AuthMiddleware for octobercms

BaseMutation.php

<?php namespace;

use BackendAuth, Exception, ValidationException;
use Rebing\GraphQL\Support\Mutation;

class BaseMutation extends Mutation
{
    /**
     * Permission required access to mutation
     * @var array
     */
    protected $permissions;

    /**
     * Check mutation permission
     * @param  array  $args
     * @return boolean
     */
    public function authorize(array $args)
    {
        if (! $this->permissions) return true;

        $user = BackendAuth::getUser();
        return $user->hasAnyAccess($this->permissions);
    }

    /**
     * @param mixed $except
     * @throws Exception
     */
    protected function exception($except)
    {
        throw new Exception($except);
    }

    /**
     * @param $except
     * @throws ValidationException
     */
    protected function validationException($except)
    {
        throw new ValidationException($except);
    }
}

BaseQuery.php

<?php namespace;

use BackendAuth, Exception, ValidationException;
use Rebing\GraphQL\Support\Query;

class BaseQuery extends Query
{
    /**
     * Permission required access to query
     * @var array
     */
    protected $permissions;

    /**
     * Check mutation permission
     * @param  array  $args
     * @return boolean
     */
    public function authorize(array $args)
    {
        if (! $this->permissions) return true;

        $user = BackendAuth::getUser();
        return $user->hasAnyAccess($this->permissions);
    }

    /**
     * @param mixed $except
     * @throws Exception
     */
    protected function exception($except)
    {
        throw new Exception($except);
    }

    /**
     * @param $except
     * @throws ValidationException
     */
    protected function validationException($except)
    {
        throw new ValidationException($except);
    }
}

index.php

<?php namespace;

use BackendAuth;
use Tymon\JWTAuth\Exceptions\JWTException;
use Tymon\JWTAuth\Exceptions\TokenExpiredException;
use Tymon\JWTAuth\Middleware\BaseMiddleware;

/**
 * Class AuthMiddleware
 */
class AuthMiddleware extends BaseMiddleware
{
    const DEFAULT_ERROR_CODE = 403;

    /**
     * Handle an incoming request.
     *
     * @param  \Illuminate\Http\Request  $request
     * @param  \Closure  $next
     * @return mixed
     */
    public function handle($request, \Closure $next)
    {
        if ($request->method() === 'OPTIONS') {
            return $next($request);
        }

        if (! $token = $request->header('token')) {
            if (! $token = $this->auth->setRequest($request)->getToken()) {
                return $this->respond('tymon.jwt.absent', 'token_not_provided', self::DEFAULT_ERROR_CODE);
            }
        }

        try {
            $user = $this->auth->authenticate($token);
        } catch (TokenExpiredException $e) {
            return $this->respond('tymon.jwt.expired', 'token_expired', self::DEFAULT_ERROR_CODE, [$e]);
        } catch (JWTException $e) {
            return $this->respond('tymon.jwt.invalid', 'token_invalid', self::DEFAULT_ERROR_CODE, [$e]);
        }

        if (! $user) {
            return $this->respond('tymon.jwt.user_not_found', 'user_not_found', self::DEFAULT_ERROR_CODE);
        }

        BackendAuth::setUser($user);
        $this->events->fire('tymon.jwt.valid', $user);

        return $next($request);
    }
}