Last active
December 4, 2022 23:24
-
-
Save iolson/8a4c6d689a334f6de48e to your computer and use it in GitHub Desktop.
Revisions
-
Ian Olson revised this gist
May 15, 2015 . 1 changed file with 168 additions and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,168 @@ <?php return [ /* |-------------------------------------------------------------------------- | JWT Authentication Secret |-------------------------------------------------------------------------- | | Don't forget to set this, as it will be used to sign your tokens. | A helper command is provided for this: `php artisan jwt:generate` | */ 'secret' => env('JWT_SECRET', 'changeme'), /* |-------------------------------------------------------------------------- | JWT time to live |-------------------------------------------------------------------------- | | Specify the length of time (in minutes) that the token will be valid for. | Defaults to 1 hour | */ 'ttl' => 60, /* |-------------------------------------------------------------------------- | Refresh time to live |-------------------------------------------------------------------------- | | Specify the length of time (in minutes) that the token can be refreshed | within. I.E. The user can refresh their token within a 2 week window of | the original token being created until they must re-authenticate. | Defaults to 2 weeks | */ 'refresh_ttl' => 20160, /* |-------------------------------------------------------------------------- | JWT hashing algorithm |-------------------------------------------------------------------------- | | Specify the hashing algorithm that will be used to sign the token. | | See here: https://github.com/namshi/jose/tree/2.2.0/src/Namshi/JOSE/Signer | for possible values | */ 'algo' => 'HS256', /* |-------------------------------------------------------------------------- | User Model namespace |-------------------------------------------------------------------------- | | Specify the full namespace to your User model. | e.g. 'Acme\Entities\User' | */ 'user' => 'App\User', /* |-------------------------------------------------------------------------- | User identifier |-------------------------------------------------------------------------- | | Specify a unique property of the user that will be added as the 'sub' | claim of the token payload. | */ 'identifier' => 'id', /* |-------------------------------------------------------------------------- | Required Claims |-------------------------------------------------------------------------- | | Specify the required claims that must exist in any token. | A TokenInvalidException will be thrown if any of these claims are not | present in the payload. | */ 'required_claims' => ['iss', 'iat', 'exp', 'nbf', 'sub', 'jti'], /* |-------------------------------------------------------------------------- | Blacklist Enabled |-------------------------------------------------------------------------- | | In order to invalidate tokens, you must have the the blacklist enabled. | If you do not want or need this functionality, then set this to false. | */ 'blacklist_enabled' => env('JWT_BLACKLIST_ENABLED', true), /* |-------------------------------------------------------------------------- | Providers |-------------------------------------------------------------------------- | | Specify the various providers used throughout the package. | */ 'providers' => [ /* |-------------------------------------------------------------------------- | User Provider |-------------------------------------------------------------------------- | | Specify the provider that is used to find the user based | on the subject claim | */ 'user' => 'Tymon\JWTAuth\Providers\User\EloquentUserAdapter', /* |-------------------------------------------------------------------------- | JWT Provider |-------------------------------------------------------------------------- | | Specify the provider that is used to create and decode the tokens. | */ 'jwt' => 'Tymon\JWTAuth\Providers\JWT\NamshiAdapter', /* |-------------------------------------------------------------------------- | Authentication Provider |-------------------------------------------------------------------------- | | Specify the provider that is used to authenticate users. | */ 'auth' => function ($app) { return new \App\Http\Repositories\Auth\SentinelAuthAdapter($app['auth']); }, /* |-------------------------------------------------------------------------- | Storage Provider |-------------------------------------------------------------------------- | | Specify the provider that is used to store tokens in the blacklist | */ 'storage' => function ($app) { return new Tymon\JWTAuth\Providers\Storage\IlluminateCacheAdapter($app['cache']); } ] ]; -
May 15, 2015 .There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,33 @@ <?php namespace App\Http\Controllers\Api\V1; use App\Http\Controllers\Controller; use App\Http\Requests; use Illuminate\Http\Request; use Tymon\JWTAuth\Facades\JWTAuth; use Tymon\JWTAuth\Exceptions\JWTException; class AuthenticateController extends Controller { /** * @param Request $request * @return \Symfony\Component\HttpFoundation\Response */ public function authenticate(Request $request) { // grab credentials from the request $credentials = $request->only('email', 'password'); try { // attempt to verify the credentials and create a token for the user if (!$token = JWTAuth::attempt($credentials)) { return response()->json(['error' => 'invalid_credentials'], 401); } } catch (JWTException $e) { // something went wrong whilst attempting to encode the token return response()->json(['error' => 'could_not_create_token'], 500); } // all good so return the token return response()->json(compact('token')); } } This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,52 @@ <?php namespace App\Http\Repositories\Auth; use Exception; use Cartalyst\Sentinel\Laravel\Facades\Sentinel; use Cartalyst\Sentinel\Users\UserInterface; use Tymon\JWTAuth\Providers\Auth\AuthInterface; class SentinelAuthAdapter implements AuthInterface { /** * Check a user's credentials * * @param array $credentials * @return bool */ public function byCredentials(array $credentials = []) { try { $user = Sentinel::authenticate($credentials); return $user instanceof UserInterface; } catch (Exception $e) { return false; } } /** * Authenticate a user via the id * * @param mixed $id * @return bool */ public function byId($id) { try { $user = Sentinel::findById($id); Sentinel::login($user); return $user instanceof UserInterface && Sentinel::check(); } catch (Exception $e) { return false; } } /** * Get the currently authenticated user * * @return mixed */ public function user() { return Sentinel::getUser(); } }
Ian Olson
revised
this gist