $this->middleware('permission:readOne', ['only' => 'getOne']); $this->middleware('permission:update', ['only' => 'patchOne']); $this->middleware('permission:delete', ['only' => 'deleteOne']); }
/** * Provide a requester with user information for single sign on. * * @param string $requester * @param Request $request * * @return Response */ public function singleSignOn($requester, Request $request) { // A single sign on request might have different requirements and // methods how to deal with a non logged in user. So we get the user // if possible, and if not we pass in a null user and let the the // requester class deal with it according to the requester's definitions if ($token = $request->cookie(self::JWT_AUTH_TOKEN_COOKIE)) { $user = $this->jwtAuth->toUser($token); } else { $user = null; } $requester = SingleSignOnFactory::create($requester, $request, $user); return $requester->getResponse(); }