예제 #1
0
 public static function POST($params, $method, $headers)
 {
     $validationModel = new \Phramework\Validate\ObjectValidator(['title' => new \Phramework\Validate\StringValidator(3, 32), 'content' => new \Phramework\Validate\StringValidator(3, 1024), 'category' => (new \Phramework\Validate\EnumValidator(['blog', 'release', 'test']))->setDefault('blog')], ['title', 'content']);
     $data = $validationModel->parse($params);
     //Do something with parsed data
     //$data->title
     //$data-content
     //$data->category
     //Return 202 Accepted HTTP status code, since we din't store the data
     \Phramework\Models\Response::accepted();
     /*
     //Uncomment to view the data object when debugging
     self::view([
         'data' => $data
     ]);
     */
 }
예제 #2
0
파일: JWT.php 프로젝트: phramework/jwt 
 /**
  * Authenticate a user using JWT authentication method
  * @param  array  $params  Request parameters
  * @param  string $method  Request method
  * @param  array  $headers  Request headers
  * @return false|array  Returns false on failure
  */
 public function authenticate($params, $method, $headers)
 {
     //Require email and password set in params
     $validationModel = new \Phramework\Validate\ObjectValidator(['email' => new \Phramework\Validate\EmailValidator(3, 100), 'password' => new \Phramework\Validate\StringValidator(3, 128, null, true)], ['email', 'password']);
     $parsed = $validationModel->parse($params);
     $email = $parsed->email;
     $password = $parsed->password;
     //Get user object
     $user = call_user_func(Manager::getUserGetByEmailMethod(), $email);
     if (!$user) {
         return false;
     }
     // Verify user's password (password is stored as hash)
     if (!password_verify($password, $user['password'])) {
         return false;
     }
     $secret = Phramework::getSetting('jwt', 'secret');
     $algorithm = Phramework::getSetting('jwt', 'algorithm');
     $serverName = Phramework::getSetting('jwt', 'server');
     $tokenId = base64_encode(\mcrypt_create_iv(32));
     $issuedAt = time();
     $notBefore = $issuedAt + Phramework::getSetting('jwt', 'nbf', 0);
     $expire = $notBefore + Phramework::getSetting('jwt', 'exp', 3600);
     /*
      * Create the token as an array
      */
     $data = ['iat' => $issuedAt, 'jti' => $tokenId, 'iss' => $serverName, 'nbf' => $notBefore, 'exp' => $expire, 'data' => ['id' => $user['id']]];
     //copy user attributes to jwt's data
     foreach (Manager::getAttributes() as $attribute) {
         if (!isset($user[$attribute])) {
             throw new \Phramework\Exceptions\ServerException(sprintf('Attribute "%s" is not set in user object', $attribute));
         }
         $data['data'][$attribute] = $user[$attribute];
     }
     $jwt = \Firebase\JWT\JWT::encode($data, $secret, $algorithm);
     //Call onAuthenticate callback if set
     if (($callback = Manager::getOnAuthenticateCallback()) !== null) {
         call_user_func($callback, (object) $data['data'], $jwt);
     }
     return [(object) $data['data'], $jwt];
 }