public function __construct()
{
$this->app_list_limit = env('APP_LIST_LIMIT', 50);
$token = JWTAuth::getToken();
if (!empty($token)) {
$user = JWTAuth::toUser($token);
$this->logged_user = User::find($user->id);
}
}
public function postShow()
{
if ($user = JWTAuth::toUser(JWTAuth::getToken())) {
return response()->json(compact('user'));
}
}
public function inValidateToken()
{
$tempStorage = app('\\App\\Http\\Controllers\\TEMPStorage\\UserTempStorage');
$tempStorage->forget('id_company');
//set model login
$user = JWTAuth::parseToken()->authenticate();
$this->model->find($user->id)->update(['login' => 0]);
JWTAuth::invalidate(JWTAuth::getToken());
return API::response()->array(['message' => 'success'])->statusCode(200);
}
protected function me()
{
if ($token = JWTAuth::getToken()) {
return JWTAuth::parseToken()->toUser();
}
return false;
}
/**
* Refresh Token
* Invalidate the token, so user cannot use it anymore
* and return a new token
*
* @param Request $request
*/
public function refreshToken()
{
try {
if (!($token = JWTAuth::getToken())) {
return response()->json(['error' => 'Token not provided'], 400);
}
} catch (Tymon\JWTAuth\Exceptions\TokenExpiredException $e) {
return response()->json(['token_expired'], $e->getStatusCode());
} catch (Tymon\JWTAuth\Exceptions\TokenInvalidException $e) {
return response()->json(['token_invalid'], $e->getStatusCode());
} catch (Tymon\JWTAuth\Exceptions\JWTException $e) {
return response()->json(['token_absent'], $e->getStatusCode());
}
/*
$token = JWTAuth::getToken();
if(!$token){
//throw new BadRequestHtttpException('Token not provided');
return response()->json(['error' => 'Token not provided'], 400);
}
*/
try {
$token = JWTAuth::refresh($token);
} catch (TokenInvalidException $e) {
//throw new AccessDeniedHttpException('The token is invalid');
return response()->json(['error' => 'The token is invalid'], 400);
}
return response()->json(compact('token'));
}
public function getState()
{
$token = JWTAuth::getToken();
$user = JWTAuth::toUser($token);
$unlocked = $user->devices()->unlocked();
$device_state = $unlocked->count() == 0 ? 1 : 0;
$data = ['state' => $device_state, 'username' => $user->first_name];
$this->putStats($user);
return Response::json($data);
}
/**
* @return mixed
*/
public function refreshToken()
{
$token = JWTAuth::getToken();
if (!$token) {
return $this->apiResponse(400, ['message' => TOKEN_NOT_PROVIDED]);
}
try {
$token = JWTAuth::refresh($token);
} catch (TokenInvalidException $e) {
return $this->apiResponse(401, ['message' => TOKEN_INVALID]);
}
return $this->apiResponse(200, ['message' => TOKEN_REFRESHED, 'token' => $token]);
}
public function refresh()
{
$oldtoken = JWTAuth::getToken();
try {
// attempt to refresh token for the user
if (!($token = JWTAuth::refresh($oldtoken))) {
return $this->response->array(['error' => 'invalid_token'], 401);
}
} catch (JWTException $e) {
return $this->response->array(['error' => 'could_not_refresh_token'], 500);
}
return $this->response->array(compact('token'));
}
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, \Closure $next, $isRest = "Rest")
{
Log::debug("CheckJWT.handle.begin");
$isAjax = $isRest == "Rest";
Log::warning("Rest call:" . $isAjax);
$jwt = DragoCookie::getCookie();
$token = null;
if ($jwt != null) {
$token = JWTAuth::setToken($jwt);
} else {
$token = JWTAuth::getToken();
}
if ($token == null) {
Log::warning("CheckJWT.handle.token invalid");
if ($isAjax) {
return response("token invalid", 401);
} else {
return redirect('login');
}
}
try {
$user = $token->authenticate();
Log::debug("CheckJWT.handle.user:"******"CheckJWT.handle.token expired");
if ($isAjax) {
return response("token expired", 401);
} else {
return redirect('login');
}
} catch (JWTException $e) {
Log::warning("CheckJWT.handle.token invalid");
if ($isAjax) {
return response("token invalid", 401);
} else {
return redirect('login');
}
}
if (!$user) {
Log::warning("CheckJWT.handle.user not found");
if ($isAjax) {
return response("token invalid", 401);
} else {
return redirect('login');
}
}
Log::debug("CheckJWT.handle.end");
return $next($request);
}
/**
* @param $request
* @param Closure $next
* @param $permission
*
* @return mixed
*/
public function handle($request, Closure $next, $permission)
{
$token = JWTAuth::getToken();
if (!$token) {
return Response::apiResponse(['httpCode' => 400, 'message' => 'Token não encontrado ou inválido.']);
}
try {
$user = $this->auth->authenticate($token);
} catch (TokenExpiredException $e) {
return Response::apiResponse(['httpCode' => 400, 'message' => 'O token de acesso expirou.']);
} catch (JWTException $e) {
return Response::apiResponse(['httpCode' => 400, 'message' => 'Token inválido.']);
}
if (!$user) {
return Response::apiResponse(['httpCode' => 404, 'message' => 'Usuário não encontrado.']);
}
if (!$user->hasRole(explode('|', $permission))) {
return Response::apiResponse(['httpCode' => 401, 'message' => 'Acesso não autorizado.']);
}
$this->events->fire('tymon.jwt.valid', $user);
return $next($request);
}
/**
* Get the token.
*
* @return false|Token
*/
public function getToken()
{
return JWTAuth::getToken();
}
/**
* to invalidate token
* @return [type] [description]
*/
protected function invalidateToken()
{
//logout if login withtout company
$this->tempStorage->forget('id_company');
\Tymon\JWTAuth\Facades\JWTAuth::invalidate(JWTAuth::getToken());
}
public function restricted()
{
$token = JWTAuth::getToken();
$user = JWTAuth::toUser($token);
return Response::json(['data' => ['email' => $user->email, 'registered_at' => $user->created_at->toDateTimeString()]]);
}
Route::get('/', function () {
return view('spa');
});
/**
* Registers a new user and returns a auth token
*/
Route::post('/signup', 'UserController@signup');
/**
* Signs in a user using JWT
*/
Route::post('/signin', 'UserController@signin');
/**
* Fetches a restricted resource from the same domain used for user authentication
*/
Route::get('/restricted', ['before' => 'jwt-auth', function () {
$token = JWTAuth::getToken();
$user = JWTAuth::toUser($token);
return Response::json(['data' => ['email' => $user->email, 'registered_at' => $user->created_at->toDateTimeString(), 'role' => $user->role]]);
}]);
/**
* Fetches a restricted resource from API subdomain using CORS
*/
Route::group(['domain' => '192.168.59.103', 'prefix' => 'api/v1', 'middleware' => 'jwt.auth'], function () {
Route::get('/restricted', function () {
try {
JWTAuth::parseToken()->toUser();
} catch (Exception $e) {
return Response::json(['error' => $e->getMessage()], HttpResponse::HTTP_UNAUTHORIZED);
}
return ['data' => 'This has come from a dedicated API subdomain with restricted access.'];
});
/**
* Log out user. Blacklist the token.
*
* @return \Illuminate\Http\Response
*/
public function logout()
{
JWTAuth::invalidate(JWTAuth::getToken());
return 'Good';
}
/**
* Create Session for FE
* @param Request $request
*/
public function createSession(Request $request)
{
$session = md5(time());
$create = $request->all();
$create['session'] = $session;
$token = JWTAuth::getToken();
if ($token) {
try {
$user = JWTAuth::authenticate($token);
if ($user != false) {
$create['user_id'] = $user->id;
}
} catch (\Exception $e) {
}
}
$data = $this->dataRepository->insert($create);
if ($data instanceof MessageBag) {
return response()->json($data)->setStatusCode(412, 'Invalid session create');
}
return response()->json(['session' => $session])->setStatusCode(200, 'Session created');
}
