Skip to content

Instantly share code, notes, and snippets.

@rtrudel

rtrudel/Mobile.php Secret

Last active October 2, 2020 16:50
Show Gist options
  • Star 1 You must be signed in to star a gist
  • Fork 1 You must be signed in to fork a gist
  • Save rtrudel/49b96ebc93bfd6774ebbe841426e4b6c to your computer and use it in GitHub Desktop.
Save rtrudel/49b96ebc93bfd6774ebbe841426e4b6c to your computer and use it in GitHub Desktop.
Download ZIP
Mobile JWT for Craft CMS (work in progress)
Raw
Mobile.php
<?php
// services/Mobile.php
namespace modules\sitemodule\services;
use modules\sitemodule\SiteModule;
use Craft;
use craft\elements\User;
use craft\errors\UserNotFoundException;
use ReallySimpleJWT\Parse;
use ReallySimpleJWT\Jwt;
use ReallySimpleJWT\Validate;
use ReallySimpleJWT\Encode;
use ReallySimpleJWT\Token;
class Mobile extends Component
{
private $secret = '@@MySecretKey***123';
public function tokenCreate($userId, $expiration, $issuer){
return Token::create($userId, $this->secret, $expiration, $issuer);
}
public function tokenValidate($token){
$jwt = new Jwt($token, $this->secret);
$parse = new Parse($jwt, new Validate(), new Encode());
$parsed = $parse->validate()
->validateExpiration()
->parse();
// Return the token header claims as an associative array.
$header = $parsed->getHeader();
// Return the token payload claims as an associative array.
$payload = $parsed->getPayload();
$userId = $payload['user_id'];
if ($userId){
$user = User::find()->id($userId)->one();
if ($user){
return $user;
}else{
throw new \yii\web\ForbiddenHttpException('Cannot authenticate user.');
}
}else{
throw new \yii\web\ForbiddenHttpException('user_id param not found.');
}
return false;
}
// other actions here to get entries or do some stuff with Craft data, avoiding CSRF
}
Raw
MobileController.php
<?php
// controllers/MobileCOntroller.php
namespace modules\sitemodule\controllers;
use modules\sitemodule\SiteModule;
use Craft;
use craft\web\Controller;
use yii\web\BadRequestHttpException;
class MobileController extends Controller
{
public function actionLogin(){
$this->requirePostRequest();
$loginName = Craft::$app->request->post('loginName');
$password = Craft::$app->request->post('password');
if (!$loginName){
throw new \yii\web\ForbiddenHttpException('Missing credentials!');
}
$user = Craft::$app->getUsers()->getUserByUsernameOrEmail($loginName);
if (!$user){
throw new \yii\web\ForbiddenHttpException('Invalid credentials!');
}
if (!$user->authenticate($password)){
throw new \yii\web\ForbiddenHttpException('Invalid credentials!');
}
$userId = $user->id;
$expiration = strtotime(date("Y-m-d", time()) . " + 20 year");
$issuer = 'localhost';
$token = SiteModule::$instance->mobile->tokenCreate($userId, $expiration, $issuer);
$request = Craft::$app->getRequest();
$output=[
'token' => $token,
'csrfTokenValue' => $request->getCsrfToken(), // SEEMS NOT RIGHT
'csrfTokenName' => Craft::$app->config->general->csrfTokenName,
'user' =>[
'id' => $user->id,
'email' => $user->email,
]
];
return $this->asJson($output);
}
public function actionLostpassword(){
$this->requirePostRequest();
$loginName = Craft::$app->request->post('loginName');
if (!$loginName){
throw new \yii\web\ForbiddenHttpException('Missing email/username!');
}
$user = Craft::$app->getUsers()->getUserByUsernameOrEmail($loginName);
if (!$user){
throw new \yii\web\ForbiddenHttpException('Error occured');
}
$output=[
'sent' => Craft::$app->getUsers()->sendPasswordResetEmail($user),
'user' =>[
'id' => $user->id,
'email' => $user->email,
]
];
return $this->asJson($output);
}
// ...
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment