Skip to content

Instantly share code, notes, and snippets.

@iolson

iolson/AuthenticateController.php

Last active December 4, 2022 23:24
Show Gist options
  • Star 24 You must be signed in to star a gist
  • Fork 9 You must be signed in to fork a gist
  • Save iolson/8a4c6d689a334f6de48e to your computer and use it in GitHub Desktop.
Save iolson/8a4c6d689a334f6de48e to your computer and use it in GitHub Desktop.
Download ZIP
SentinelAuthAdapter for using Tymon\JWTAuth with Cartalyst\Sentinel
Raw
AuthenticateController.php
<?php namespace App\Http\Controllers\Api\V1;
use App\Http\Controllers\Controller;
use App\Http\Requests;
use Illuminate\Http\Request;
use Tymon\JWTAuth\Facades\JWTAuth;
use Tymon\JWTAuth\Exceptions\JWTException;
class AuthenticateController extends Controller
{
/**
* @param Request $request
* @return \Symfony\Component\HttpFoundation\Response
*/
public function authenticate(Request $request)
{
// grab credentials from the request
$credentials = $request->only('email', 'password');
try {
// attempt to verify the credentials and create a token for the user
if (!$token = JWTAuth::attempt($credentials)) {
return response()->json(['error' => 'invalid_credentials'], 401);
}
} catch (JWTException $e) {
// something went wrong whilst attempting to encode the token
return response()->json(['error' => 'could_not_create_token'], 500);
}
// all good so return the token
return response()->json(compact('token'));
}
}
Raw
jwt.php
<?php
return [
/*
|--------------------------------------------------------------------------
| JWT Authentication Secret
|--------------------------------------------------------------------------
|
| Don't forget to set this, as it will be used to sign your tokens.
| A helper command is provided for this: `php artisan jwt:generate`
|
*/
'secret' => env('JWT_SECRET', 'changeme'),
/*
|--------------------------------------------------------------------------
| JWT time to live
|--------------------------------------------------------------------------
|
| Specify the length of time (in minutes) that the token will be valid for.
| Defaults to 1 hour
|
*/
'ttl' => 60,
/*
|--------------------------------------------------------------------------
| Refresh time to live
|--------------------------------------------------------------------------
|
| Specify the length of time (in minutes) that the token can be refreshed
| within. I.E. The user can refresh their token within a 2 week window of
| the original token being created until they must re-authenticate.
| Defaults to 2 weeks
|
*/
'refresh_ttl' => 20160,
/*
|--------------------------------------------------------------------------
| JWT hashing algorithm
|--------------------------------------------------------------------------
|
| Specify the hashing algorithm that will be used to sign the token.
|
| See here: https://github.com/namshi/jose/tree/2.2.0/src/Namshi/JOSE/Signer
| for possible values
|
*/
'algo' => 'HS256',
/*
|--------------------------------------------------------------------------
| User Model namespace
|--------------------------------------------------------------------------
|
| Specify the full namespace to your User model.
| e.g. 'Acme\Entities\User'
|
*/
'user' => 'App\User',
/*
|--------------------------------------------------------------------------
| User identifier
|--------------------------------------------------------------------------
|
| Specify a unique property of the user that will be added as the 'sub'
| claim of the token payload.
|
*/
'identifier' => 'id',
/*
|--------------------------------------------------------------------------
| Required Claims
|--------------------------------------------------------------------------
|
| Specify the required claims that must exist in any token.
| A TokenInvalidException will be thrown if any of these claims are not
| present in the payload.
|
*/
'required_claims' => ['iss', 'iat', 'exp', 'nbf', 'sub', 'jti'],
/*
|--------------------------------------------------------------------------
| Blacklist Enabled
|--------------------------------------------------------------------------
|
| In order to invalidate tokens, you must have the the blacklist enabled.
| If you do not want or need this functionality, then set this to false.
|
*/
'blacklist_enabled' => env('JWT_BLACKLIST_ENABLED', true),
/*
|--------------------------------------------------------------------------
| Providers
|--------------------------------------------------------------------------
|
| Specify the various providers used throughout the package.
|
*/
'providers' => [
/*
|--------------------------------------------------------------------------
| User Provider
|--------------------------------------------------------------------------
|
| Specify the provider that is used to find the user based
| on the subject claim
|
*/
'user' => 'Tymon\JWTAuth\Providers\User\EloquentUserAdapter',
/*
|--------------------------------------------------------------------------
| JWT Provider
|--------------------------------------------------------------------------
|
| Specify the provider that is used to create and decode the tokens.
|
*/
'jwt' => 'Tymon\JWTAuth\Providers\JWT\NamshiAdapter',
/*
|--------------------------------------------------------------------------
| Authentication Provider
|--------------------------------------------------------------------------
|
| Specify the provider that is used to authenticate users.
|
*/
'auth' => function ($app) {
return new \App\Http\Repositories\Auth\SentinelAuthAdapter($app['auth']);
},
/*
|--------------------------------------------------------------------------
| Storage Provider
|--------------------------------------------------------------------------
|
| Specify the provider that is used to store tokens in the blacklist
|
*/
'storage' => function ($app) {
return new Tymon\JWTAuth\Providers\Storage\IlluminateCacheAdapter($app['cache']);
}
]
];
Raw
SentinelAuthAdapter.php
<?php namespace App\Http\Repositories\Auth;
use Exception;
use Cartalyst\Sentinel\Laravel\Facades\Sentinel;
use Cartalyst\Sentinel\Users\UserInterface;
use Tymon\JWTAuth\Providers\Auth\AuthInterface;
class SentinelAuthAdapter implements AuthInterface
{
/**
* Check a user's credentials
*
* @param array $credentials
* @return bool
*/
public function byCredentials(array $credentials = [])
{
try {
$user = Sentinel::authenticate($credentials);
return $user instanceof UserInterface;
} catch (Exception $e) {
return false;
}
}
/**
* Authenticate a user via the id
*
* @param mixed $id
* @return bool
*/
public function byId($id)
{
try {
$user = Sentinel::findById($id);
Sentinel::login($user);
return $user instanceof UserInterface && Sentinel::check();
} catch (Exception $e) {
return false;
}
}
/**
* Get the currently authenticated user
*
* @return mixed
*/
public function user()
{
return Sentinel::getUser();
}
}
@chilio
Copy link

chilio commented Nov 14, 2017

unfortunately same here @ngelrojas with laravel 5.5 and sentinel

@imadHafsi
Copy link

The same problem @ngelrojas any solution

@parisaentezami
Copy link

I had same problem and by implementing AuthInterface in SentinelAuthAdapter and using Setinel as AuthManager in it's construct function, problem solved.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment