|
1
|
|
|
<?php |
|
2
|
|
|
|
|
3
|
|
|
namespace plunner\Http\Middleware; |
|
4
|
|
|
|
|
5
|
|
|
use Doctrine\Common\Util\Debug; |
|
6
|
|
|
use Log; |
|
7
|
|
|
use Tymon\JWTAuth\Exceptions\JWTException; |
|
8
|
|
|
use Tymon\JWTAuth\Exceptions\TokenExpiredException; |
|
9
|
|
|
|
|
10
|
|
|
class GetUserAndRefresh extends BaseMiddleware |
|
11
|
|
|
{ |
|
12
|
|
|
/** |
|
13
|
|
|
* Handle an incoming request. |
|
14
|
|
|
* If an user mode is set I don't check custom |
|
15
|
|
|
* |
|
16
|
|
|
* @param \Illuminate\Http\Request $request |
|
17
|
|
|
* @param \Closure $next |
|
18
|
|
|
* @param String $custom custom claims that must be equals (format: key1-ele1;key2-ele2) |
|
19
|
|
|
* @return mixed |
|
20
|
|
|
*/ |
|
21
|
2 |
|
public function handle($request, \Closure $next, $custom = '') |
|
22
|
|
|
{ |
|
23
|
2 |
|
$custom = $this->convertToArray($custom); |
|
24
|
2 |
|
$headers = $request->headers->all(); |
|
25
|
2 |
|
foreach($headers as $header) |
|
26
|
2 |
|
Log::info('header: '.implode('-',$header)); |
|
27
|
|
|
|
|
28
|
2 |
|
if($token = $this->auth->setRequest($request)->getToken()) { |
|
|
|
|
|
|
29
|
2 |
|
}else if ($this->auth->getUserModel()){ |
|
30
|
1 |
|
$token = $this->auth->fromUser($this->auth->getUserModel(), $custom); |
|
31
|
1 |
|
}else { |
|
32
|
1 |
|
return $this->respond('tymon.jwt.absent', 'token_not_provided', 401); |
|
33
|
|
|
} |
|
34
|
|
|
|
|
35
|
|
|
try { |
|
36
|
1 |
|
$user = $this->auth->authenticate($token, $custom); |
|
37
|
1 |
|
} catch (TokenExpiredException $e) { |
|
38
|
|
|
return $this->respond('tymon.jwt.expired', 'token_expired', $e->getStatusCode(), [$e]); |
|
39
|
|
|
} catch(InvalidClaimException $e) { |
|
|
|
|
|
|
40
|
|
|
return $this->respond('tymon.jwt.invalid', 'claim_invalid', $e->getStatusCode(), [$e]); |
|
41
|
|
|
} catch (JWTException $e) { |
|
42
|
|
|
return $this->respond('tymon.jwt.invalid', 'token_invalid', $e->getStatusCode(), [$e]); |
|
43
|
|
|
} |
|
44
|
|
|
|
|
45
|
1 |
|
if (! $user) { |
|
46
|
|
|
return $this->respond('tymon.jwt.user_not_found', 'user_not_found', 404); |
|
47
|
|
|
} |
|
48
|
|
|
|
|
49
|
|
|
/** |
|
50
|
|
|
* refresh |
|
51
|
|
|
*/ |
|
52
|
|
|
|
|
53
|
1 |
|
$response = $next($request); |
|
54
|
|
|
|
|
55
|
|
|
|
|
56
|
1 |
|
$this->events->fire('tymon.jwt.valid', $user); |
|
57
|
|
|
|
|
58
|
|
|
try { |
|
59
|
1 |
|
$newToken = $this->auth->refresh($token, $custom); |
|
60
|
1 |
|
} catch (TokenExpiredException $e) { |
|
61
|
|
|
return $this->respond('tymon.jwt.expired', 'token_expired', $e->getStatusCode(), [$e]); |
|
62
|
|
|
} catch (JWTException $e) { |
|
63
|
|
|
return $this->respond('tymon.jwt.invalid', 'token_invalid', $e->getStatusCode(), [$e]); |
|
64
|
|
|
} |
|
65
|
|
|
|
|
66
|
|
|
// send the refreshed token back to the client |
|
67
|
1 |
|
$response->headers->set('Authorization', 'Bearer ' . $newToken); |
|
68
|
|
|
|
|
69
|
1 |
|
return $response; |
|
70
|
|
|
} |
|
71
|
|
|
} |
|
72
|
|
|
|
dsd-meetme /
backend
Loading history...
This check looks for the bodies of
ifstatements that have no statements or where all statements have been commented out. This may be the result of changes for debugging or the code may simply be obsolete.These
ifbodies can be removed. If you have an empty if but statements in theelsebranch, consider inverting the condition.could be turned into
This is much more concise to read.