diff options
Diffstat (limited to 'src')
-rw-r--r-- | src/CamilStaps/BotleaguesApi/TokenAuthenticationProvider.php | 50 | ||||
-rw-r--r-- | src/CamilStaps/BotleaguesApi/User.php | 52 | ||||
-rw-r--r-- | src/routes.php | 7 |
3 files changed, 107 insertions, 2 deletions
diff --git a/src/CamilStaps/BotleaguesApi/TokenAuthenticationProvider.php b/src/CamilStaps/BotleaguesApi/TokenAuthenticationProvider.php new file mode 100644 index 0000000..f3dad6e --- /dev/null +++ b/src/CamilStaps/BotleaguesApi/TokenAuthenticationProvider.php @@ -0,0 +1,50 @@ +<?php +/** + * Created by PhpStorm. + * User: camilstaps + * Date: 12-5-15 + * Time: 14:41 + */ + +namespace CamilStaps\BotleaguesApi; + +use Dingo\Api\Auth\ProviderInterface; +use Dingo\Api\Routing\Route; +use Illuminate\Http\Request; +use Illuminate\Support\Facades\Auth; +use Symfony\Component\HttpKernel\Exception\UnauthorizedHttpException; + +class TokenAuthenticationProvider implements ProviderInterface { + + /** + * Authenticate the request and return the authenticated user instance. + * + * @param \Illuminate\Http\Request $request + * @param \Dingo\Api\Routing\Route $route + * + * @return mixed + */ + public function authenticate(Request $request, Route $route) { + if (!$request->has(['user_id', 'token'])) { + throw new UnauthorizedHttpException(null, "Include user_id and token in your request."); + } + + $user = User::find($request->get('user_id')); + if ($user != null && $user->validToken($request->get('token'))) { + Auth::login($user); + return Auth::user(); + } + + throw new UnauthorizedHttpException(null, "Invalid credentials"); + } + + /** + * Get the providers authorization method. + * + * @return string + */ + public function getAuthorizationMethod() + { + return 'token'; + } +}
\ No newline at end of file diff --git a/src/CamilStaps/BotleaguesApi/User.php b/src/CamilStaps/BotleaguesApi/User.php index 161d285..39b42dc 100644 --- a/src/CamilStaps/BotleaguesApi/User.php +++ b/src/CamilStaps/BotleaguesApi/User.php @@ -1,9 +1,10 @@ <?php namespace CamilStaps\BotleaguesApi; +use Illuminate\Auth\UserInterface; use Illuminate\Database\Eloquent\Model; -class User extends Model { +class User extends Model implements UserInterface { protected $table = 'users'; protected $hidden = ['password', 'remember_token', 'api_key']; @@ -13,4 +14,53 @@ class User extends Model { return (bool) $this->isAdministrator; } + public function validToken($token) { + return UserToken::where('userId', $this->id)->where('token', $token)->where('valid_till', '>', date("Y-m-d H:i:s"))->count() > 0; + } + + /** + * Get the unique identifier for the user. + * + * @return mixed + */ + public function getAuthIdentifier() { + return $this->email; + } + + /** + * Get the password for the user. + * + * @return string + */ + public function getAuthPassword() { + return null; + } + + /** + * Get the token value for the "remember me" session. + * + * @return string + */ + public function getRememberToken() { + return null; + } + + /** + * Set the token value for the "remember me" session. + * + * @param string $value + * @return void + */ + public function setRememberToken($value) { + return null; + } + + /** + * Get the column name for the "remember me" token. + * + * @return string + */ + public function getRememberTokenName() { + return null; + } }
\ No newline at end of file diff --git a/src/routes.php b/src/routes.php index 4935f7c..d44ac20 100644 --- a/src/routes.php +++ b/src/routes.php @@ -25,6 +25,11 @@ Route::group(array('https'), function() { }); Route::api(['version' => 'v1', 'protected' => true, 'providers' => 'basic'], function () { + Route::resource('user_token', 'CamilStaps\BotleaguesApi\UserTokenController', + ['only' => ['store']]); + }); + + Route::api(['version' => 'v1', 'protected' => true, 'providers' => 'token'], function () { Route::resource('bot', 'CamilStaps\BotleaguesApi\BotController', ['except' => ['index', 'show', 'create','edit']]); @@ -33,7 +38,7 @@ Route::group(array('https'), function() { ['except' => ['index', 'show', 'create','edit','store']]); Route::resource('user_token', 'CamilStaps\BotleaguesApi\UserTokenController', - ['only' => ['index', 'show', 'store']]); + ['only' => ['index', 'show']]); Route::group(array('before' => 'administrator'), function() { |