3 files changed, 107 insertions, 2 deletions
diff --git a/src/CamilStaps/BotleaguesApi/TokenAuthenticationProvider.php b/src/CamilStaps/BotleaguesApi/TokenAuthenticationProvider.php
new file mode 100644
index 0000000..f3dad6e
--- /dev/null
+++ b/src/CamilStaps/BotleaguesApi/TokenAuthenticationProvider.php
@@ -0,0 +1,50 @@
+<?php
+/**
+ * Created by PhpStorm.
+ * User: camilstaps
+ * Date: 12-5-15
+ * Time: 14:41
+ */
+
+namespace CamilStaps\BotleaguesApi;
+
+use Dingo\Api\Auth\ProviderInterface;
+use Dingo\Api\Routing\Route;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Auth;
+use Symfony\Component\HttpKernel\Exception\UnauthorizedHttpException;
+
+class TokenAuthenticationProvider implements ProviderInterface {
+
+    /**
+     * Authenticate the request and return the authenticated user instance.
+     *
+     * @param \Illuminate\Http\Request $request
+     * @param \Dingo\Api\Routing\Route $route
+     *
+     * @return mixed
+     */
+    public function authenticate(Request $request, Route $route) {
+        if (!$request->has(['user_id', 'token'])) {
+            throw new UnauthorizedHttpException(null, "Include user_id and token in your request.");
+        }
+
+        $user = User::find($request->get('user_id'));
+        if ($user != null && $user->validToken($request->get('token'))) {
+            Auth::login($user);
+            return Auth::user();
+        }
+
+        throw new UnauthorizedHttpException(null, "Invalid credentials");
+    }
+
+    /**
+     * Get the providers authorization method.
+     *
+     * @return string
+     */
+    public function getAuthorizationMethod()
+    {
+        return 'token';
+    }
+}
+\ No newline at end of file
diff --git a/src/CamilStaps/BotleaguesApi/User.php b/src/CamilStaps/BotleaguesApi/User.php
index 161d285..39b42dc 100644
--- a/src/CamilStaps/BotleaguesApi/User.php
+++ b/src/CamilStaps/BotleaguesApi/User.php
@@ -1,9 +1,10 @@
 <?php
 namespace CamilStaps\BotleaguesApi;
 
+use Illuminate\Auth\UserInterface;
 use Illuminate\Database\Eloquent\Model;
 
-class User extends Model {
+class User extends Model implements UserInterface {
 	
     protected $table = 'users';
 	protected $hidden = ['password', 'remember_token', 'api_key'];
@@ -13,4 +14,53 @@ class User extends Model {
         return (bool) $this->isAdministrator;
     }
 
+    public function validToken($token) {
+        return UserToken::where('userId', $this->id)->where('token', $token)->where('valid_till', '>', date("Y-m-d H:i:s"))->count() > 0;
+    }
+
+    /**
+     * Get the unique identifier for the user.
+     *
+     * @return mixed
+     */
+    public function getAuthIdentifier() {
+        return $this->email;
+    }
+
+    /**
+     * Get the password for the user.
+     *
+     * @return string
+     */
+    public function getAuthPassword() {
+        return null;
+    }
+
+    /**
+     * Get the token value for the "remember me" session.
+     *
+     * @return string
+     */
+    public function getRememberToken() {
+        return null;
+    }
+
+    /**
+     * Set the token value for the "remember me" session.
+     *
+     * @param  string $value
+     * @return void
+     */
+    public function setRememberToken($value) {
+        return null;
+    }
+
+    /**
+     * Get the column name for the "remember me" token.
+     *
+     * @return string
+     */
+    public function getRememberTokenName() {
+        return null;
+    }
 }
 \ No newline at end of file
diff --git a/src/routes.php b/src/routes.php
index 4935f7c..d44ac20 100644
--- a/src/routes.php
+++ b/src/routes.php
@@ -25,6 +25,11 @@ Route::group(array('https'), function() {
     });
 
     Route::api(['version' => 'v1', 'protected' => true, 'providers' => 'basic'], function () {
+        Route::resource('user_token', 'CamilStaps\BotleaguesApi\UserTokenController',
+            ['only' => ['store']]);
+    });
+
+    Route::api(['version' => 'v1', 'protected' => true, 'providers' => 'token'], function () {
         
         Route::resource('bot', 'CamilStaps\BotleaguesApi\BotController',
             ['except' => ['index', 'show', 'create','edit']]);
@@ -33,7 +38,7 @@ Route::group(array('https'), function() {
             ['except' => ['index', 'show', 'create','edit','store']]);
         
         Route::resource('user_token', 'CamilStaps\BotleaguesApi\UserTokenController',
-            ['only' => ['index', 'show', 'store']]);
+            ['only' => ['index', 'show']]);
 
         Route::group(array('before' => 'administrator'), function() {