Unverified Commit 14304d6d authored by Viral Solani's avatar Viral Solani Committed by GitHub

Merge pull request #373 from vidhyut-pandya/use_passport_for_api

Use passport for API
parents fc72d859 64153d45
......@@ -107,8 +107,9 @@ You can now access the server at http://localhost:8000
npm run development
php artisan storage:link
php artisan key:generate
php artisan jwt:secret
php artisan vendor:publish --tag=lfm_public
php artisan migrate
php artisan passport:install
## Please note
......
......@@ -90,11 +90,6 @@ class Handler extends ExceptionHandler
switch (get_class($exception->getPrevious())) {
case \App\Exceptions\Handler::class:
return $this->setStatusCode($exception->getStatusCode())->respondWithError('Token has not been provided.');
case \Tymon\JWTAuth\Exceptions\TokenExpiredException::class:
return $this->setStatusCode($exception->getStatusCode())->respondWithError('Token has expired.');
case \Tymon\JWTAuth\Exceptions\TokenInvalidException::class:
case \Tymon\JWTAuth\Exceptions\TokenBlacklistedException::class:
return $this->setStatusCode($exception->getStatusCode())->respondWithError('Token is invalid.');
}
}
}
......
......@@ -2,10 +2,8 @@
namespace App\Http\Controllers\Api\V1;
use App\Models\Access\User\User;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
use Tymon\JWTAuth\Exceptions\JWTException;
use Validator;
class AuthController extends APIController
......@@ -31,14 +29,26 @@ class AuthController extends APIController
$credentials = $request->only(['email', 'password']);
try {
if (!$token = auth('api')->attempt($credentials)) {
if (!Auth::attempt($credentials)) {
return $this->throwValidation(trans('api.messages.login.failed'));
}
} catch (JWTException $e) {
$user = $request->user();
$passportToken = $user->createToken('API Access Token');
// Save generated token
$passportToken->token->save();
$token = $passportToken->accessToken;
} catch (\Exception $e) {
return $this->respondInternalError($e->getMessage());
}
return $token;
return $this->respond([
'message' => trans('api.messages.login.success'),
'token' => $token,
]);
}
/**
......@@ -56,95 +66,16 @@ class AuthController extends APIController
*
* @return \Illuminate\Http\JsonResponse
*/
public function logout()
{
$this->guard()->logout();
return response()->json(['message' => 'Successfully logged out']);
}
/**
* Refresh a token.
*
* @return \Illuminate\Http\JsonResponse
*/
public function refresh()
public function logout(Request $request)
{
return $this->respondWithToken($this->guard()->refresh());
}
/**
* Get the token array structure.
*
* @param string $token
*
* @return \Illuminate\Http\JsonResponse
*/
protected function respondWithToken($token)
{
return $token;
try {
$request->user()->token()->revoke();
} catch (\Exception $e) {
return $this->respondInternalError($e->getMessage());
}
return response()->json([
'access_token' => $token,
// 'token_type' => 'bearer',
// 'expires_in' => $this->guard()->factory()->getTTL() * 60
return $this->respond([
'message' => trans('api.messages.logout.success'),
]);
}
/**
* Get the guard to be used during authentication.
*
* @return \Illuminate\Contracts\Auth\Guard
*/
public function guard()
{
return Auth::guard('api');
}
/*
* Log the user out (Invalidate the token).
*
* @return \Illuminate\Http\JsonResponse
*/
// public function logout()
// {
// try {
// $token = JWTAuth::getToken();
// if ($token) {
// JWTAuth::invalidate($token);
// }
// } catch (JWTException $e) {
// return $this->respondInternalError($e->getMessage());
// }
// return $this->respond([
// 'message' => trans('api.messages.logout.success'),
// ]);
// }
/*
* Refresh a token.
*
* @return \Illuminate\Http\JsonResponse
*/
// public function refresh()
// {
// $token = JWTAuth::getToken();
// if (!$token) {
// $this->respondUnauthorized(trans('api.messages.refresh.token.not_provided'));
// }
// try {
// $refreshedToken = JWTAuth::refresh($token);
// } catch (JWTException $e) {
// return $this->respondInternalError($e->getMessage());
// }
// return $this->respond([
// 'status' => trans('api.messages.refresh.status'),
// 'token' => $refreshedToken,
// ]);
// }
}
......@@ -2,11 +2,9 @@
namespace App\Http\Controllers\Api\V1;
use App\Models\User\User;
use App\Repositories\Frontend\Access\User\UserRepository;
use Config;
use Illuminate\Http\Request;
use JWTAuth;
use Validator;
class RegisterController extends APIController
......@@ -53,7 +51,12 @@ class RegisterController extends APIController
]);
}
$token = JWTAuth::fromUser($user);
$passportToken = $user->createToken('API Access Token');
// Save generated token
$passportToken->token->save();
$token = $passportToken->accessToken;
return $this->respondCreated([
'message' => trans('api.messages.registeration.success'),
......
......@@ -3,8 +3,6 @@
namespace App\Http;
use Illuminate\Foundation\Http\Kernel as HttpKernel;
use Tymon\JWTAuth\Middleware\GetUserFromToken;
use Tymon\JWTAuth\Middleware\RefreshToken;
/**
* Class Kernel.
......@@ -76,7 +74,5 @@ class Kernel extends HttpKernel
*/
'access.routeNeedsRole' => \App\Http\Middleware\RouteNeedsRole::class,
'access.routeNeedsPermission' => \App\Http\Middleware\RouteNeedsPermission::class,
'jwt.auth' => GetUserFromToken::class,
'jwt.refresh' => RefreshToken::class,
];
}
......@@ -10,12 +10,12 @@ use App\Models\Access\User\Traits\UserSendPasswordReset;
use Illuminate\Database\Eloquent\SoftDeletes;
use Illuminate\Foundation\Auth\User as Authenticatable;
use Illuminate\Notifications\Notifiable;
use Tymon\JWTAuth\Contracts\JWTSubject;
use Laravel\Passport\HasApiTokens;
/**
* Class User.
*/
class User extends Authenticatable implements JWTSubject
class User extends Authenticatable
{
use UserScope,
UserAccess,
......@@ -23,7 +23,8 @@ class User extends Authenticatable implements JWTSubject
SoftDeletes,
UserAttribute,
UserRelationship,
UserSendPasswordReset;
UserSendPasswordReset,
HasApiTokens;
/**
* The database table used by the model.
*
......
......@@ -3,6 +3,7 @@
namespace App\Providers;
use Illuminate\Foundation\Support\Providers\AuthServiceProvider as ServiceProvider;
use Laravel\Passport\Passport;
/**
* Class AuthServiceProvider.
......@@ -27,6 +28,6 @@ class AuthServiceProvider extends ServiceProvider
{
$this->registerPolicies();
//
Passport::routes();
}
}
......@@ -4,7 +4,7 @@
"Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies",
"This file is @generated automatically"
],
"content-hash": "5790ba5301540200afd2ead5034f9abd",
"content-hash": "b2f835cf011dc8af309c188b038503c0",
"packages": [
{
"name": "arcanedev/log-viewer",
......@@ -306,6 +306,69 @@
],
"time": "2019-02-27T13:09:37+00:00"
},
{
"name": "defuse/php-encryption",
"version": "v2.2.1",
"source": {
"type": "git",
"url": "https://github.com/defuse/php-encryption.git",
"reference": "0f407c43b953d571421e0020ba92082ed5fb7620"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/defuse/php-encryption/zipball/0f407c43b953d571421e0020ba92082ed5fb7620",
"reference": "0f407c43b953d571421e0020ba92082ed5fb7620",
"shasum": ""
},
"require": {
"ext-openssl": "*",
"paragonie/random_compat": ">= 2",
"php": ">=5.4.0"
},
"require-dev": {
"nikic/php-parser": "^2.0|^3.0|^4.0",
"phpunit/phpunit": "^4|^5"
},
"bin": [
"bin/generate-defuse-key"
],
"type": "library",
"autoload": {
"psr-4": {
"Defuse\\Crypto\\": "src"
}
},
"notification-url": "https://packagist.org/downloads/",
"license": [
"MIT"
],
"authors": [
{
"name": "Taylor Hornby",
"email": "taylor@defuse.ca",
"homepage": "https://defuse.ca/"
},
{
"name": "Scott Arciszewski",
"email": "info@paragonie.com",
"homepage": "https://paragonie.com"
}
],
"description": "Secure PHP Encryption Library",
"keywords": [
"aes",
"authenticated encryption",
"cipher",
"crypto",
"cryptography",
"encrypt",
"encryption",
"openssl",
"security",
"symmetric key cryptography"
],
"time": "2018-07-24T23:27:56+00:00"
},
{
"name": "dnoegel/php-xdg-base-dir",
"version": "0.1",
......@@ -897,6 +960,52 @@
],
"time": "2019-01-10T14:06:47+00:00"
},
{
"name": "firebase/php-jwt",
"version": "v5.0.0",
"source": {
"type": "git",
"url": "https://github.com/firebase/php-jwt.git",
"reference": "9984a4d3a32ae7673d6971ea00bae9d0a1abba0e"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/firebase/php-jwt/zipball/9984a4d3a32ae7673d6971ea00bae9d0a1abba0e",
"reference": "9984a4d3a32ae7673d6971ea00bae9d0a1abba0e",
"shasum": ""
},
"require": {
"php": ">=5.3.0"
},
"require-dev": {
"phpunit/phpunit": " 4.8.35"
},
"type": "library",
"autoload": {
"psr-4": {
"Firebase\\JWT\\": "src"
}
},
"notification-url": "https://packagist.org/downloads/",
"license": [
"BSD-3-Clause"
],
"authors": [
{
"name": "Neuman Vong",
"email": "neuman+pear@twilio.com",
"role": "Developer"
},
{
"name": "Anant Narayanan",
"email": "anant@php.net",
"role": "Developer"
}
],
"description": "A simple library to encode and decode JSON Web Tokens (JWT) in PHP. Should conform to the current spec.",
"homepage": "https://github.com/firebase/php-jwt",
"time": "2017-06-27T22:17:23+00:00"
},
{
"name": "guzzlehttp/guzzle",
"version": "6.3.3",
......@@ -1448,6 +1557,76 @@
],
"time": "2019-03-12T13:33:14+00:00"
},
{
"name": "laravel/passport",
"version": "v7.2.1",
"source": {
"type": "git",
"url": "https://github.com/laravel/passport.git",
"reference": "bd8ae09775778f96b6642d87e2f579fea5bf92b5"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/laravel/passport/zipball/bd8ae09775778f96b6642d87e2f579fea5bf92b5",
"reference": "bd8ae09775778f96b6642d87e2f579fea5bf92b5",
"shasum": ""
},
"require": {
"ext-json": "*",
"firebase/php-jwt": "~3.0|~4.0|~5.0",
"guzzlehttp/guzzle": "~6.0",
"illuminate/auth": "~5.6.0|~5.7.0|~5.8.0|~5.9.0",
"illuminate/console": "~5.6.0|~5.7.0|~5.8.0|~5.9.0",
"illuminate/container": "~5.6.0|~5.7.0|~5.8.0|~5.9.0",
"illuminate/contracts": "~5.6.0|~5.7.0|~5.8.0|~5.9.0",
"illuminate/database": "~5.6.0|~5.7.0|~5.8.0|~5.9.0",
"illuminate/encryption": "~5.6.0|~5.7.0|~5.8.0|~5.9.0",
"illuminate/http": "~5.6.0|~5.7.0|~5.8.0|~5.9.0",
"illuminate/support": "~5.6.0|~5.7.0|~5.8.0|~5.9.0",
"league/oauth2-server": "^7.0",
"php": ">=7.1",
"phpseclib/phpseclib": "^2.0",
"symfony/psr-http-message-bridge": "~1.0",
"zendframework/zend-diactoros": "~1.0"
},
"require-dev": {
"mockery/mockery": "~1.0",
"phpunit/phpunit": "~7.4"
},
"type": "library",
"extra": {
"branch-alias": {
"dev-master": "7.0-dev"
},
"laravel": {
"providers": [
"Laravel\\Passport\\PassportServiceProvider"
]
}
},
"autoload": {
"psr-4": {
"Laravel\\Passport\\": "src/"
}
},
"notification-url": "https://packagist.org/downloads/",
"license": [
"MIT"
],
"authors": [
{
"name": "Taylor Otwell",
"email": "taylor@laravel.com"
}
],
"description": "Laravel Passport provides OAuth2 server support to Laravel.",
"keywords": [
"laravel",
"oauth",
"passport"
],
"time": "2019-03-12T11:42:07+00:00"
},
{
"name": "laravel/socialite",
"version": "v3.3.0",
......@@ -1700,6 +1879,56 @@
],
"time": "2018-11-11T12:22:26+00:00"
},
{
"name": "league/event",
"version": "2.2.0",
"source": {
"type": "git",
"url": "https://github.com/thephpleague/event.git",
"reference": "d2cc124cf9a3fab2bb4ff963307f60361ce4d119"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/thephpleague/event/zipball/d2cc124cf9a3fab2bb4ff963307f60361ce4d119",
"reference": "d2cc124cf9a3fab2bb4ff963307f60361ce4d119",
"shasum": ""
},
"require": {
"php": ">=5.4.0"
},
"require-dev": {
"henrikbjorn/phpspec-code-coverage": "~1.0.1",
"phpspec/phpspec": "^2.2"
},
"type": "library",
"extra": {
"branch-alias": {
"dev-master": "2.2-dev"
}
},
"autoload": {
"psr-4": {
"League\\Event\\": "src/"
}
},
"notification-url": "https://packagist.org/downloads/",
"license": [
"MIT"
],
"authors": [
{
"name": "Frank de Jonge",
"email": "info@frenky.net"
}
],
"description": "Event package",
"keywords": [
"emitter",
"event",
"listener"
],
"time": "2018-11-26T11:52:41+00:00"
},
{
"name": "league/flysystem",
"version": "1.0.50",
......@@ -1847,6 +2076,83 @@
],
"time": "2016-08-17T00:36:58+00:00"
},
{
"name": "league/oauth2-server",
"version": "7.3.2",
"source": {
"type": "git",
"url": "https://github.com/thephpleague/oauth2-server.git",
"reference": "b71f382cd76e3f6905dfc53ef8148b3eebe1fd41"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/thephpleague/oauth2-server/zipball/b71f382cd76e3f6905dfc53ef8148b3eebe1fd41",
"reference": "b71f382cd76e3f6905dfc53ef8148b3eebe1fd41",
"shasum": ""
},
"require": {
"defuse/php-encryption": "^2.1",
"ext-openssl": "*",
"lcobucci/jwt": "^3.2.2",
"league/event": "^2.1",
"php": ">=7.0.0",
"psr/http-message": "^1.0.1"
},
"replace": {
"league/oauth2server": "*",
"lncd/oauth2": "*"
},
"require-dev": {
"phpstan/phpstan": "^0.9.2",
"phpstan/phpstan-phpunit": "^0.9.4",
"phpstan/phpstan-strict-rules": "^0.9.0",
"phpunit/phpunit": "^6.3 || ^7.0",
"roave/security-advisories": "dev-master",
"zendframework/zend-diactoros": "^1.3.2"
},
"type": "library",
"autoload": {
"psr-4": {
"League\\OAuth2\\Server\\": "src/"
}
},
"notification-url": "https://packagist.org/downloads/",
"license": [
"MIT"
],
"authors": [
{
"name": "Alex Bilbie",
"email": "hello@alexbilbie.com",
"homepage": "http://www.alexbilbie.com",
"role": "Developer"
},
{
"name": "Andy Millington",
"email": "andrew@noexceptions.io",
"homepage": "https://www.noexceptions.io",
"role": "Developer"
}
],
"description": "A lightweight and powerful OAuth 2.0 authorization and resource server library with support for all the core specification grants. This library will allow you to secure your API with OAuth and allow your applications users to approve apps that want to access their data from your API.",
"homepage": "https://oauth2.thephpleague.com/",
"keywords": [
"Authentication",
"api",
"auth",
"authorisation",
"authorization",
"oauth",
"oauth 2",
"oauth 2.0",
"oauth2",
"protect",
"resource",
"secure",
"server"
],
"time": "2018-11-21T21:42:43+00:00"
},
{
"name": "monolog/monolog",
"version": "1.24.0",
......@@ -1927,28 +2233,30 @@
},
{
"name": "nesbot/carbon",
"version": "1.36.2",
"version": "2.16.0",
"source": {
"type": "git",
"url": "https://github.com/briannesbitt/Carbon.git",
"reference": "cd324b98bc30290f233dd0e75e6ce49f7ab2a6c9"
"reference": "dd16fedc022180ea4292a03aabe95e9895677911"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/briannesbitt/Carbon/zipball/cd324b98bc30290f233dd0e75e6ce49f7ab2a6c9",
"reference": "cd324b98bc30290f233dd0e75e6ce49f7ab2a6c9",
"url": "https://api.github.com/repos/briannesbitt/Carbon/zipball/dd16fedc022180ea4292a03aabe95e9895677911",
"reference": "dd16fedc022180ea4292a03aabe95e9895677911",
"shasum": ""
},
"require": {
"php": ">=5.3.9",
"symfony/translation": "~2.6 || ~3.0 || ~4.0"
"ext-json": "*",
"php": "^7.1.8 || ^8.0",
"symfony/translation": "^3.4 || ^4.0"
},
"require-dev": {
"phpunit/phpunit": "^4.8.35 || ^5.7"
},
"suggest": {
"friendsofphp/php-cs-fixer": "Needed for the `composer phpcs` command. Allow to automatically fix code style.",
"phpstan/phpstan": "Needed for the `composer phpstan` command. Allow to detect potential errors."
"friendsofphp/php-cs-fixer": "^2.14 || ^3.0",
"kylekatarnls/multi-tester": "^0.1",
"phpmd/phpmd": "^2.6",
"phpstan/phpstan": "^0.10.8",
"phpunit/phpunit": "^7.5 || ^8.0",
"squizlabs/php_codesniffer": "^3.4"
},
"type": "library",
"extra": {
......@@ -1960,7 +2268,7 @@
},
"autoload": {
"psr-4": {
"": "src/"
"Carbon\\": "src/Carbon/"
}
},
"notification-url": "https://packagist.org/downloads/",
......@@ -1981,7 +2289,7 @@
"datetime",
"time"
],
"time": "2018-12-28T10:07:33+00:00"
"time": "2019-03-12T09:31:40+00:00"
},
{
"name": "nikic/php-parser",
......@@ -2190,6 +2498,98 @@
],
"time": "2015-07-25T16:39:46+00:00"
},
{
"name": "phpseclib/phpseclib",
"version": "2.0.15",
"source": {
"type": "git",
"url": "https://github.com/phpseclib/phpseclib.git",
"reference": "11cf67cf78dc4acb18dc9149a57be4aee5036ce0"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/phpseclib/phpseclib/zipball/11cf67cf78dc4acb18dc9149a57be4aee5036ce0",
"reference": "11cf67cf78dc4acb18dc9149a57be4aee5036ce0",
"shasum": ""
},
"require": {
"php": ">=5.3.3"
},
"require-dev": {
"phing/phing": "~2.7",
"phpunit/phpunit": "^4.8.35|^5.7|^6.0",
"sami/sami": "~2.0",
"squizlabs/php_codesniffer": "~2.0"
},
"suggest": {
"ext-gmp": "Install the GMP (GNU Multiple Precision) extension in order to speed up arbitrary precision integer arithmetic operations.",
"ext-libsodium": "SSH2/SFTP can make use of some algorithms provided by the libsodium-php extension.",
"ext-mcrypt": "Install the Mcrypt extension in order to speed up a few other cryptographic operations.",
"ext-openssl": "Install the OpenSSL extension in order to speed up a wide variety of cryptographic operations."
},
"type": "library",
"autoload": {
"files": [
"phpseclib/bootstrap.php"
],
"psr-4": {
"phpseclib\\": "phpseclib/"
}
},
"notification-url": "https://packagist.org/downloads/",
"license": [
"MIT"
],
"authors": [
{
"name": "Jim Wigginton",
"email": "terrafrost@php.net",
"role": "Lead Developer"
},
{
"name": "Patrick Monnerat",
"email": "pm@datasphere.ch",
"role": "Developer"
},
{
"name": "Andreas Fischer",
"email": "bantu@phpbb.com",
"role": "Developer"
},
{
"name": "Hans-Jürgen Petrich",
"email": "petrich@tronic-media.com",
"role": "Developer"
},
{
"name": "Graham Campbell",
"email": "graham@alt-three.com",
"role": "Developer"
}
],
"description": "PHP Secure Communications Library - Pure-PHP implementations of RSA, AES, SSH2, SFTP, X.509 etc.",
"homepage": "http://phpseclib.sourceforge.net",
"keywords": [
"BigInteger",
"aes",
"asn.1",
"asn1",
"blowfish",
"crypto",
"cryptography",
"encryption",
"rsa",
"security",
"sftp",
"signature",
"signing",
"ssh",
"twofish",
"x.509",
"x509"
],
"time": "2019-03-10T16:53:45+00:00"
},
{
"name": "psr/container",
"version": "1.0.0",
......@@ -3548,6 +3948,71 @@
"homepage": "https://symfony.com",
"time": "2019-01-24T22:05:03+00:00"
},
{
"name": "symfony/psr-http-message-bridge",
"version": "v1.2.0",
"source": {
"type": "git",
"url": "https://github.com/symfony/psr-http-message-bridge.git",
"reference": "9ab9d71f97d5c7d35a121a7fb69f74fee95cd0ad"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/symfony/psr-http-message-bridge/zipball/9ab9d71f97d5c7d35a121a7fb69f74fee95cd0ad",
"reference": "9ab9d71f97d5c7d35a121a7fb69f74fee95cd0ad",
"shasum": ""
},
"require": {
"php": "^7.1",
"psr/http-message": "^1.0",
"symfony/http-foundation": "^3.4 || ^4.0"
},
"require-dev": {
"nyholm/psr7": "^1.1",
"symfony/phpunit-bridge": "^3.4.20 || ^4.0",
"zendframework/zend-diactoros": "^1.4.1 || ^2.0"
},
"suggest": {
"nyholm/psr7": "For a super lightweight PSR-7/17 implementation"
},
"type": "symfony-bridge",
"extra": {
"branch-alias": {
"dev-master": "1.2-dev"
}
},
"autoload": {
"psr-4": {
"Symfony\\Bridge\\PsrHttpMessage\\": ""
},
"exclude-from-classmap": [
"/Tests/"
]
},
"notification-url": "https://packagist.org/downloads/",
"license": [
"MIT"
],
"authors": [
{
"name": "Symfony Community",
"homepage": "http://symfony.com/contributors"
},
{
"name": "Fabien Potencier",
"email": "fabien@symfony.com"
}
],
"description": "PSR HTTP message bridge",
"homepage": "http://symfony.com",
"keywords": [
"http",
"http-message",
"psr-17",
"psr-7"
],
"time": "2019-03-11T18:22:33+00:00"
},
{
"name": "symfony/routing",
"version": "v4.2.4",
......@@ -3821,83 +4286,6 @@
"homepage": "https://github.com/tijsverkoyen/CssToInlineStyles",
"time": "2017-11-27T11:13:29+00:00"
},
{
"name": "tymon/jwt-auth",
"version": "2.0.x-dev",
"source": {
"type": "git",
"url": "https://github.com/tymondesigns/jwt-auth.git",
"reference": "45c5178b08523fbede2fa513f78395b1d3d7487d"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/tymondesigns/jwt-auth/zipball/45c5178b08523fbede2fa513f78395b1d3d7487d",
"reference": "45c5178b08523fbede2fa513f78395b1d3d7487d",
"shasum": ""
},
"require": {
"illuminate/contracts": "^5.4",
"illuminate/http": "^5.4",
"illuminate/support": "^5.4",
"lcobucci/jwt": "^3.2",
"nesbot/carbon": "^1.26",
"php": "^7.1"
},
"require-dev": {
"illuminate/auth": "^5.4",
"illuminate/console": "^5.4",
"illuminate/database": "^5.4",
"illuminate/routing": "^5.4",
"mockery/mockery": "^1.0",
"phpstan/phpstan": "^0.11.1",
"phpunit/phpunit": "^6.4"
},
"type": "library",
"extra": {
"branch-alias": {
"2.0": "2.0-dev"
},
"laravel": {
"aliases": {
"JWTManager": "Tymon\\JWTAuth\\Facades\\JWTManager",
"JWTProvider": "Tymon\\JWTAuth\\Facades\\JWTProvider"
},
"providers": [
"Tymon\\JWTAuth\\Providers\\LaravelServiceProvider"
]
}
},
"autoload": {
"files": [
"src/Support/helpers.php"
],
"psr-4": {
"Tymon\\JWTAuth\\": "src/"
}
},
"notification-url": "https://packagist.org/downloads/",
"license": [
"MIT"
],
"authors": [
{
"name": "Sean Tymon",
"email": "tymon148@gmail.com",
"homepage": "https://tymon.xyz",
"role": "Developer"
}
],
"description": "JSON Web Token Authentication for Laravel and Lumen",
"homepage": "https://github.com/tymondesigns/jwt-auth",
"keywords": [
"Authentication",
"JSON Web Token",
"auth",
"jwt",
"laravel"
],
"time": "2019-02-12T20:58:49+00:00"
},
{
"name": "unisharp/laravel-filemanager",
"version": "v1.9.2",
......@@ -4094,6 +4482,70 @@
"laravel"
],
"time": "2019-02-27T03:04:53+00:00"
},
{
"name": "zendframework/zend-diactoros",
"version": "1.8.6",
"source": {
"type": "git",
"url": "https://github.com/zendframework/zend-diactoros.git",
"reference": "20da13beba0dde8fb648be3cc19765732790f46e"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/zendframework/zend-diactoros/zipball/20da13beba0dde8fb648be3cc19765732790f46e",
"reference": "20da13beba0dde8fb648be3cc19765732790f46e",
"shasum": ""
},
"require": {
"php": "^5.6 || ^7.0",
"psr/http-message": "^1.0"
},
"provide": {
"psr/http-message-implementation": "1.0"
},
"require-dev": {
"ext-dom": "*",
"ext-libxml": "*",
"php-http/psr7-integration-tests": "dev-master",
"phpunit/phpunit": "^5.7.16 || ^6.0.8 || ^7.2.7",
"zendframework/zend-coding-standard": "~1.0"
},
"type": "library",
"extra": {
"branch-alias": {
"dev-master": "1.8.x-dev",
"dev-develop": "1.9.x-dev",
"dev-release-2.0": "2.0.x-dev"
}
},
"autoload": {
"files": [
"src/functions/create_uploaded_file.php",
"src/functions/marshal_headers_from_sapi.php",
"src/functions/marshal_method_from_sapi.php",
"src/functions/marshal_protocol_version_from_sapi.php",
"src/functions/marshal_uri_from_sapi.php",
"src/functions/normalize_server.php",
"src/functions/normalize_uploaded_files.php",
"src/functions/parse_cookie_header.php"
],
"psr-4": {
"Zend\\Diactoros\\": "src/"
}
},
"notification-url": "https://packagist.org/downloads/",
"license": [
"BSD-2-Clause"
],
"description": "PSR HTTP Message implementations",
"homepage": "https://github.com/zendframework/zend-diactoros",
"keywords": [
"http",
"psr",
"psr-7"
],
"time": "2018-09-05T19:29:37+00:00"
}
],
"packages-dev": [
......@@ -7229,9 +7681,7 @@
],
"aliases": [],
"minimum-stability": "stable",
"stability-flags": {
"tymon/jwt-auth": 20
},
"stability-flags": [],
"prefer-stable": false,
"prefer-lowest": false,
"platform": {
......
......@@ -198,8 +198,8 @@ return [
App\Providers\TelescopeServiceProvider::class,
App\Providers\HistoryServiceProvider::class,
App\Providers\RouteServiceProvider::class,
Tymon\JWTAuth\Providers\LaravelServiceProvider::class,
Bvipul\Generator\Provider\CrudGeneratorServiceProvider::class,
Laravel\Passport\PassportServiceProvider::class,
],
/*
......@@ -258,7 +258,6 @@ return [
'Gravatar' => Creativeorange\Gravatar\Facades\Gravatar::class,
'Html' => Collective\Html\HtmlFacade::class,
'Socialite' => Laravel\Socialite\Facades\Socialite::class,
'JWTAuth' => Tymon\JWTAuth\Facades\JWTAuth::class,
//'Datatables' => Yajra\DataTables\Facades\DataTables::class
],
];
......@@ -44,7 +44,7 @@ return [
],
'api' => [
'driver' => 'jwt',
'driver' => 'passport',
'provider' => 'users',
],
],
......
<?php
/*
* This file is part of jwt-auth.
*
* (c) Sean Tymon <tymon148@gmail.com>
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*/
use Tymon\JWTAuth\Claims;
return [
/*
|--------------------------------------------------------------------------
| JWT Authentication Secret
|--------------------------------------------------------------------------
|
| Don't forget to set this in your .env file, as it will be used to sign
| your tokens. A helper command is provided for this:
| `php artisan jwt:secret`
|
| Note: This will be used for Symmetric algorithms only (HMAC),
| since RSA and ECDSA use a private/public key combo (See below).
|
*/
'secret' => env('JWT_SECRET'),
/*
|--------------------------------------------------------------------------
| JWT Authentication Keys
|--------------------------------------------------------------------------
|
| The algorithm you are using, will determine whether your tokens are
| signed with a random string (defined in `JWT_SECRET`) or using the
| following public & private keys.
|
| Symmetric Algorithms:
| HS256, HS384 & HS512 will use `JWT_SECRET`.
|
| Asymmetric Algorithms:
| RS256, RS384 & RS512 / ES256, ES384 & ES512 will use the keys below.
|
*/
'keys' => [
/*
|--------------------------------------------------------------------------
| Public Key
|--------------------------------------------------------------------------
|
| A path or resource to your public key.
|
| E.g. 'file://path/to/public/key'
|
*/
'public' => env('JWT_PUBLIC_KEY'),
/*
|--------------------------------------------------------------------------
| Private Key
|--------------------------------------------------------------------------
|
| A path or resource to your private key.
|
| E.g. 'file://path/to/private/key'
|
*/
'private' => env('JWT_PRIVATE_KEY'),
/*
|--------------------------------------------------------------------------
| Passphrase
|--------------------------------------------------------------------------
|
| The passphrase for your private key. Can be null if none set.
|
*/
'passphrase' => env('JWT_PASSPHRASE'),
],
/*
|--------------------------------------------------------------------------
| JWT time to live
|--------------------------------------------------------------------------
|
| Specify the length of time (in minutes) that the token will be valid for.
| Defaults to 30 minutes.
|
| You can also set this to null, to yield a never expiring token.
| Some people may want this behaviour for e.g. a mobile app.
| This is not particularly recommended, so make sure you have appropriate
| systems in place to revoke the token if necessary.
|
*/
'ttl' => env('JWT_TTL', 30),
/*
|--------------------------------------------------------------------------
| Max refresh period
|--------------------------------------------------------------------------
|
| Specify the length of time (in minutes) that the token will be
| refreshable for.
|
| Defaults to null, which will allow tokens to be refreshable forever.
|
*/
'max_refresh_period' => env('JWT_MAX_REFRESH_PERIOD'),
/*
|--------------------------------------------------------------------------
| JWT hashing algorithm
|--------------------------------------------------------------------------
|
| Specify the hashing algorithm that will be used to sign the token.
|
| Possible values:
|
| 'HS256', 'HS384', 'HS512',
| 'RS256', 'RS384', 'RS512',
| 'ES256', 'ES384', 'ES512'
|
*/
'algo' => env('JWT_ALGO', 'HS256'),
/*
|--------------------------------------------------------------------------
| Required Claims
|--------------------------------------------------------------------------
|
| Specify the required claims that must exist in any token.
| A TokenInvalidException will be thrown if any of these claims are not
| present in the payload.
|
*/
'required_claims' => [
Claims\Issuer::NAME,
Claims\IssuedAt::NAME,
Claims\Expiration::NAME,
Claims\Subject::NAME,
Claims\JwtId::NAME,
],
/*
|--------------------------------------------------------------------------
| Lock Subject
|--------------------------------------------------------------------------
|
| This will determine whether a `prv` claim is automatically added to
| the token. The purpose of this is to ensure that if you have multiple
| authentication models e.g. `App\User` & `App\OtherPerson`, then we
| should prevent one authentication request from impersonating another,
| if 2 tokens happen to have the same id across the 2 different models.
|
| Under specific circumstances, you may want to disable this behaviour
| e.g. if you only have one authentication model, then you would save
| a little on token size.
|
*/
'lock_subject' => true,
/*
|--------------------------------------------------------------------------
| Leeway
|--------------------------------------------------------------------------
|
| This property gives the jwt timestamp claims some "leeway".
| Meaning that if you have any unavoidable slight clock skew on
| any of your servers then this will afford you some level of cushioning.
|
| This applies to the claims `iat`, `nbf` and `exp`.
|
| Specify in seconds - only if you know you need it.
|
*/
'leeway' => env('JWT_LEEWAY', 0),
/*
|--------------------------------------------------------------------------
| Blacklist Enabled
|--------------------------------------------------------------------------
|
| In order to invalidate tokens, you must have the blacklist enabled.
| If you do not want or need this functionality, then set this to false.
|
*/
'blacklist_enabled' => env('JWT_BLACKLIST_ENABLED', true),
/*
| -------------------------------------------------------------------------
| Blacklist Grace Period
| -------------------------------------------------------------------------
|
| When multiple concurrent requests are made with the same JWT,
| it is possible that some of them fail, due to token regeneration
| on every request.
|
| Set grace period in seconds to prevent parallel request failure.
|
*/
'blacklist_grace_period' => env('JWT_BLACKLIST_GRACE_PERIOD', 0),
/*
|--------------------------------------------------------------------------
| Cookies encryption
|--------------------------------------------------------------------------
|
| By default Laravel encrypt cookies for security reason.
| If you decide to not decrypt cookies, you will have to configure Laravel
| to not encrypt your cookie token by adding its name into the $except
| array available in the middleware "EncryptCookies" provided by Laravel.
| see https://laravel.com/docs/master/responses#cookies-and-encryption
| for details.
|
| Set it to true if you want to decrypt cookies.
|
*/
'decrypt_cookies' => false,
/*
|--------------------------------------------------------------------------
| Providers
|--------------------------------------------------------------------------
|
| Specify the various providers used throughout the package.
|
*/
'providers' => [
/*
|--------------------------------------------------------------------------
| JWT Provider
|--------------------------------------------------------------------------
|
| Specify the provider that is used to create and decode the tokens.
|
*/
'jwt' => Tymon\JWTAuth\Providers\JWT\Lcobucci::class,
/*
|--------------------------------------------------------------------------
| Storage Provider
|--------------------------------------------------------------------------
|
| Specify the provider that is used to store tokens in the blacklist.
|
*/
'storage' => Tymon\JWTAuth\Providers\Storage\Illuminate::class,
],
];
......@@ -97,7 +97,7 @@ RUN chown -R 777 /var/www/html/
RUN composer install
RUN php artisan vendor:publish --provider="Tymon\JWTAuth\Providers\LaravelServiceProvider"
#RUN php artisan vendor:publish --provider="Tymon\JWTAuth\Providers\LaravelServiceProvider"
......
......@@ -18,7 +18,7 @@ Route::group(['namespace' => 'Api\V1', 'prefix' => 'v1', 'as' => 'v1.'], functio
Route::post('login', 'AuthController@login');
});
Route::group(['middleware' => ['jwt.auth']], function () {
Route::group(['middleware' => ['auth:api']], function () {
Route::group(['prefix' => 'auth'], function () {
Route::post('logout', 'AuthController@logout');
Route::post('refresh', 'AuthController@refresh');
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment