Skip to content

Instantly share code, notes, and snippets.

@iolson

iolson/AuthenticateController.php

Last active December 4, 2022 23:24
Show Gist options
  • Save iolson/8a4c6d689a334f6de48e to your computer and use it in GitHub Desktop.
Save iolson/8a4c6d689a334f6de48e to your computer and use it in GitHub Desktop.
Download ZIP
SentinelAuthAdapter for using Tymon\JWTAuth with Cartalyst\Sentinel
Raw
AuthenticateController.php
<?php namespace App\Http\Controllers\Api\V1;
use App\Http\Controllers\Controller;
use App\Http\Requests;
use Illuminate\Http\Request;
use Tymon\JWTAuth\Facades\JWTAuth;
use Tymon\JWTAuth\Exceptions\JWTException;
class AuthenticateController extends Controller
{
/**
* @param Request $request
* @return \Symfony\Component\HttpFoundation\Response
*/
public function authenticate(Request $request)
{
// grab credentials from the request
$credentials = $request->only('email', 'password');
try {
// attempt to verify the credentials and create a token for the user
if (!$token = JWTAuth::attempt($credentials)) {
return response()->json(['error' => 'invalid_credentials'], 401);
}
} catch (JWTException $e) {
// something went wrong whilst attempting to encode the token
return response()->json(['error' => 'could_not_create_token'], 500);
}
// all good so return the token
return response()->json(compact('token'));
}
}
Raw
jwt.php
<?php
return [
/*
|--------------------------------------------------------------------------
| JWT Authentication Secret
|--------------------------------------------------------------------------
|
| Don't forget to set this, as it will be used to sign your tokens.
| A helper command is provided for this: `php artisan jwt:generate`
|
*/
'secret' => env('JWT_SECRET', 'changeme'),
/*
|--------------------------------------------------------------------------
| JWT time to live
|--------------------------------------------------------------------------
|
| Specify the length of time (in minutes) that the token will be valid for.
| Defaults to 1 hour
|
*/
'ttl' => 60,
/*
|--------------------------------------------------------------------------
| Refresh time to live
|--------------------------------------------------------------------------
|
| Specify the length of time (in minutes) that the token can be refreshed
| within. I.E. The user can refresh their token within a 2 week window of
| the original token being created until they must re-authenticate.
| Defaults to 2 weeks
|
*/
'refresh_ttl' => 20160,
/*
|--------------------------------------------------------------------------
| JWT hashing algorithm
|--------------------------------------------------------------------------
|
| Specify the hashing algorithm that will be used to sign the token.
|
| See here: https://github.com/namshi/jose/tree/2.2.0/src/Namshi/JOSE/Signer
| for possible values
|
*/
'algo' => 'HS256',
/*
|--------------------------------------------------------------------------
| User Model namespace
|--------------------------------------------------------------------------
|
| Specify the full namespace to your User model.
| e.g. 'Acme\Entities\User'
|
*/
'user' => 'App\User',
/*
|--------------------------------------------------------------------------
| User identifier
|--------------------------------------------------------------------------
|
| Specify a unique property of the user that will be added as the 'sub'
| claim of the token payload.
|
*/
'identifier' => 'id',
/*
|--------------------------------------------------------------------------
| Required Claims
|--------------------------------------------------------------------------
|
| Specify the required claims that must exist in any token.
| A TokenInvalidException will be thrown if any of these claims are not
| present in the payload.
|
*/
'required_claims' => ['iss', 'iat', 'exp', 'nbf', 'sub', 'jti'],
/*
|--------------------------------------------------------------------------
| Blacklist Enabled
|--------------------------------------------------------------------------
|
| In order to invalidate tokens, you must have the the blacklist enabled.
| If you do not want or need this functionality, then set this to false.
|
*/
'blacklist_enabled' => env('JWT_BLACKLIST_ENABLED', true),
/*
|--------------------------------------------------------------------------
| Providers
|--------------------------------------------------------------------------
|
| Specify the various providers used throughout the package.
|
*/
'providers' => [
/*
|--------------------------------------------------------------------------
| User Provider
|--------------------------------------------------------------------------
|
| Specify the provider that is used to find the user based
| on the subject claim
|
*/
'user' => 'Tymon\JWTAuth\Providers\User\EloquentUserAdapter',
/*
|--------------------------------------------------------------------------
| JWT Provider
|--------------------------------------------------------------------------
|
| Specify the provider that is used to create and decode the tokens.
|
*/
'jwt' => 'Tymon\JWTAuth\Providers\JWT\NamshiAdapter',
/*
|--------------------------------------------------------------------------
| Authentication Provider
|--------------------------------------------------------------------------
|
| Specify the provider that is used to authenticate users.
|
*/
'auth' => function ($app) {
return new \App\Http\Repositories\Auth\SentinelAuthAdapter($app['auth']);
},
/*
|--------------------------------------------------------------------------
| Storage Provider
|--------------------------------------------------------------------------
|
| Specify the provider that is used to store tokens in the blacklist
|
*/
'storage' => function ($app) {
return new Tymon\JWTAuth\Providers\Storage\IlluminateCacheAdapter($app['cache']);
}
]
];
Raw
SentinelAuthAdapter.php
<?php namespace App\Http\Repositories\Auth;
use Exception;
use Cartalyst\Sentinel\Laravel\Facades\Sentinel;
use Cartalyst\Sentinel\Users\UserInterface;
use Tymon\JWTAuth\Providers\Auth\AuthInterface;
class SentinelAuthAdapter implements AuthInterface
{
/**
* Check a user's credentials
*
* @param array $credentials
* @return bool
*/
public function byCredentials(array $credentials = [])
{
try {
$user = Sentinel::authenticate($credentials);
return $user instanceof UserInterface;
} catch (Exception $e) {
return false;
}
}
/**
* Authenticate a user via the id
*
* @param mixed $id
* @return bool
*/
public function byId($id)
{
try {
$user = Sentinel::findById($id);
Sentinel::login($user);
return $user instanceof UserInterface && Sentinel::check();
} catch (Exception $e) {
return false;
}
}
/**
* Get the currently authenticated user
*
* @return mixed
*/
public function user()
{
return Sentinel::getUser();
}
}
@tusharnisos
Copy link

That helped. Thanks!

@srikanth240369
Copy link

Thanks Helped a lot 👍 If I want to logout from sentinel, How to invalidate jwt token automatically

@kevinreynolds
Copy link

Thanks @iolson

@thomas-tewelde
Copy link

thomas-tewelde commented Oct 22, 2016
edited
Loading

@iolson how would you return user "not activated" message or wrong password message .... i am having some difficulty doing that

public function byCredentials(array $credentials = [])
    {
        try {
            $user = Sentry::authenticate($credentials);
            return $user ;
        } catch (\Cartalyst\Sentry\Users\UserNotActivatedException $e) {
            return response()->json(['error' => 'not_activated'], 401);

        } catch (\Cartalyst\Sentry\Users\WrongPasswordException $e) {
            return response()->json(['error' => 'wrong_password'], 401);
        }
    }

@gogs85
Copy link

gogs85 commented Feb 6, 2017

Hello, can i get little help? Where is SentinelAuthAdapter.php or i need to make this file and where to make?
Thanks for help!

@crarau
Copy link

crarau commented Apr 7, 2017

This is genius! You saved me many hours!

@ngelrojas
Copy link

hello guys, I need your help please when I run this classes show me the next error like thi:

"Type error: Argument 1 passed to Tymon\JWTAuth\Blacklist::__construct() must be an instance of Tymon\JWTAuth\Contracts\Providers\Storage, instance of Closure given, called in /home/vagrant/Jobs/Projetos/eas-message-core/vendor/tymon/jwt-auth/src/Providers/AbstractServiceProvider.php on line 249"

in my LoginController I called so:
use App\Http\Controllers\Auth\AuthenticateController as Authentications;
use Sentinel;
.................
try{

        $user = new Authentications();
    
        $user_admin = $user->authenticate($request);
        
        return response()->json(['data' => $user_admin], 200);
        
    } catch (\Exception $e){
        
        return response()->json(['error' => $e->getMessages()], 500);
    }

I use Laravel 5.5 and Cartalyst/sentinel, please help me

@chilio
Copy link

chilio commented Nov 14, 2017

unfortunately same here @ngelrojas with laravel 5.5 and sentinel

@imadHafsi
Copy link

The same problem @ngelrojas any solution

@parisaentezami
Copy link

I had same problem and by implementing AuthInterface in SentinelAuthAdapter and using Setinel as AuthManager in it's construct function, problem solved.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment