示例#1
0
 public static function generate_jwt($user)
 {
     $issuedAt = time();
     $tokenId = base64_encode(Random::key(32));
     $serverName = Config::get('serverName');
     /*
      * Create the token as an array
      */
     $data = ['iat' => $issuedAt, 'jti' => $tokenId, 'iss' => $serverName, 'exp' => $issuedAt + 1800, 'data' => ['userId' => $user->id, 'userName' => $user->username]];
     /*
      * Extract the key, which is coming from the config file.
      *
      * Generated with base64_encode(openssl_random_pseudo_bytes(64));
      */
     $secretKey = base64_decode(Config::get('jwt')['key']);
     /*
      * Extract the algorithm from the config file too
      */
     $algorithm = Config::get('jwt')['algorithm'];
     /*
      * Encode the array to a JWT string.
      * Second parameter is the key to encode the token.
      *
      * The output string can be validated at http://jwt.io/
      */
     $jwt = JWT::encode($data, $secretKey, $algorithm);
     return $jwt;
 }
 function login($req, $res, $args)
 {
     if ($req->isPost()) {
         $form_username = Input::post('req_username');
         $form_password = Input::post('req_password');
         $save_pass = (bool) Input::post('save_pass');
         // If form was correctly filled
         if ($form_username && $form_password) {
             $user = AuthModel::get_user_from_name($form_username);
             // Compare user pass with form data
             $form_password_hash = Random::hash($form_password);
             // Will result in a SHA-1 hash
             if ($user->password == $form_password_hash) {
                 $expire = $save_pass ? time() + 1209600 : time() + 1800;
                 $jwt = AuthModel::generate_jwt($user);
                 AuthModel::feather_setcookie('Bearer ' . $jwt, $expire);
                 return Router::redirect(Router::pathFor('home'), 'Welcome ' . $user->username . '!');
             } else {
                 throw new \Exception('Wrong user/pass', 403);
             }
         } else {
             throw new \Exception("Username and password are required fields.", 1);
         }
     } elseif ($req->isGet()) {
         return View::setPageInfo(['title' => 'Login', 'active_nav' => 'login'])->addTemplate('login.php')->display();
     }
 }
ini_set('display_startup_errors', 1);
error_reporting(E_ALL);
if (PHP_SAPI == 'cli-server') {
    // To help the built-in PHP dev server, check if the request was actually for
    // something which should probably be served as a static file
    $file = __DIR__ . $_SERVER['REQUEST_URI'];
    if (is_file($file)) {
        return false;
    }
}
require __DIR__ . '/../vendor/autoload.php';
session_start();
// Instantiate the app
$settings = __DIR__ . '/../config/settings.php';
if (!is_file($settings)) {
    $defaults = (require __DIR__ . '/../config/settings.php.dist');
    $defaults['settings']['jwt']['key'] = base64_encode(Random::secure_random_bytes(64));
    file_put_contents($settings, '<?php' . "\n" . 'return ' . var_export($defaults, true) . ';');
}
$app = new \Slim\App(require $settings);
SlimStatic::boot($app);
// Allow static proxies to be called from anywhere in App
Statical::addNamespace('*', __NAMESPACE__ . '\\*');
// Set up dependencies
require __DIR__ . '/../src/dependencies.php';
// Register middleware
require __DIR__ . '/../src/middleware.php';
// Register routes
require __DIR__ . '/../src/routes.php';
// Run app
App::run();