hassan
/
aboshabab
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
Browse Source

school user definition ready

THA01-authentication-using-mobile
Hassan Ajek 5 years ago
parent
d6c3ccd945
commit
8a4b0ef070
17 changed files with 861 additions and 55 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 15
      .env.example
  2. 14
      app/Exceptions/Handler.php
  3. 19
      app/Http/Controllers/SchoolUserController.php
  4. 37
      app/Http/Forms/SchoolForms/RegisterSchoolForm.php
  5. 35
      app/Http/Forms/SchoolForms/RenewTokenForm.php
  6. 2
      app/Http/Kernel.php
  7. 21
      app/Http/Middleware/JsonMiddleware.php
  8. 22
      app/Http/Middleware/JwtMiddleware.php
  9. 37
      app/SchoolUser.php
  10. 39
      app/User.php
  11. 3
      composer.json
  12. 346
      composer.lock
  13. 3
      config/app.php
  14. 2
      config/auth.php
  15. 303
      config/jwt.php
  16. 7
      database/migrations/2014_10_12_000000_create_users_table.php
  17. 11
      routes/api.php

15
.env.example
View File

@ -1,16 +1,19 @@
APP_NAME=Laravel
APP_ENV=local
APP_NAME=Aboshabab
APP_ENV=
APP_KEY=
APP_DEBUG=true
APP_URL=http://localhost
APP_DEBUG=
APP_URL=
APP_SUPER_PASSWORD=
JWT_SECRET=
JWT_TTL=null
LOG_CHANNEL=stack
DB_CONNECTION=mysql
DB_HOST=127.0.0.1
DB_PORT=3306
DB_DATABASE=laravel
DB_USERNAME=root
DB_DATABASE=
DB_USERNAME=
DB_PASSWORD=
BROADCAST_DRIVER=log

14
app/Exceptions/Handler.php
View File

@ -50,6 +50,18 @@ class Handler extends ExceptionHandler
*/
public function render($request, Throwable $exception)
{
return parent::render($request, $exception);
switch (get_class($exception)) {
case 'Symfony\Component\HttpKernel\Exception\NotFoundHttpException':
return response( ['message' => 'Route not found. Check path & method.' ],404);
case 'Tymon\JWTAuth\Exceptions\TokenBlacklistedException':
case 'Tymon\JWTAuth\Exceptions\TokenInvalidException':
return response( ['message' => 'Authentication failed. '.$exception->getMessage() ], 401);
case 'Illuminate\Auth\Access\AuthorizationException':
return response( ['message' => 'Unauthorized action.' ], 403);
case 'Illuminate\Validation\ValidationException':
return response( ['message' => $exception->errors()], 400);
default:
return parent::render($request, $exception);
}
}
}

19
app/Http/Controllers/SchoolUserController.php
View File

@ -0,0 +1,19 @@
<?php
namespace App\Http\Controllers;
use App\Http\Forms\SchoolForms\RegisterSchoolForm;
use App\Http\Forms\SchoolForms\RenewTokenForm;
class SchoolUserController extends Controller
{
public function renewToken(RenewTokenForm $form)
{
return $form->run();
}
public function register(RegisterSchoolForm $form)
{
return $form->run();
}
}

37
app/Http/Forms/SchoolForms/RegisterSchoolForm.php
View File

@ -0,0 +1,37 @@
<?php
namespace App\Http\Forms\SchoolForms;
use App\SchoolUser;
use Illuminate\Foundation\Http\FormRequest;
use Illuminate\Support\Facades\Hash;
use Tymon\JWTAuth\Facades\JWTAuth;
class RegisterSchoolForm extends FormRequest
{
public function rules()
{
return [
'name' => 'required|string|max:255',
'email' => 'required|string|email|max:255|unique:school_users',
'url' => 'required|string|regex:/^https?:\/\/.*teacharabia\.com\/api$/i|unique:school_users',
'password' => 'required|string|min:6|confirmed',
'super_password' => 'required|string'
];
}
public function run()
{
if (env('APP_SUPER_PASSWORD') != $this->super_password) {
$this->failedAuthorization();
}
else{
$hashPassword['password'] = Hash::make($this->password);
$this->merge($hashPassword);
$user = new SchoolUser();
$user->fill($this->only($user->getFillable()));
$user->save();
$token = JWTAuth::fromUser($user);
return ['token' => $token];
}
}
}

35
app/Http/Forms/SchoolForms/RenewTokenForm.php
View File

@ -0,0 +1,35 @@
<?php
namespace App\Http\Forms\SchoolForms;
use Illuminate\Foundation\Http\FormRequest;
use Tymon\JWTAuth\Facades\JWTAuth;
use Tymon\JWTAuth\Exceptions\TokenInvalidException;
class RenewTokenForm extends FormRequest
{
public function rules()
{
return [
'email' => 'required|string|email|max:255|exists:school_users',
'password' => 'required|string|min:6',
'super_password' => 'required|string',
];
}
public function run()
{
if (env('APP_SUPER_PASSWORD') != $this->super_password) {
$this->failedAuthorization();
}
else{
$newToken = JWTAuth::attempt(['email' => $this->email, 'password' => $this->password]);
if($newToken){
JWTAuth::invalidate(true);
return ['token' => $newToken];
}else{
throw new TokenInvalidException('Wrong credentials.');
}
}
}
}

2
app/Http/Kernel.php
View File

@ -63,5 +63,7 @@ class Kernel extends HttpKernel
'signed' => \Illuminate\Routing\Middleware\ValidateSignature::class,
'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class,
'verified' => \Illuminate\Auth\Middleware\EnsureEmailIsVerified::class,
'jwt.verify' => \App\Http\Middleware\JwtMiddleware::class,
'alljson' => \App\Http\Middleware\JsonMiddleware::class,
];
}

21
app/Http/Middleware/JsonMiddleware.php
View File

@ -0,0 +1,21 @@
<?php
namespace App\Http\Middleware;
use Closure;
class JsonMiddleware
{
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
$request->headers->set('Accept', 'application/json');
return $next($request);
}
}

22
app/Http/Middleware/JwtMiddleware.php
View File

@ -0,0 +1,22 @@
<?php
namespace App\Http\Middleware;
use Closure;
use Tymon\JWTAuth\Facades\JWTAuth;
class JwtMiddleware
{
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
JWTAuth::parseToken()->authenticate();
return $next($request);
}
}

37
app/SchoolUser.php
View File

@ -0,0 +1,37 @@
<?php
namespace App;
use Illuminate\Foundation\Auth\User as Authenticatable;
use Tymon\JWTAuth\Contracts\JWTSubject;
class SchoolUser extends Authenticatable implements JWTSubject
{
/**
* The attributes that are mass assignable.
*
* @var array
*/
protected $fillable = [
'name', 'email', 'password', 'url',
];
/**
* The attributes that should be hidden for arrays.
*
* @var array
*/
protected $hidden = [
'password'
];
public function getJWTIdentifier()
{
return $this->getKey();
}
public function getJWTCustomClaims()
{
return [];
}
}

39
app/User.php
View File

@ -1,39 +0,0 @@
<?php
namespace App;
use Illuminate\Contracts\Auth\MustVerifyEmail;
use Illuminate\Foundation\Auth\User as Authenticatable;
use Illuminate\Notifications\Notifiable;
class User extends Authenticatable
{
use Notifiable;
/**
* The attributes that are mass assignable.
*
* @var array
*/
protected $fillable = [
'name', 'email', 'password',
];
/**
* The attributes that should be hidden for arrays.
*
* @var array
*/
protected $hidden = [
'password', 'remember_token',
];
/**
* The attributes that should be cast to native types.
*
* @var array
*/
protected $casts = [
'email_verified_at' => 'datetime',
];
}

3
composer.json
View File

@ -13,7 +13,8 @@
"fruitcake/laravel-cors": "^1.0",
"guzzlehttp/guzzle": "^6.3",
"laravel/framework": "^7.0",
"laravel/tinker": "^2.0"
"laravel/tinker": "^2.0",
"tymon/jwt-auth": "^1.0"
},
"require-dev": {
"facade/ignition": "^2.0",

346
composer.lock
View File

@ -4,7 +4,7 @@
"Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies",
"This file is @generated automatically"
],
"content-hash": "6558f74828bca9ebecac73d90cea4b1a",
"content-hash": "b14e843dc2793940e08e52b3b0f85b97",
"packages": [
{
"name": "asm89/stack-cors",
@ -956,6 +956,71 @@
],
"time": "2020-04-07T15:01:31+00:00"
},
{
"name": "lcobucci/jwt",
"version": "3.3.2",
"source": {
"type": "git",
"url": "https://github.com/lcobucci/jwt.git",
"reference": "56f10808089e38623345e28af2f2d5e4eb579455"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/lcobucci/jwt/zipball/56f10808089e38623345e28af2f2d5e4eb579455",
"reference": "56f10808089e38623345e28af2f2d5e4eb579455",
"shasum": ""
},
"require": {
"ext-mbstring": "*",
"ext-openssl": "*",
"php": "^5.6 || ^7.0"
},
"require-dev": {
"mikey179/vfsstream": "~1.5",
"phpmd/phpmd": "~2.2",
"phpunit/php-invoker": "~1.1",
"phpunit/phpunit": "^5.7 || ^7.3",
"squizlabs/php_codesniffer": "~2.3"
},
"type": "library",
"extra": {
"branch-alias": {
"dev-master": "3.1-dev"
}
},
"autoload": {
"psr-4": {
"Lcobucci\\JWT\\": "src"
}
},
"notification-url": "https://packagist.org/downloads/",
"license": [
"BSD-3-Clause"
],
"authors": [
{
"name": "Luís Otávio Cobucci Oblonczyk",
"email": "lcobucci@gmail.com",
"role": "Developer"
}
],
"description": "A simple library to work with JSON Web Token and JSON Web Signature",
"keywords": [
"JWS",
"jwt"
],
"funding": [
{
"url": "https://github.com/lcobucci",
"type": "github"
},
{
"url": "https://www.patreon.com/lcobucci",
"type": "patreon"
}
],
"time": "2020-05-22T08:21:12+00:00"
},
{
"name": "league/commonmark",
"version": "1.4.3",
@ -1237,6 +1302,69 @@
],
"time": "2020-05-22T08:12:19+00:00"
},
{
"name": "namshi/jose",
"version": "7.2.3",
"source": {
"type": "git",
"url": "https://github.com/namshi/jose.git",
"reference": "89a24d7eb3040e285dd5925fcad992378b82bcff"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/namshi/jose/zipball/89a24d7eb3040e285dd5925fcad992378b82bcff",
"reference": "89a24d7eb3040e285dd5925fcad992378b82bcff",
"shasum": ""
},
"require": {
"ext-date": "*",
"ext-hash": "*",
"ext-json": "*",
"ext-pcre": "*",
"ext-spl": "*",
"php": ">=5.5",
"symfony/polyfill-php56": "^1.0"
},
"require-dev": {
"phpseclib/phpseclib": "^2.0",
"phpunit/phpunit": "^4.5|^5.0",
"satooshi/php-coveralls": "^1.0"
},
"suggest": {
"ext-openssl": "Allows to use OpenSSL as crypto engine.",
"phpseclib/phpseclib": "Allows to use Phpseclib as crypto engine, use version ^2.0."
},
"type": "library",
"autoload": {
"psr-4": {
"Namshi\\JOSE\\": "src/Namshi/JOSE/"
}
},
"notification-url": "https://packagist.org/downloads/",
"license": [
"MIT"
],
"authors": [
{
"name": "Alessandro Nadalin",
"email": "alessandro.nadalin@gmail.com"
},
{
"name": "Alessandro Cinelli (cirpo)",
"email": "alessandro.cinelli@gmail.com"
}
],
"description": "JSON Object Signing and Encryption library for PHP.",
"keywords": [
"JSON Web Signature",
"JSON Web Token",
"JWS",
"json",
"jwt",
"token"
],
"time": "2016-12-05T07:27:31+00:00"
},
{
"name": "nesbot/carbon",
"version": "2.34.2",
@ -3031,6 +3159,76 @@
],
"time": "2020-05-12T16:47:27+00:00"
},
{
"name": "symfony/polyfill-php56",
"version": "v1.17.0",
"source": {
"type": "git",
"url": "https://github.com/symfony/polyfill-php56.git",
"reference": "e3c8c138280cdfe4b81488441555583aa1984e23"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/symfony/polyfill-php56/zipball/e3c8c138280cdfe4b81488441555583aa1984e23",
"reference": "e3c8c138280cdfe4b81488441555583aa1984e23",
"shasum": ""
},
"require": {
"php": ">=5.3.3",
"symfony/polyfill-util": "~1.0"
},
"type": "library",
"extra": {
"branch-alias": {
"dev-master": "1.17-dev"
}
},
"autoload": {
"psr-4": {
"Symfony\\Polyfill\\Php56\\": ""
},
"files": [
"bootstrap.php"
]
},
"notification-url": "https://packagist.org/downloads/",
"license": [
"MIT"
],
"authors": [
{
"name": "Nicolas Grekas",
"email": "p@tchwork.com"
},
{
"name": "Symfony Community",
"homepage": "https://symfony.com/contributors"
}
],
"description": "Symfony polyfill backporting some PHP 5.6+ features to lower PHP versions",
"homepage": "https://symfony.com",
"keywords": [
"compatibility",
"polyfill",
"portable",
"shim"
],
"funding": [
{
"url": "https://symfony.com/sponsor",
"type": "custom"
},
{
"url": "https://github.com/fabpot",
"type": "github"
},
{
"url": "https://tidelift.com/funding/github/packagist/symfony/symfony",
"type": "tidelift"
}
],
"time": "2020-05-12T16:47:27+00:00"
},
{
"name": "symfony/polyfill-php72",
"version": "v1.17.0",
@ -3172,6 +3370,72 @@
],
"time": "2020-05-12T16:47:27+00:00"
},
{
"name": "symfony/polyfill-util",
"version": "v1.17.0",
"source": {
"type": "git",
"url": "https://github.com/symfony/polyfill-util.git",
"reference": "4afb4110fc037752cf0ce9869f9ab8162c4e20d7"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/symfony/polyfill-util/zipball/4afb4110fc037752cf0ce9869f9ab8162c4e20d7",
"reference": "4afb4110fc037752cf0ce9869f9ab8162c4e20d7",
"shasum": ""
},
"require": {
"php": ">=5.3.3"
},
"type": "library",
"extra": {
"branch-alias": {
"dev-master": "1.17-dev"
}
},
"autoload": {
"psr-4": {
"Symfony\\Polyfill\\Util\\": ""
}
},
"notification-url": "https://packagist.org/downloads/",
"license": [
"MIT"
],
"authors": [
{
"name": "Nicolas Grekas",
"email": "p@tchwork.com"
},
{
"name": "Symfony Community",
"homepage": "https://symfony.com/contributors"
}
],
"description": "Symfony utilities for portability of PHP codes",
"homepage": "https://symfony.com",
"keywords": [
"compat",
"compatibility",
"polyfill",
"shim"
],
"funding": [
{
"url": "https://symfony.com/sponsor",
"type": "custom"
},
{
"url": "https://github.com/fabpot",
"type": "github"
},
{
"url": "https://tidelift.com/funding/github/packagist/symfony/symfony",
"type": "tidelift"
}
],
"time": "2020-05-12T16:14:59+00:00"
},
{
"name": "symfony/process",
"version": "v5.0.8",
@ -3669,6 +3933,86 @@
"homepage": "https://github.com/tijsverkoyen/CssToInlineStyles",
"time": "2019-10-24T08:53:34+00:00"
},
{
"name": "tymon/jwt-auth",
"version": "1.0.0",
"source": {
"type": "git",
"url": "https://github.com/tymondesigns/jwt-auth.git",
"reference": "d4cf9fd2b98790712d3e6cd1094e5ff018431f19"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/tymondesigns/jwt-auth/zipball/d4cf9fd2b98790712d3e6cd1094e5ff018431f19",
"reference": "d4cf9fd2b98790712d3e6cd1094e5ff018431f19",
"shasum": ""
},
"require": {
"illuminate/auth": "^5.2|^6|^7",
"illuminate/contracts": "^5.2|^6|^7",
"illuminate/http": "^5.2|^6|^7",
"illuminate/support": "^5.2|^6|^7",
"lcobucci/jwt": "^3.2",
"namshi/jose": "^7.0",
"nesbot/carbon": "^1.0|^2.0",
"php": "^5.5.9|^7.0"
},
"require-dev": {
"illuminate/console": "^5.2|^6|^7",
"illuminate/database": "^5.2|^6|^7",
"illuminate/routing": "^5.2|^6|^7",
"mockery/mockery": ">=0.9.9",
"phpunit/phpunit": "~4.8|~6.0"
},
"type": "library",
"extra": {
"branch-alias": {
"dev-develop": "1.0-dev"
},
"laravel": {
"aliases": {
"JWTAuth": "Tymon\\JWTAuth\\Facades\\JWTAuth",
"JWTFactory": "Tymon\\JWTAuth\\Facades\\JWTFactory"
},
"providers": [
"Tymon\\JWTAuth\\Providers\\LaravelServiceProvider"
]
}
},
"autoload": {
"psr-4": {
"Tymon\\JWTAuth\\": "src/"
}
},
"notification-url": "https://packagist.org/downloads/",
"license": [
"MIT"
],
"authors": [
{
"name": "Sean Tymon",
"email": "tymon148@gmail.com",
"homepage": "https://tymon.xyz",
"role": "Developer"
}
],
"description": "JSON Web Token Authentication for Laravel and Lumen",
"homepage": "https://github.com/tymondesigns/jwt-auth",
"keywords": [
"Authentication",
"JSON Web Token",
"auth",
"jwt",
"laravel"
],
"funding": [
{
"url": "https://www.patreon.com/seantymon",
"type": "patreon"
}
],
"time": "2020-03-04T11:21:28+00:00"
},
{
"name": "vlucas/phpdotenv",
"version": "v4.1.6",

3
config/app.php
View File

@ -174,6 +174,7 @@ return [
// App\Providers\BroadcastServiceProvider::class,
App\Providers\EventServiceProvider::class,
App\Providers\RouteServiceProvider::class,
Tymon\JWTAuth\Providers\LaravelServiceProvider::class,
],
@ -226,6 +227,8 @@ return [
'URL' => Illuminate\Support\Facades\URL::class,
'Validator' => Illuminate\Support\Facades\Validator::class,
'View' => Illuminate\Support\Facades\View::class,
'JWTAuth' => Tymon\JWTAuth\Facades\JWTAuth::class,
'JWTFactory' => Tymon\JWTAuth\Facades\JWTFactory::class,
],

2
config/auth.php
View File

@ -68,7 +68,7 @@ return [
'providers' => [
'users' => [
'driver' => 'eloquent',
'model' => App\User::class,
'model' => App\SchoolUser::class,
],
// 'users' => [

303
config/jwt.php
View File

@ -0,0 +1,303 @@
<?php
/*
* This file is part of jwt-auth.
*
* (c) Sean Tymon <tymon148@gmail.com>
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*/
return [
/*
|--------------------------------------------------------------------------
| JWT Authentication Secret
|--------------------------------------------------------------------------
|
| Don't forget to set this in your .env file, as it will be used to sign
| your tokens. A helper command is provided for this:
| `php artisan jwt:secret`
|
| Note: This will be used for Symmetric algorithms only (HMAC),
| since RSA and ECDSA use a private/public key combo (See below).
|
*/
'secret' => env('JWT_SECRET'),
/*
|--------------------------------------------------------------------------
| JWT Authentication Keys
|--------------------------------------------------------------------------
|
| The algorithm you are using, will determine whether your tokens are
| signed with a random string (defined in `JWT_SECRET`) or using the
| following public & private keys.
|
| Symmetric Algorithms:
| HS256, HS384 & HS512 will use `JWT_SECRET`.
|
| Asymmetric Algorithms:
| RS256, RS384 & RS512 / ES256, ES384 & ES512 will use the keys below.
|
*/
'keys' => [
/*
|--------------------------------------------------------------------------
| Public Key
|--------------------------------------------------------------------------
|
| A path or resource to your public key.
|
| E.g. 'file://path/to/public/key'
|
*/
'public' => env('JWT_PUBLIC_KEY'),
/*
|--------------------------------------------------------------------------
| Private Key
|--------------------------------------------------------------------------
|
| A path or resource to your private key.
|
| E.g. 'file://path/to/private/key'
|
*/
'private' => env('JWT_PRIVATE_KEY'),
/*
|--------------------------------------------------------------------------
| Passphrase
|--------------------------------------------------------------------------
|
| The passphrase for your private key. Can be null if none set.
|
*/
'passphrase' => env('JWT_PASSPHRASE'),
],
/*
|--------------------------------------------------------------------------
| JWT time to live
|--------------------------------------------------------------------------
|
| Specify the length of time (in minutes) that the token will be valid for.
| Defaults to 1 hour.
|
| You can also set this to null, to yield a never expiring token.
| Some people may want this behaviour for e.g. a mobile app.
| This is not particularly recommended, so make sure you have appropriate
| systems in place to revoke the token if necessary.
| Notice: If you set this to null you should remove 'exp' element from 'required_claims' list.
|
*/
'ttl' => env('JWT_TTL', 60),
/*
|--------------------------------------------------------------------------
| Refresh time to live
|--------------------------------------------------------------------------
|
| Specify the length of time (in minutes) that the token can be refreshed
| within. I.E. The user can refresh their token within a 2 week window of
| the original token being created until they must re-authenticate.
| Defaults to 2 weeks.
|
| You can also set this to null, to yield an infinite refresh time.
| Some may want this instead of never expiring tokens for e.g. a mobile app.
| This is not particularly recommended, so make sure you have appropriate
| systems in place to revoke the token if necessary.
|
*/
'refresh_ttl' => env('JWT_REFRESH_TTL', 20160),
/*
|--------------------------------------------------------------------------
| JWT hashing algorithm
|--------------------------------------------------------------------------
|
| Specify the hashing algorithm that will be used to sign the token.
|
| See here: https://github.com/namshi/jose/tree/master/src/Namshi/JOSE/Signer/OpenSSL
| for possible values.
|
*/
'algo' => env('JWT_ALGO', 'HS256'),
/*
|--------------------------------------------------------------------------
| Required Claims
|--------------------------------------------------------------------------
|
| Specify the required claims that must exist in any token.
| A TokenInvalidException will be thrown if any of these claims are not
| present in the payload.
|
*/
'required_claims' => [
'iss',
'iat',
'nbf',
'sub',
'jti',
],
/*
|--------------------------------------------------------------------------
| Persistent Claims
|--------------------------------------------------------------------------
|
| Specify the claim keys to be persisted when refreshing a token.
| `sub` and `iat` will automatically be persisted, in
| addition to the these claims.
|
| Note: If a claim does not exist then it will be ignored.
|
*/
'persistent_claims' => [
// 'foo',
// 'bar',
],
/*
|--------------------------------------------------------------------------
| Lock Subject
|--------------------------------------------------------------------------
|
| This will determine whether a `prv` claim is automatically added to
| the token. The purpose of this is to ensure that if you have multiple
| authentication models e.g. `App\User` & `App\OtherPerson`, then we
| should prevent one authentication request from impersonating another,
| if 2 tokens happen to have the same id across the 2 different models.
|
| Under specific circumstances, you may want to disable this behaviour
| e.g. if you only have one authentication model, then you would save
| a little on token size.
|
*/
'lock_subject' => true,
/*
|--------------------------------------------------------------------------
| Leeway
|--------------------------------------------------------------------------
|
| This property gives the jwt timestamp claims some "leeway".
| Meaning that if you have any unavoidable slight clock skew on
| any of your servers then this will afford you some level of cushioning.
|
| This applies to the claims `iat`, `nbf` and `exp`.
|
| Specify in seconds - only if you know you need it.
|
*/
'leeway' => env('JWT_LEEWAY', 0),
/*
|--------------------------------------------------------------------------
| Blacklist Enabled
|--------------------------------------------------------------------------
|
| In order to invalidate tokens, you must have the blacklist enabled.
| If you do not want or need this functionality, then set this to false.
|
*/
'blacklist_enabled' => env('JWT_BLACKLIST_ENABLED', true),
/*
| -------------------------------------------------------------------------
| Blacklist Grace Period
| -------------------------------------------------------------------------
|
| When multiple concurrent requests are made with the same JWT,
| it is possible that some of them fail, due to token regeneration
| on every request.
|
| Set grace period in seconds to prevent parallel request failure.
|
*/
'blacklist_grace_period' => env('JWT_BLACKLIST_GRACE_PERIOD', 0),
/*
|--------------------------------------------------------------------------
| Cookies encryption
|--------------------------------------------------------------------------
|
| By default Laravel encrypt cookies for security reason.
| If you decide to not decrypt cookies, you will have to configure Laravel
| to not encrypt your cookie token by adding its name into the $except
| array available in the middleware "EncryptCookies" provided by Laravel.
| see https://laravel.com/docs/master/responses#cookies-and-encryption
| for details.
|
| Set it to true if you want to decrypt cookies.
|
*/
'decrypt_cookies' => false,
/*
|--------------------------------------------------------------------------
| Providers
|--------------------------------------------------------------------------
|
| Specify the various providers used throughout the package.
|
*/
'providers' => [
/*
|--------------------------------------------------------------------------
| JWT Provider
|--------------------------------------------------------------------------
|
| Specify the provider that is used to create and decode the tokens.
|
*/
'jwt' => Tymon\JWTAuth\Providers\JWT\Lcobucci::class,
/*
|--------------------------------------------------------------------------
| Authentication Provider
|--------------------------------------------------------------------------
|
| Specify the provider that is used to authenticate users.
|
*/
'auth' => Tymon\JWTAuth\Providers\Auth\Illuminate::class,
/*
|--------------------------------------------------------------------------
| Storage Provider
|--------------------------------------------------------------------------
|
| Specify the provider that is used to store tokens in the blacklist.
|
*/
'storage' => Tymon\JWTAuth\Providers\Storage\Illuminate::class,
],
];

7
database/migrations/2014_10_12_000000_create_users_table.php
View File

@ -13,13 +13,12 @@ class CreateUsersTable extends Migration
*/
public function up()
{
Schema::create('users', function (Blueprint $table) {
Schema::create('school_users', function (Blueprint $table) {
$table->id();
$table->string('name');
$table->string('email')->unique();
$table->timestamp('email_verified_at')->nullable();
$table->string('password');
$table->rememberToken();
$table->string('url')->unique();
$table->timestamps();
});
}
@ -31,6 +30,6 @@ class CreateUsersTable extends Migration
*/
public function down()
{
Schema::dropIfExists('users');
Schema::dropIfExists('school_users');
}
}

11
routes/api.php
View File

@ -14,6 +14,13 @@ use Illuminate\Support\Facades\Route;
|
*/
Route::middleware('auth:api')->get('/user', function (Request $request) {
return $request->user();
Route::group(['middleware' => ['alljson']], function () {
Route::group(['prefix' => 'school'],function (){
Route::group(['middleware' => ['jwt.verify']], function() {
Route::post('change-token','SchoolUserController@renewToken');
//notify
});
Route::post('register','SchoolUserController@register');
});
});

Write Preview
Loading…
Cancel
Save