|
1
|
|
|
<?php |
|
2
|
|
|
|
|
3
|
|
|
namespace Tymon\JWTAuth\Middleware; |
|
4
|
|
|
|
|
5
|
|
|
use Tymon\JWTAuth\Exceptions\JWTException; |
|
6
|
|
|
use Tymon\JWTAuth\Exceptions\TokenExpiredException; |
|
7
|
|
|
|
|
8
|
|
|
class GetUserFromToken extends BaseMiddleware |
|
9
|
|
|
{ |
|
10
|
|
|
/** |
|
11
|
|
|
* Handle an incoming request. |
|
12
|
|
|
* If an user mode is set I don't check custom |
|
13
|
|
|
* |
|
14
|
|
|
* @param \Illuminate\Http\Request $request |
|
15
|
|
|
* @param \Closure $next |
|
16
|
|
|
* @param String $custom custom claims that must be equals (format: key1-ele1;key2-ele2) |
|
17
|
|
|
* @return mixed |
|
18
|
|
|
*/ |
|
19
|
15 |
|
public function handle($request, \Closure $next, $custom = '') |
|
20
|
|
|
{ |
|
21
|
15 |
|
$custom = $this->convertToArray($custom); |
|
22
|
15 |
|
if($token = $this->auth->setRequest($request)->getToken()) { |
|
23
|
11 |
|
}else if ($this->auth->getUserModel()){ |
|
24
|
|
|
$token = $this->auth->fromUser($this->auth->getUserModel(), $custom); |
|
25
|
|
|
}else { |
|
26
|
3 |
|
return $this->respond('tymon.jwt.absent', 'token_not_provided', 401); |
|
27
|
|
|
} |
|
28
|
|
|
|
|
29
|
|
|
try { |
|
30
|
12 |
|
$user = $this->auth->authenticate($token, $custom); |
|
31
|
10 |
|
} catch (TokenExpiredException $e) { |
|
32
|
3 |
|
return $this->respond('tymon.jwt.expired', 'token_expired', $e->getStatusCode(), [$e]); |
|
33
|
3 |
|
} catch(InvalidClaimException $e) { |
|
|
|
|
|
|
34
|
|
|
return $this->respond('tymon.jwt.invalid', 'claim_invalid', $e->getStatusCode(), [$e]); |
|
35
|
3 |
|
} catch (JWTException $e) { |
|
36
|
3 |
|
return $this->respond('tymon.jwt.invalid', 'token_invalid', $e->getStatusCode(), [$e]); |
|
37
|
|
|
} |
|
38
|
|
|
|
|
39
|
6 |
|
if (! $user) { |
|
40
|
3 |
|
return $this->respond('tymon.jwt.user_not_found', 'user_not_found', 404); |
|
41
|
|
|
} |
|
42
|
|
|
|
|
43
|
3 |
|
$this->events->fire('tymon.jwt.valid', $user); |
|
44
|
|
|
|
|
45
|
3 |
|
return $next($request); |
|
46
|
|
|
} |
|
47
|
|
|
} |
|
48
|
|
|
|
thecsea /
jwt-auth
Scrutinizer analyzes your
composer.json/composer.lockfile if available to determine the classes, and functions that are defined by your dependencies.It seems like the listed class was neither found in your dependencies, nor was it found in the analyzed files in your repository. If you are using some other form of dependency management, you might want to disable this analysis.