1 | <?php |
||
16 | class TokenController extends BaseController |
||
17 | { |
||
18 | const TOKEN_TYPE = 'Bearer'; |
||
19 | |||
20 | /** |
||
21 | * @api {post} /token Получение токена |
||
22 | * @apiName CreateToken |
||
23 | * @apiGroup Token |
||
24 | * |
||
25 | * @apiDescription Метод для получения авторизационного токена. Токен необходим для выполнения запросов к АПИ. |
||
26 | * Полученный токен отправляется в заголовке запроса: |
||
27 | * <br/> |
||
28 | * <strong>Authorization: Bearer xxxxxxxxxxxxxxxxxxxxxxxxxxxxx</strong> |
||
29 | * |
||
30 | * @apiHeader {String} Content-Type application/vnd.api+json <br/> application/json |
||
31 | * |
||
32 | * @apiParam {String} username Логин |
||
33 | * @apiParam {String} password Пароль |
||
34 | * |
||
35 | * @apiParamExample {json} Пример запроса: |
||
36 | * { |
||
37 | * "data":{ |
||
38 | * "attributes":{ |
||
39 | * "username":"[email protected]", |
||
40 | * "password": "qwerty" |
||
41 | * } |
||
42 | * } |
||
43 | * } |
||
44 | * |
||
45 | * @apiSuccessExample {json} Успешно (200) |
||
46 | * HTTP/1.1 200 OK |
||
47 | * { |
||
48 | * "access_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOmZhbHNlLCJhdWQiOiJza2VsZXRvbi5kZXYiLCJpYXQiOjE0NzY0Mjk4NjksImV4cCI6MTQ3NjQzMzQ2OX0.NJn_-lK28kEZyZqygLr6B-FZ2zC2-1unStayTGicP5g", |
||
49 | * "expires_in": 3600, |
||
50 | * "token_type": "Bearer", |
||
51 | * "refresh_token": "092ea7e36f6b9bf462cb3ca1f6f86b80" |
||
52 | * } |
||
53 | * |
||
54 | * @apiUse StandardErrors |
||
55 | */ |
||
56 | /** |
||
57 | * @param Request $request |
||
58 | * @param Response $response |
||
59 | * |
||
60 | * @return \Psr\Http\Message\ResponseInterface |
||
61 | * @throws JsonException |
||
62 | */ |
||
63 | public function getToken(Request $request, Response $response) |
||
77 | |||
78 | /** |
||
79 | * @api {post} /refresh-token Обновление токена |
||
80 | * @apiName RefreshToken |
||
81 | * @apiGroup Token |
||
82 | * |
||
83 | * @apiDescription Метод для обновления access_token по refresh_token |
||
84 | * |
||
85 | * @apiHeader {String} Content-Type application/vnd.api+json <br/> application/json |
||
86 | * |
||
87 | * @apiParam {String} refresh_token Токен для обновления |
||
88 | * |
||
89 | * @apiParamExample {json} Пример запроса: |
||
90 | * { |
||
91 | * "data":{ |
||
92 | * "attributes":{ |
||
93 | * "refresh_token":"092ea7e36f6b9bf462cb3ca1f6f86b80" |
||
94 | * } |
||
95 | * } |
||
96 | * } |
||
97 | * |
||
98 | * @apiSuccessExample {json} Успешно (200) |
||
99 | * HTTP/1.1 200 OK |
||
100 | * { |
||
101 | * "access_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOmZhbHNlLCJhdWQiOiJza2VsZXRvbi5kZXYiLCJpYXQiOjE0NzY0Mjk4NjksImV4cCI6MTQ3NjQzMzQ2OX0.NJn_-lK28kEZyZqygLr6B-FZ2zC2-1unStayTGicP5g", |
||
102 | * "expires_in": 3600, |
||
103 | * "token_type": "Bearer", |
||
104 | * "refresh_token": "092ea7e36f6b9bf462cb3ca1f6f86b80" |
||
105 | * } |
||
106 | * |
||
107 | * @apiUse StandardErrors |
||
108 | */ |
||
109 | |||
110 | /** |
||
111 | * @param Request $request |
||
112 | * @param Response $response |
||
113 | * |
||
114 | * @return \Psr\Http\Message\ResponseInterface |
||
115 | * @throws JsonException |
||
116 | */ |
||
117 | public function refreshToken(Request $request, Response $response) |
||
131 | |||
132 | /** |
||
133 | * @param Request $request |
||
134 | * @param Response $response |
||
135 | * @param User $user |
||
136 | * @return \Psr\Http\Message\ResponseInterface |
||
137 | */ |
||
138 | protected function buildTokens(Request $request, Response $response, User $user) |
||
159 | |||
160 | /** |
||
161 | * @throws JsonException |
||
162 | */ |
||
163 | protected function failUnknownUser() |
||
167 | |||
168 | /** |
||
169 | * @throws JsonException |
||
170 | */ |
||
171 | protected function failUnknownToken() |
||
175 | } |
||
176 |
Unless you are absolutely sure that the expression can never be null because of other conditions, we strongly recommend to add an additional type check to your code: