bearer middleware
This commit is contained in:
parent
215d2b1290
commit
7ccf0957bf
@ -5,6 +5,7 @@ namespace kernel;
|
||||
|
||||
|
||||
use kernel\helpers\Debug;
|
||||
use kernel\modules\user\models\User;
|
||||
use kernel\services\ModuleService;
|
||||
use Phroute\Phroute\Dispatcher;
|
||||
|
||||
@ -17,6 +18,8 @@ class App
|
||||
|
||||
static Header $header;
|
||||
|
||||
static User $user;
|
||||
|
||||
public ModuleService $moduleService;
|
||||
|
||||
public static Database $db;
|
||||
|
||||
@ -101,6 +101,12 @@ class RestController
|
||||
$this->renderApi($model->toArray());
|
||||
}
|
||||
|
||||
#[NoReturn] public function returnError(int $code): void
|
||||
{
|
||||
http_response_code($code);
|
||||
die('Forbidden');
|
||||
}
|
||||
|
||||
#[NoReturn] protected function renderApi(array $data): void
|
||||
{
|
||||
header("Content-Type: application/json");
|
||||
@ -108,4 +114,6 @@ class RestController
|
||||
exit();
|
||||
}
|
||||
|
||||
|
||||
|
||||
}
|
||||
@ -69,7 +69,7 @@ class AdminConsoleController extends ConsoleController
|
||||
|
||||
$this->optionService->createFromParams(
|
||||
key: "active_modules",
|
||||
value: "{\"modules\":[\"admin_themes\", \"secure\", \"user\"]}",
|
||||
value: "{\"modules\":[\"admin_themes\", \"secure\", \"user\", \"menu\"]}",
|
||||
label: "Активные модули"
|
||||
);
|
||||
$this->out->r("create option active_modules", "green");
|
||||
@ -82,6 +82,25 @@ class AdminConsoleController extends ConsoleController
|
||||
]);
|
||||
$this->out->r("create item menu module", "green");
|
||||
|
||||
$this->menuService->createItem([
|
||||
"label" => "Пользователи",
|
||||
"url" => "#",
|
||||
"slug" => "user",
|
||||
]);
|
||||
$this->menuService->createItem([
|
||||
"label" => "Список",
|
||||
"url" => "/admin/user",
|
||||
"slug" => "user_list",
|
||||
"parent_slug" => "user",
|
||||
]);
|
||||
$this->menuService->createItem([
|
||||
"label" => "Создать",
|
||||
"url" => "/admin/user/create",
|
||||
"slug" => "user_create",
|
||||
"parent_slug" => "user",
|
||||
]);
|
||||
$this->out->r("create item menu user", "green");
|
||||
|
||||
$this->menuService->createItem([
|
||||
"label" => "Настройки",
|
||||
"url" => "#",
|
||||
|
||||
@ -41,8 +41,14 @@ class ModuleController extends AdminController
|
||||
foreach (new DirectoryIterator($dir) as $fileInfo) {
|
||||
$info = [];
|
||||
if($fileInfo->isDot()) continue;
|
||||
$mi = $this->moduleService->getModuleInfo($fileInfo->getPathname());
|
||||
if (isset($mi['show_in_admin'])){
|
||||
if ($mi['show_in_admin'] == 0){
|
||||
continue;
|
||||
}
|
||||
}
|
||||
$info['id'] = $i;
|
||||
$modules_info[] = array_merge($info, $this->moduleService->getModuleInfo($fileInfo->getPathname()));
|
||||
$modules_info[] = array_merge($info, $mi);
|
||||
$i++;
|
||||
}
|
||||
}
|
||||
|
||||
@ -4,7 +4,10 @@ namespace kernel\modules\post\controllers;
|
||||
|
||||
use Illuminate\Database\Eloquent\Model;
|
||||
use JetBrains\PhpStorm\NoReturn;
|
||||
use kernel\App;
|
||||
use kernel\helpers\Debug;
|
||||
use kernel\modules\post\models\Post;
|
||||
use kernel\Request;
|
||||
use kernel\RestController;
|
||||
|
||||
class PostRestController extends RestController
|
||||
@ -19,4 +22,31 @@ class PostRestController extends RestController
|
||||
return ["user"];
|
||||
}
|
||||
|
||||
public function actionIndex(): void
|
||||
{
|
||||
$request = new Request();
|
||||
$page = $request->get('page') ?? 1;
|
||||
$perPage = $request->get('per_page') ?? 10;
|
||||
$query = $this->model->query();
|
||||
if (App::$user){
|
||||
$query->where("user_id", App::$user->id);
|
||||
}
|
||||
|
||||
if ($page > 1) {
|
||||
$query->skip(($page - 1) * $perPage)->take($perPage);
|
||||
} else {
|
||||
$query->take($perPage);
|
||||
}
|
||||
|
||||
$expand = $this->expand();
|
||||
$expandParams = explode( ",", $request->get('expand') ?? "");
|
||||
$finalExpand = array_intersect($expandParams, $expand);
|
||||
if ($finalExpand) {
|
||||
$res = $query->get()->load($finalExpand)->toArray();
|
||||
} else {
|
||||
$res = $query->get()->toArray();
|
||||
}
|
||||
|
||||
$this->renderApi($res);
|
||||
}
|
||||
}
|
||||
@ -4,6 +4,7 @@ use kernel\App;
|
||||
use kernel\CgRouteCollector;
|
||||
use Phroute\Phroute\RouteCollector;
|
||||
|
||||
App::$collector->filter('bearer', [\kernel\modules\secure\middlewares\BearerAuthMiddleware::class, "handler"]);
|
||||
|
||||
App::$collector->group(["prefix" => "admin"], function (RouteCollector $router){
|
||||
App::$collector->group(["before" => "auth"], function (RouteCollector $router) {
|
||||
@ -21,5 +22,7 @@ App::$collector->group(["prefix" => "admin"], function (RouteCollector $router){
|
||||
});
|
||||
|
||||
App::$collector->group(["prefix" => "api"], function (CgRouteCollector $router){
|
||||
$router->rest("post", [\kernel\modules\post\controllers\PostRestController::class]);
|
||||
App::$collector->group(['before' => 'bearer'], function (CgRouteCollector $router){
|
||||
$router->rest("post", [\kernel\modules\post\controllers\PostRestController::class]);
|
||||
});
|
||||
});
|
||||
@ -30,8 +30,6 @@ class SecureRestController extends RestController
|
||||
// $baseUrl .= $_SERVER['REQUEST_URI'];;
|
||||
$jwt = JWT::encode(
|
||||
payload: [
|
||||
"iss" => $baseUrl,
|
||||
"aud" => $baseUrl,
|
||||
"iat" => time(),
|
||||
"exp" => date("Y-m-d H:i:s", strtotime("+30 days"))
|
||||
],
|
||||
|
||||
@ -5,5 +5,6 @@
|
||||
"slug": "secure",
|
||||
"description": "Secure module",
|
||||
"routs": "routs/secure.php",
|
||||
"dependence": "user"
|
||||
"dependence": "user",
|
||||
"show_in_admin": 0
|
||||
}
|
||||
48
kernel/modules/secure/middlewares/BearerAuthMiddleware.php
Normal file
48
kernel/modules/secure/middlewares/BearerAuthMiddleware.php
Normal file
@ -0,0 +1,48 @@
|
||||
<?php
|
||||
|
||||
namespace kernel\modules\secure\middlewares;
|
||||
|
||||
use JetBrains\PhpStorm\NoReturn;
|
||||
use kernel\App;
|
||||
use kernel\helpers\Debug;
|
||||
use kernel\Middleware;
|
||||
use kernel\modules\user\service\UserService;
|
||||
use kernel\Request;
|
||||
|
||||
class BearerAuthMiddleware extends Middleware
|
||||
{
|
||||
protected UserService $userService;
|
||||
|
||||
public function __construct()
|
||||
{
|
||||
$this->userService = new UserService();
|
||||
}
|
||||
|
||||
function handler(): void
|
||||
{
|
||||
$request = new Request();
|
||||
$authorization = $request->getHeader("Authorization");
|
||||
if ($authorization){
|
||||
$authorization = explode(" ", $authorization);
|
||||
$type = $authorization[0];
|
||||
$token = $authorization[1];
|
||||
if ($type === "Bearer"){
|
||||
$user = $this->userService->getByAccessToken($token);
|
||||
if ($user){
|
||||
if ($user->access_token_expires_at > date("Y-m-d")){
|
||||
App::$user = $user;
|
||||
return;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
$this->returnError(403);
|
||||
}
|
||||
|
||||
#[NoReturn] public function returnError(int $code): void
|
||||
{
|
||||
http_response_code($code);
|
||||
die('Forbidden');
|
||||
}
|
||||
}
|
||||
@ -5,6 +5,7 @@ use kernel\CgRouteCollector;
|
||||
use Phroute\Phroute\RouteCollector;
|
||||
|
||||
App::$collector->filter("auth", [\kernel\middlewares\AuthMiddleware::class, "handler"]);
|
||||
App::$collector->filter('bearer', [\kernel\modules\secure\middlewares\BearerAuthMiddleware::class, "handler"]);
|
||||
|
||||
App::$collector->group(["prefix" => "admin"], function (RouteCollector $router){
|
||||
App::$collector->group(["before" => "auth"], function (RouteCollector $router){
|
||||
|
||||
@ -7,5 +7,5 @@
|
||||
"module_class": "kernel\\modules\\user\\UserModule",
|
||||
"module_class_file": "{KERNEL_MODULES}/user/UserModule.php",
|
||||
"routs": "routs/user.php",
|
||||
"dependence": "menu"
|
||||
"dependence": "menu,secure"
|
||||
}
|
||||
@ -7,6 +7,8 @@ use Illuminate\Database\Eloquent\Model;
|
||||
* @property string $username
|
||||
* @property string $email
|
||||
* @property string $password_hash
|
||||
* @property string $access_token
|
||||
* @property string $access_token_expires_at
|
||||
* @method static find($id)
|
||||
*/
|
||||
class User extends Model {
|
||||
@ -15,7 +17,7 @@ class User extends Model {
|
||||
const ADMIN_USER_ROLE = 9;
|
||||
|
||||
protected $table = 'user';
|
||||
protected $fillable = ['username', 'email', 'password_hash', 'role'];
|
||||
protected $fillable = ['username', 'email', 'password_hash', 'role', 'access_token', 'access_token_expires_at'];
|
||||
protected array $dates = ['deleted at'];
|
||||
|
||||
public static function labels(): array
|
||||
@ -24,7 +26,9 @@ class User extends Model {
|
||||
'username' => 'Логин',
|
||||
'email' => 'Email',
|
||||
'created_at' => 'Создан',
|
||||
'updated_at' => 'Обновлен'
|
||||
'updated_at' => 'Обновлен',
|
||||
'access_token' => 'Token',
|
||||
'access_token_expires_at' => 'Token expires at',
|
||||
];
|
||||
}
|
||||
}
|
||||
|
||||
@ -33,6 +33,11 @@ class UserService
|
||||
return false;
|
||||
}
|
||||
|
||||
/**
|
||||
* @param string $field
|
||||
* @param string $value
|
||||
* @return mixed
|
||||
*/
|
||||
public function getByField(string $field, string $value)
|
||||
{
|
||||
return User::where($field, $value)->first();
|
||||
@ -72,4 +77,9 @@ class UserService
|
||||
return '';
|
||||
}
|
||||
|
||||
public function getByAccessToken(string $token)
|
||||
{
|
||||
return $this->getByField("access_token", $token);
|
||||
}
|
||||
|
||||
}
|
||||
@ -3,6 +3,7 @@
|
||||
use kernel\App;
|
||||
use Phroute\Phroute\RouteCollector;
|
||||
|
||||
App::$collector->filter("auth", [\kernel\middlewares\AuthMiddleware::class, "handler"]);
|
||||
|
||||
App::$collector->group(["prefix" => "admin"], function (RouteCollector $router){
|
||||
App::$collector->group(["before" => "auth"], function (RouteCollector $router){
|
||||
|
||||
Loading…
Reference in New Issue
Block a user