From 968371e5600b38c60e3b7ddb5d9f536625962b12 Mon Sep 17 00:00:00 2001
From: dakriy <git@persignum.com>
Date: Fri, 21 Feb 2020 16:26:21 -0800
Subject: [PATCH] start on integrating saml auth

---
 src/web/backend/app/Guards/ApiGuard.php       |  4 ++++
 .../app/Http/Controllers/AuthController.php   | 20 ++++++++++++-------
 .../app/Http/Middleware/EncryptCookies.php    |  2 +-
 .../Users/Authenticate/APIPresenter.php       |  2 ++
 4 files changed, 20 insertions(+), 8 deletions(-)

diff --git a/src/web/backend/app/Guards/ApiGuard.php b/src/web/backend/app/Guards/ApiGuard.php
index 7ed3a330..7eda4777 100644
--- a/src/web/backend/app/Guards/ApiGuard.php
+++ b/src/web/backend/app/Guards/ApiGuard.php
@@ -93,6 +93,10 @@ class ApiGuard implements Guard {
             $token = $this->request->getPassword();
         }
 
+        if (empty($token)) {
+            $token = $this->request->cookie($this->inputKey);
+        }
+
         return $token;
     }
 
diff --git a/src/web/backend/app/Http/Controllers/AuthController.php b/src/web/backend/app/Http/Controllers/AuthController.php
index 6ebb7083..615224ce 100644
--- a/src/web/backend/app/Http/Controllers/AuthController.php
+++ b/src/web/backend/app/Http/Controllers/AuthController.php
@@ -11,8 +11,7 @@ use Source\Exceptions\EntityNotFoundException;
 use Source\UseCases\Users\Authenticate\APIPresenter;
 use Source\UseCases\Users\Authenticate\AuthenticateUseCase;
 
-class AuthController extends ApiController
-{
+class AuthController extends ApiController {
     protected Request $request;
 
     public function __construct(Request $request) {
@@ -27,10 +26,13 @@ class AuthController extends ApiController
      * @throws EntityNotFoundException
      */
     public function login(AuthenticateUseCase $authenticateUseCase): JsonResponse {
-        $this->validate($this->request, [
-            'email' => 'required',
-            'password' => 'required'
-        ]);
+        $this->validate(
+            $this->request,
+            [
+                'email' => 'required',
+                'password' => 'required',
+            ]
+        );
 
         $presenter = new APIPresenter();
 
@@ -40,6 +42,10 @@ class AuthController extends ApiController
             throw new AuthenticationException();
         }
 
-        return $this->respondWithData($presenter->getViewModel());
+        return $this->respondWithData($presenter->getViewModel())->cookie(
+            'api_token',
+            $presenter->getViewModel()['token']['value'],
+            $presenter->getViewModel()['token']['minutes']
+        );
     }
 }
diff --git a/src/web/backend/app/Http/Middleware/EncryptCookies.php b/src/web/backend/app/Http/Middleware/EncryptCookies.php
index 033136ad..2c0d327f 100644
--- a/src/web/backend/app/Http/Middleware/EncryptCookies.php
+++ b/src/web/backend/app/Http/Middleware/EncryptCookies.php
@@ -12,6 +12,6 @@ class EncryptCookies extends Middleware
      * @var array
      */
     protected $except = [
-        //
+        'api_token',
     ];
 }
diff --git a/src/web/backend/src/UseCases/Users/Authenticate/APIPresenter.php b/src/web/backend/src/UseCases/Users/Authenticate/APIPresenter.php
index 19418ba4..4bdd4452 100644
--- a/src/web/backend/src/UseCases/Users/Authenticate/APIPresenter.php
+++ b/src/web/backend/src/UseCases/Users/Authenticate/APIPresenter.php
@@ -2,6 +2,7 @@
 
 namespace Source\UseCases\Users\Authenticate;
 
+use Carbon\Carbon;
 use Source\UseCases\BasePresenter;
 
 class APIPresenter extends BasePresenter implements Presenter {
@@ -16,6 +17,7 @@ class APIPresenter extends BasePresenter implements Presenter {
         $this->viewModel['token'] = [
             'value' => $token->getTokenString(),
             'expires_at' => $this->formatDateTime($token->getExpiresAt()),
+            'minutes' => Carbon::now()->minutesUntil($token->getExpiresAt()),
         ];
     }
 
-- 
GitLab