bearer middleware

This commit is contained in:
Kavalar 2024-10-22 11:09:35 +03:00
parent 215d2b1290
commit 7ccf0957bf
14 changed files with 141 additions and 9 deletions

View File

@ -5,6 +5,7 @@ namespace kernel;
use kernel\helpers\Debug; use kernel\helpers\Debug;
use kernel\modules\user\models\User;
use kernel\services\ModuleService; use kernel\services\ModuleService;
use Phroute\Phroute\Dispatcher; use Phroute\Phroute\Dispatcher;
@ -17,6 +18,8 @@ class App
static Header $header; static Header $header;
static User $user;
public ModuleService $moduleService; public ModuleService $moduleService;
public static Database $db; public static Database $db;

View File

@ -101,6 +101,12 @@ class RestController
$this->renderApi($model->toArray()); $this->renderApi($model->toArray());
} }
#[NoReturn] public function returnError(int $code): void
{
http_response_code($code);
die('Forbidden');
}
#[NoReturn] protected function renderApi(array $data): void #[NoReturn] protected function renderApi(array $data): void
{ {
header("Content-Type: application/json"); header("Content-Type: application/json");
@ -108,4 +114,6 @@ class RestController
exit(); exit();
} }
} }

View File

@ -69,7 +69,7 @@ class AdminConsoleController extends ConsoleController
$this->optionService->createFromParams( $this->optionService->createFromParams(
key: "active_modules", key: "active_modules",
value: "{\"modules\":[\"admin_themes\", \"secure\", \"user\"]}", value: "{\"modules\":[\"admin_themes\", \"secure\", \"user\", \"menu\"]}",
label: "Активные модули" label: "Активные модули"
); );
$this->out->r("create option active_modules", "green"); $this->out->r("create option active_modules", "green");
@ -82,6 +82,25 @@ class AdminConsoleController extends ConsoleController
]); ]);
$this->out->r("create item menu module", "green"); $this->out->r("create item menu module", "green");
$this->menuService->createItem([
"label" => "Пользователи",
"url" => "#",
"slug" => "user",
]);
$this->menuService->createItem([
"label" => "Список",
"url" => "/admin/user",
"slug" => "user_list",
"parent_slug" => "user",
]);
$this->menuService->createItem([
"label" => "Создать",
"url" => "/admin/user/create",
"slug" => "user_create",
"parent_slug" => "user",
]);
$this->out->r("create item menu user", "green");
$this->menuService->createItem([ $this->menuService->createItem([
"label" => "Настройки", "label" => "Настройки",
"url" => "#", "url" => "#",

View File

@ -41,8 +41,14 @@ class ModuleController extends AdminController
foreach (new DirectoryIterator($dir) as $fileInfo) { foreach (new DirectoryIterator($dir) as $fileInfo) {
$info = []; $info = [];
if($fileInfo->isDot()) continue; if($fileInfo->isDot()) continue;
$mi = $this->moduleService->getModuleInfo($fileInfo->getPathname());
if (isset($mi['show_in_admin'])){
if ($mi['show_in_admin'] == 0){
continue;
}
}
$info['id'] = $i; $info['id'] = $i;
$modules_info[] = array_merge($info, $this->moduleService->getModuleInfo($fileInfo->getPathname())); $modules_info[] = array_merge($info, $mi);
$i++; $i++;
} }
} }

View File

@ -4,7 +4,10 @@ namespace kernel\modules\post\controllers;
use Illuminate\Database\Eloquent\Model; use Illuminate\Database\Eloquent\Model;
use JetBrains\PhpStorm\NoReturn; use JetBrains\PhpStorm\NoReturn;
use kernel\App;
use kernel\helpers\Debug;
use kernel\modules\post\models\Post; use kernel\modules\post\models\Post;
use kernel\Request;
use kernel\RestController; use kernel\RestController;
class PostRestController extends RestController class PostRestController extends RestController
@ -19,4 +22,31 @@ class PostRestController extends RestController
return ["user"]; return ["user"];
} }
public function actionIndex(): void
{
$request = new Request();
$page = $request->get('page') ?? 1;
$perPage = $request->get('per_page') ?? 10;
$query = $this->model->query();
if (App::$user){
$query->where("user_id", App::$user->id);
}
if ($page > 1) {
$query->skip(($page - 1) * $perPage)->take($perPage);
} else {
$query->take($perPage);
}
$expand = $this->expand();
$expandParams = explode( ",", $request->get('expand') ?? "");
$finalExpand = array_intersect($expandParams, $expand);
if ($finalExpand) {
$res = $query->get()->load($finalExpand)->toArray();
} else {
$res = $query->get()->toArray();
}
$this->renderApi($res);
}
} }

View File

@ -4,6 +4,7 @@ use kernel\App;
use kernel\CgRouteCollector; use kernel\CgRouteCollector;
use Phroute\Phroute\RouteCollector; use Phroute\Phroute\RouteCollector;
App::$collector->filter('bearer', [\kernel\modules\secure\middlewares\BearerAuthMiddleware::class, "handler"]);
App::$collector->group(["prefix" => "admin"], function (RouteCollector $router){ App::$collector->group(["prefix" => "admin"], function (RouteCollector $router){
App::$collector->group(["before" => "auth"], function (RouteCollector $router) { App::$collector->group(["before" => "auth"], function (RouteCollector $router) {
@ -21,5 +22,7 @@ App::$collector->group(["prefix" => "admin"], function (RouteCollector $router){
}); });
App::$collector->group(["prefix" => "api"], function (CgRouteCollector $router){ App::$collector->group(["prefix" => "api"], function (CgRouteCollector $router){
App::$collector->group(['before' => 'bearer'], function (CgRouteCollector $router){
$router->rest("post", [\kernel\modules\post\controllers\PostRestController::class]); $router->rest("post", [\kernel\modules\post\controllers\PostRestController::class]);
}); });
});

View File

@ -30,8 +30,6 @@ class SecureRestController extends RestController
// $baseUrl .= $_SERVER['REQUEST_URI'];; // $baseUrl .= $_SERVER['REQUEST_URI'];;
$jwt = JWT::encode( $jwt = JWT::encode(
payload: [ payload: [
"iss" => $baseUrl,
"aud" => $baseUrl,
"iat" => time(), "iat" => time(),
"exp" => date("Y-m-d H:i:s", strtotime("+30 days")) "exp" => date("Y-m-d H:i:s", strtotime("+30 days"))
], ],

View File

@ -5,5 +5,6 @@
"slug": "secure", "slug": "secure",
"description": "Secure module", "description": "Secure module",
"routs": "routs/secure.php", "routs": "routs/secure.php",
"dependence": "user" "dependence": "user",
"show_in_admin": 0
} }

View File

@ -0,0 +1,48 @@
<?php
namespace kernel\modules\secure\middlewares;
use JetBrains\PhpStorm\NoReturn;
use kernel\App;
use kernel\helpers\Debug;
use kernel\Middleware;
use kernel\modules\user\service\UserService;
use kernel\Request;
class BearerAuthMiddleware extends Middleware
{
protected UserService $userService;
public function __construct()
{
$this->userService = new UserService();
}
function handler(): void
{
$request = new Request();
$authorization = $request->getHeader("Authorization");
if ($authorization){
$authorization = explode(" ", $authorization);
$type = $authorization[0];
$token = $authorization[1];
if ($type === "Bearer"){
$user = $this->userService->getByAccessToken($token);
if ($user){
if ($user->access_token_expires_at > date("Y-m-d")){
App::$user = $user;
return;
}
}
}
}
$this->returnError(403);
}
#[NoReturn] public function returnError(int $code): void
{
http_response_code($code);
die('Forbidden');
}
}

View File

@ -5,6 +5,7 @@ use kernel\CgRouteCollector;
use Phroute\Phroute\RouteCollector; use Phroute\Phroute\RouteCollector;
App::$collector->filter("auth", [\kernel\middlewares\AuthMiddleware::class, "handler"]); App::$collector->filter("auth", [\kernel\middlewares\AuthMiddleware::class, "handler"]);
App::$collector->filter('bearer', [\kernel\modules\secure\middlewares\BearerAuthMiddleware::class, "handler"]);
App::$collector->group(["prefix" => "admin"], function (RouteCollector $router){ App::$collector->group(["prefix" => "admin"], function (RouteCollector $router){
App::$collector->group(["before" => "auth"], function (RouteCollector $router){ App::$collector->group(["before" => "auth"], function (RouteCollector $router){

View File

@ -7,5 +7,5 @@
"module_class": "kernel\\modules\\user\\UserModule", "module_class": "kernel\\modules\\user\\UserModule",
"module_class_file": "{KERNEL_MODULES}/user/UserModule.php", "module_class_file": "{KERNEL_MODULES}/user/UserModule.php",
"routs": "routs/user.php", "routs": "routs/user.php",
"dependence": "menu" "dependence": "menu,secure"
} }

View File

@ -7,6 +7,8 @@ use Illuminate\Database\Eloquent\Model;
* @property string $username * @property string $username
* @property string $email * @property string $email
* @property string $password_hash * @property string $password_hash
* @property string $access_token
* @property string $access_token_expires_at
* @method static find($id) * @method static find($id)
*/ */
class User extends Model { class User extends Model {
@ -15,7 +17,7 @@ class User extends Model {
const ADMIN_USER_ROLE = 9; const ADMIN_USER_ROLE = 9;
protected $table = 'user'; protected $table = 'user';
protected $fillable = ['username', 'email', 'password_hash', 'role']; protected $fillable = ['username', 'email', 'password_hash', 'role', 'access_token', 'access_token_expires_at'];
protected array $dates = ['deleted at']; protected array $dates = ['deleted at'];
public static function labels(): array public static function labels(): array
@ -24,7 +26,9 @@ class User extends Model {
'username' => 'Логин', 'username' => 'Логин',
'email' => 'Email', 'email' => 'Email',
'created_at' => 'Создан', 'created_at' => 'Создан',
'updated_at' => 'Обновлен' 'updated_at' => 'Обновлен',
'access_token' => 'Token',
'access_token_expires_at' => 'Token expires at',
]; ];
} }
} }

View File

@ -33,6 +33,11 @@ class UserService
return false; return false;
} }
/**
* @param string $field
* @param string $value
* @return mixed
*/
public function getByField(string $field, string $value) public function getByField(string $field, string $value)
{ {
return User::where($field, $value)->first(); return User::where($field, $value)->first();
@ -72,4 +77,9 @@ class UserService
return ''; return '';
} }
public function getByAccessToken(string $token)
{
return $this->getByField("access_token", $token);
}
} }

View File

@ -3,6 +3,7 @@
use kernel\App; use kernel\App;
use Phroute\Phroute\RouteCollector; use Phroute\Phroute\RouteCollector;
App::$collector->filter("auth", [\kernel\middlewares\AuthMiddleware::class, "handler"]);
App::$collector->group(["prefix" => "admin"], function (RouteCollector $router){ App::$collector->group(["prefix" => "admin"], function (RouteCollector $router){
App::$collector->group(["before" => "auth"], function (RouteCollector $router){ App::$collector->group(["before" => "auth"], function (RouteCollector $router){