-
-
Save rtrudel/49b96ebc93bfd6774ebbe841426e4b6c to your computer and use it in GitHub Desktop.
Mobile JWT for Craft CMS (work in progress)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
// services/Mobile.php | |
namespace modules\sitemodule\services; | |
use modules\sitemodule\SiteModule; | |
use Craft; | |
use craft\elements\User; | |
use craft\errors\UserNotFoundException; | |
use ReallySimpleJWT\Parse; | |
use ReallySimpleJWT\Jwt; | |
use ReallySimpleJWT\Validate; | |
use ReallySimpleJWT\Encode; | |
use ReallySimpleJWT\Token; | |
class Mobile extends Component | |
{ | |
private $secret = '@@MySecretKey***123'; | |
public function tokenCreate($userId, $expiration, $issuer){ | |
return Token::create($userId, $this->secret, $expiration, $issuer); | |
} | |
public function tokenValidate($token){ | |
$jwt = new Jwt($token, $this->secret); | |
$parse = new Parse($jwt, new Validate(), new Encode()); | |
$parsed = $parse->validate() | |
->validateExpiration() | |
->parse(); | |
// Return the token header claims as an associative array. | |
$header = $parsed->getHeader(); | |
// Return the token payload claims as an associative array. | |
$payload = $parsed->getPayload(); | |
$userId = $payload['user_id']; | |
if ($userId){ | |
$user = User::find()->id($userId)->one(); | |
if ($user){ | |
return $user; | |
}else{ | |
throw new \yii\web\ForbiddenHttpException('Cannot authenticate user.'); | |
} | |
}else{ | |
throw new \yii\web\ForbiddenHttpException('user_id param not found.'); | |
} | |
return false; | |
} | |
// other actions here to get entries or do some stuff with Craft data, avoiding CSRF | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
// controllers/MobileCOntroller.php | |
namespace modules\sitemodule\controllers; | |
use modules\sitemodule\SiteModule; | |
use Craft; | |
use craft\web\Controller; | |
use yii\web\BadRequestHttpException; | |
class MobileController extends Controller | |
{ | |
public function actionLogin(){ | |
$this->requirePostRequest(); | |
$loginName = Craft::$app->request->post('loginName'); | |
$password = Craft::$app->request->post('password'); | |
if (!$loginName){ | |
throw new \yii\web\ForbiddenHttpException('Missing credentials!'); | |
} | |
$user = Craft::$app->getUsers()->getUserByUsernameOrEmail($loginName); | |
if (!$user){ | |
throw new \yii\web\ForbiddenHttpException('Invalid credentials!'); | |
} | |
if (!$user->authenticate($password)){ | |
throw new \yii\web\ForbiddenHttpException('Invalid credentials!'); | |
} | |
$userId = $user->id; | |
$expiration = strtotime(date("Y-m-d", time()) . " + 20 year"); | |
$issuer = 'localhost'; | |
$token = SiteModule::$instance->mobile->tokenCreate($userId, $expiration, $issuer); | |
$request = Craft::$app->getRequest(); | |
$output=[ | |
'token' => $token, | |
'csrfTokenValue' => $request->getCsrfToken(), // SEEMS NOT RIGHT | |
'csrfTokenName' => Craft::$app->config->general->csrfTokenName, | |
'user' =>[ | |
'id' => $user->id, | |
'email' => $user->email, | |
] | |
]; | |
return $this->asJson($output); | |
} | |
public function actionLostpassword(){ | |
$this->requirePostRequest(); | |
$loginName = Craft::$app->request->post('loginName'); | |
if (!$loginName){ | |
throw new \yii\web\ForbiddenHttpException('Missing email/username!'); | |
} | |
$user = Craft::$app->getUsers()->getUserByUsernameOrEmail($loginName); | |
if (!$user){ | |
throw new \yii\web\ForbiddenHttpException('Error occured'); | |
} | |
$output=[ | |
'sent' => Craft::$app->getUsers()->sendPasswordResetEmail($user), | |
'user' =>[ | |
'id' => $user->id, | |
'email' => $user->email, | |
] | |
]; | |
return $this->asJson($output); | |
} | |
// ... | |
} | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment