Commit 328074e3 authored by Jacob Priddy's avatar Jacob Priddy 👌

Add api and door guards

parent 2ed225a4
<?php
namespace App\Guards;
use App\User;
use Illuminate\Http\Request;
use Illuminate\Auth\GuardHelpers;
use Illuminate\Contracts\Auth\Guard;
use Illuminate\Contracts\Auth\Authenticatable;
class ApiGuard implements Guard {
use GuardHelpers;
/**
* The request instance.
*
* @var Request
*/
protected $request;
/**
* The name of the query string item from the request containing the API token.
*
* @var string
*/
protected $inputKey;
/**
* The name of the token "column" in persistent storage.
*
* @var string
*/
protected $storageKey;
/**
* Indicates if the API token is hashed in storage.
*
* @var bool
*/
protected $hash = false;
/**
* Create a new authentication guard.
*
* @param Request $request
* @param string $inputKey
* @param string $storageKey
* @return void
*/
public function __construct(
Request $request,
$inputKey = 'api_token',
$storageKey = 'api_token') {
$this->request = $request;
$this->inputKey = $inputKey;
$this->storageKey = $storageKey;
}
/**
* Get the currently authenticated user.
*
* @return Authenticatable|null
*/
public function user() {
// If we've already retrieved the user for the current request we can just
// return it back immediately. We do not want to fetch the user data on
// every call to this method because that would be tremendously slow.
if ($this->user !== null) {
return $this->user;
}
$user = null;
$token = $this->getTokenForRequest();
if (!empty($token)) {
$user = $this->retrieveByToken($token);
}
return $this->user = $user;
}
/**
* Get the token for the current request.
*
* @return string
*/
public function getTokenForRequest(): string {
$token = $this->request->query($this->inputKey);
if (empty($token)) {
$token = $this->request->input($this->inputKey);
}
if (empty($token)) {
$token = $this->request->bearerToken();
}
if (empty($token)) {
$token = $this->request->getPassword();
}
return $token;
}
/**
* Validate a user's credentials.
*
* @param array $credentials
* @return bool
*/
public function validate(array $credentials = []) {
if (empty($credentials[$this->inputKey])) {
return false;
}
if ($this->retrieveByToken($credentials[$this->inputKey])) {
return true;
}
return false;
}
/**
* Set the current request instance.
*
* @param Request $request
* @return $this
*/
public function setRequest(Request $request): self {
$this->request = $request;
return $this;
}
/**
* @param string $token
*
* @return Authenticatable|null
*/
public function retrieveByToken(string $token): ?Authenticatable {
return User::tokens()->where($this->storageKey, $token)->first();
}
}
......@@ -2,11 +2,11 @@
namespace App\Providers;
use App\Guards\ApiGuard;
use Illuminate\Support\Facades\Auth;
use Illuminate\Foundation\Support\Providers\AuthServiceProvider as ServiceProvider;
use Illuminate\Support\Facades\Gate;
class AuthServiceProvider extends ServiceProvider
{
class AuthServiceProvider extends ServiceProvider {
/**
* The policy mappings for the application.
*
......@@ -21,10 +21,15 @@ class AuthServiceProvider extends ServiceProvider
*
* @return void
*/
public function boot()
{
public function boot() {
$this->registerPolicies();
//
// Define guard for the api
Auth::extend(
'api',
static function ($app, $name, array $config) {
return new ApiGuard($app['request']);
}
);
}
}
<?php
namespace App;
use Illuminate\Database\Eloquent\Model;
class Token extends Model
{
//
}
......@@ -3,6 +3,7 @@
namespace App;
use Illuminate\Notifications\Notifiable;
use Illuminate\Database\Eloquent\Relations\HasMany;
use Illuminate\Foundation\Auth\User as Authenticatable;
class User extends Authenticatable {
......@@ -38,4 +39,11 @@ class User extends Authenticatable {
protected $casts = [
'email_verified_at' => 'datetime',
];
/**
* @return HasMany
*/
public function tokens(): HasMany {
return $this->hasMany(Token::class);
}
}
......@@ -42,9 +42,8 @@ return [
],
'api' => [
'driver' => 'token',
'driver' => 'api',
'provider' => 'users',
'hash' => true,
],
'door' => [
......
......@@ -15,8 +15,8 @@ class CreateUserTokensTable extends Migration
{
Schema::create('user_tokens', static function (Blueprint $table) {
$table->bigIncrements('id');
$table->string('name')->nullable()->default(null);
$table->string('api_token');
$table->boolean('web_token')->default(true);
$table->unsignedBigInteger('user_id');
$table->timestamp('expires_at')->nullable();
$table->foreign('user_id')->references('id')->on('users');
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment