bearer middleware
This commit is contained in:
parent
215d2b1290
commit
7ccf0957bf
@ -5,6 +5,7 @@ namespace kernel;
|
|||||||
|
|
||||||
|
|
||||||
use kernel\helpers\Debug;
|
use kernel\helpers\Debug;
|
||||||
|
use kernel\modules\user\models\User;
|
||||||
use kernel\services\ModuleService;
|
use kernel\services\ModuleService;
|
||||||
use Phroute\Phroute\Dispatcher;
|
use Phroute\Phroute\Dispatcher;
|
||||||
|
|
||||||
@ -17,6 +18,8 @@ class App
|
|||||||
|
|
||||||
static Header $header;
|
static Header $header;
|
||||||
|
|
||||||
|
static User $user;
|
||||||
|
|
||||||
public ModuleService $moduleService;
|
public ModuleService $moduleService;
|
||||||
|
|
||||||
public static Database $db;
|
public static Database $db;
|
||||||
|
@ -101,6 +101,12 @@ class RestController
|
|||||||
$this->renderApi($model->toArray());
|
$this->renderApi($model->toArray());
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#[NoReturn] public function returnError(int $code): void
|
||||||
|
{
|
||||||
|
http_response_code($code);
|
||||||
|
die('Forbidden');
|
||||||
|
}
|
||||||
|
|
||||||
#[NoReturn] protected function renderApi(array $data): void
|
#[NoReturn] protected function renderApi(array $data): void
|
||||||
{
|
{
|
||||||
header("Content-Type: application/json");
|
header("Content-Type: application/json");
|
||||||
@ -108,4 +114,6 @@ class RestController
|
|||||||
exit();
|
exit();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
}
|
}
|
@ -69,7 +69,7 @@ class AdminConsoleController extends ConsoleController
|
|||||||
|
|
||||||
$this->optionService->createFromParams(
|
$this->optionService->createFromParams(
|
||||||
key: "active_modules",
|
key: "active_modules",
|
||||||
value: "{\"modules\":[\"admin_themes\", \"secure\", \"user\"]}",
|
value: "{\"modules\":[\"admin_themes\", \"secure\", \"user\", \"menu\"]}",
|
||||||
label: "Активные модули"
|
label: "Активные модули"
|
||||||
);
|
);
|
||||||
$this->out->r("create option active_modules", "green");
|
$this->out->r("create option active_modules", "green");
|
||||||
@ -82,6 +82,25 @@ class AdminConsoleController extends ConsoleController
|
|||||||
]);
|
]);
|
||||||
$this->out->r("create item menu module", "green");
|
$this->out->r("create item menu module", "green");
|
||||||
|
|
||||||
|
$this->menuService->createItem([
|
||||||
|
"label" => "Пользователи",
|
||||||
|
"url" => "#",
|
||||||
|
"slug" => "user",
|
||||||
|
]);
|
||||||
|
$this->menuService->createItem([
|
||||||
|
"label" => "Список",
|
||||||
|
"url" => "/admin/user",
|
||||||
|
"slug" => "user_list",
|
||||||
|
"parent_slug" => "user",
|
||||||
|
]);
|
||||||
|
$this->menuService->createItem([
|
||||||
|
"label" => "Создать",
|
||||||
|
"url" => "/admin/user/create",
|
||||||
|
"slug" => "user_create",
|
||||||
|
"parent_slug" => "user",
|
||||||
|
]);
|
||||||
|
$this->out->r("create item menu user", "green");
|
||||||
|
|
||||||
$this->menuService->createItem([
|
$this->menuService->createItem([
|
||||||
"label" => "Настройки",
|
"label" => "Настройки",
|
||||||
"url" => "#",
|
"url" => "#",
|
||||||
|
@ -41,8 +41,14 @@ class ModuleController extends AdminController
|
|||||||
foreach (new DirectoryIterator($dir) as $fileInfo) {
|
foreach (new DirectoryIterator($dir) as $fileInfo) {
|
||||||
$info = [];
|
$info = [];
|
||||||
if($fileInfo->isDot()) continue;
|
if($fileInfo->isDot()) continue;
|
||||||
|
$mi = $this->moduleService->getModuleInfo($fileInfo->getPathname());
|
||||||
|
if (isset($mi['show_in_admin'])){
|
||||||
|
if ($mi['show_in_admin'] == 0){
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
}
|
||||||
$info['id'] = $i;
|
$info['id'] = $i;
|
||||||
$modules_info[] = array_merge($info, $this->moduleService->getModuleInfo($fileInfo->getPathname()));
|
$modules_info[] = array_merge($info, $mi);
|
||||||
$i++;
|
$i++;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -4,7 +4,10 @@ namespace kernel\modules\post\controllers;
|
|||||||
|
|
||||||
use Illuminate\Database\Eloquent\Model;
|
use Illuminate\Database\Eloquent\Model;
|
||||||
use JetBrains\PhpStorm\NoReturn;
|
use JetBrains\PhpStorm\NoReturn;
|
||||||
|
use kernel\App;
|
||||||
|
use kernel\helpers\Debug;
|
||||||
use kernel\modules\post\models\Post;
|
use kernel\modules\post\models\Post;
|
||||||
|
use kernel\Request;
|
||||||
use kernel\RestController;
|
use kernel\RestController;
|
||||||
|
|
||||||
class PostRestController extends RestController
|
class PostRestController extends RestController
|
||||||
@ -19,4 +22,31 @@ class PostRestController extends RestController
|
|||||||
return ["user"];
|
return ["user"];
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public function actionIndex(): void
|
||||||
|
{
|
||||||
|
$request = new Request();
|
||||||
|
$page = $request->get('page') ?? 1;
|
||||||
|
$perPage = $request->get('per_page') ?? 10;
|
||||||
|
$query = $this->model->query();
|
||||||
|
if (App::$user){
|
||||||
|
$query->where("user_id", App::$user->id);
|
||||||
|
}
|
||||||
|
|
||||||
|
if ($page > 1) {
|
||||||
|
$query->skip(($page - 1) * $perPage)->take($perPage);
|
||||||
|
} else {
|
||||||
|
$query->take($perPage);
|
||||||
|
}
|
||||||
|
|
||||||
|
$expand = $this->expand();
|
||||||
|
$expandParams = explode( ",", $request->get('expand') ?? "");
|
||||||
|
$finalExpand = array_intersect($expandParams, $expand);
|
||||||
|
if ($finalExpand) {
|
||||||
|
$res = $query->get()->load($finalExpand)->toArray();
|
||||||
|
} else {
|
||||||
|
$res = $query->get()->toArray();
|
||||||
|
}
|
||||||
|
|
||||||
|
$this->renderApi($res);
|
||||||
|
}
|
||||||
}
|
}
|
@ -4,6 +4,7 @@ use kernel\App;
|
|||||||
use kernel\CgRouteCollector;
|
use kernel\CgRouteCollector;
|
||||||
use Phroute\Phroute\RouteCollector;
|
use Phroute\Phroute\RouteCollector;
|
||||||
|
|
||||||
|
App::$collector->filter('bearer', [\kernel\modules\secure\middlewares\BearerAuthMiddleware::class, "handler"]);
|
||||||
|
|
||||||
App::$collector->group(["prefix" => "admin"], function (RouteCollector $router){
|
App::$collector->group(["prefix" => "admin"], function (RouteCollector $router){
|
||||||
App::$collector->group(["before" => "auth"], function (RouteCollector $router) {
|
App::$collector->group(["before" => "auth"], function (RouteCollector $router) {
|
||||||
@ -21,5 +22,7 @@ App::$collector->group(["prefix" => "admin"], function (RouteCollector $router){
|
|||||||
});
|
});
|
||||||
|
|
||||||
App::$collector->group(["prefix" => "api"], function (CgRouteCollector $router){
|
App::$collector->group(["prefix" => "api"], function (CgRouteCollector $router){
|
||||||
|
App::$collector->group(['before' => 'bearer'], function (CgRouteCollector $router){
|
||||||
$router->rest("post", [\kernel\modules\post\controllers\PostRestController::class]);
|
$router->rest("post", [\kernel\modules\post\controllers\PostRestController::class]);
|
||||||
});
|
});
|
||||||
|
});
|
@ -30,8 +30,6 @@ class SecureRestController extends RestController
|
|||||||
// $baseUrl .= $_SERVER['REQUEST_URI'];;
|
// $baseUrl .= $_SERVER['REQUEST_URI'];;
|
||||||
$jwt = JWT::encode(
|
$jwt = JWT::encode(
|
||||||
payload: [
|
payload: [
|
||||||
"iss" => $baseUrl,
|
|
||||||
"aud" => $baseUrl,
|
|
||||||
"iat" => time(),
|
"iat" => time(),
|
||||||
"exp" => date("Y-m-d H:i:s", strtotime("+30 days"))
|
"exp" => date("Y-m-d H:i:s", strtotime("+30 days"))
|
||||||
],
|
],
|
||||||
|
@ -5,5 +5,6 @@
|
|||||||
"slug": "secure",
|
"slug": "secure",
|
||||||
"description": "Secure module",
|
"description": "Secure module",
|
||||||
"routs": "routs/secure.php",
|
"routs": "routs/secure.php",
|
||||||
"dependence": "user"
|
"dependence": "user",
|
||||||
|
"show_in_admin": 0
|
||||||
}
|
}
|
48
kernel/modules/secure/middlewares/BearerAuthMiddleware.php
Normal file
48
kernel/modules/secure/middlewares/BearerAuthMiddleware.php
Normal file
@ -0,0 +1,48 @@
|
|||||||
|
<?php
|
||||||
|
|
||||||
|
namespace kernel\modules\secure\middlewares;
|
||||||
|
|
||||||
|
use JetBrains\PhpStorm\NoReturn;
|
||||||
|
use kernel\App;
|
||||||
|
use kernel\helpers\Debug;
|
||||||
|
use kernel\Middleware;
|
||||||
|
use kernel\modules\user\service\UserService;
|
||||||
|
use kernel\Request;
|
||||||
|
|
||||||
|
class BearerAuthMiddleware extends Middleware
|
||||||
|
{
|
||||||
|
protected UserService $userService;
|
||||||
|
|
||||||
|
public function __construct()
|
||||||
|
{
|
||||||
|
$this->userService = new UserService();
|
||||||
|
}
|
||||||
|
|
||||||
|
function handler(): void
|
||||||
|
{
|
||||||
|
$request = new Request();
|
||||||
|
$authorization = $request->getHeader("Authorization");
|
||||||
|
if ($authorization){
|
||||||
|
$authorization = explode(" ", $authorization);
|
||||||
|
$type = $authorization[0];
|
||||||
|
$token = $authorization[1];
|
||||||
|
if ($type === "Bearer"){
|
||||||
|
$user = $this->userService->getByAccessToken($token);
|
||||||
|
if ($user){
|
||||||
|
if ($user->access_token_expires_at > date("Y-m-d")){
|
||||||
|
App::$user = $user;
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
$this->returnError(403);
|
||||||
|
}
|
||||||
|
|
||||||
|
#[NoReturn] public function returnError(int $code): void
|
||||||
|
{
|
||||||
|
http_response_code($code);
|
||||||
|
die('Forbidden');
|
||||||
|
}
|
||||||
|
}
|
@ -5,6 +5,7 @@ use kernel\CgRouteCollector;
|
|||||||
use Phroute\Phroute\RouteCollector;
|
use Phroute\Phroute\RouteCollector;
|
||||||
|
|
||||||
App::$collector->filter("auth", [\kernel\middlewares\AuthMiddleware::class, "handler"]);
|
App::$collector->filter("auth", [\kernel\middlewares\AuthMiddleware::class, "handler"]);
|
||||||
|
App::$collector->filter('bearer', [\kernel\modules\secure\middlewares\BearerAuthMiddleware::class, "handler"]);
|
||||||
|
|
||||||
App::$collector->group(["prefix" => "admin"], function (RouteCollector $router){
|
App::$collector->group(["prefix" => "admin"], function (RouteCollector $router){
|
||||||
App::$collector->group(["before" => "auth"], function (RouteCollector $router){
|
App::$collector->group(["before" => "auth"], function (RouteCollector $router){
|
||||||
|
@ -7,5 +7,5 @@
|
|||||||
"module_class": "kernel\\modules\\user\\UserModule",
|
"module_class": "kernel\\modules\\user\\UserModule",
|
||||||
"module_class_file": "{KERNEL_MODULES}/user/UserModule.php",
|
"module_class_file": "{KERNEL_MODULES}/user/UserModule.php",
|
||||||
"routs": "routs/user.php",
|
"routs": "routs/user.php",
|
||||||
"dependence": "menu"
|
"dependence": "menu,secure"
|
||||||
}
|
}
|
@ -7,6 +7,8 @@ use Illuminate\Database\Eloquent\Model;
|
|||||||
* @property string $username
|
* @property string $username
|
||||||
* @property string $email
|
* @property string $email
|
||||||
* @property string $password_hash
|
* @property string $password_hash
|
||||||
|
* @property string $access_token
|
||||||
|
* @property string $access_token_expires_at
|
||||||
* @method static find($id)
|
* @method static find($id)
|
||||||
*/
|
*/
|
||||||
class User extends Model {
|
class User extends Model {
|
||||||
@ -15,7 +17,7 @@ class User extends Model {
|
|||||||
const ADMIN_USER_ROLE = 9;
|
const ADMIN_USER_ROLE = 9;
|
||||||
|
|
||||||
protected $table = 'user';
|
protected $table = 'user';
|
||||||
protected $fillable = ['username', 'email', 'password_hash', 'role'];
|
protected $fillable = ['username', 'email', 'password_hash', 'role', 'access_token', 'access_token_expires_at'];
|
||||||
protected array $dates = ['deleted at'];
|
protected array $dates = ['deleted at'];
|
||||||
|
|
||||||
public static function labels(): array
|
public static function labels(): array
|
||||||
@ -24,7 +26,9 @@ class User extends Model {
|
|||||||
'username' => 'Логин',
|
'username' => 'Логин',
|
||||||
'email' => 'Email',
|
'email' => 'Email',
|
||||||
'created_at' => 'Создан',
|
'created_at' => 'Создан',
|
||||||
'updated_at' => 'Обновлен'
|
'updated_at' => 'Обновлен',
|
||||||
|
'access_token' => 'Token',
|
||||||
|
'access_token_expires_at' => 'Token expires at',
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -33,6 +33,11 @@ class UserService
|
|||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @param string $field
|
||||||
|
* @param string $value
|
||||||
|
* @return mixed
|
||||||
|
*/
|
||||||
public function getByField(string $field, string $value)
|
public function getByField(string $field, string $value)
|
||||||
{
|
{
|
||||||
return User::where($field, $value)->first();
|
return User::where($field, $value)->first();
|
||||||
@ -72,4 +77,9 @@ class UserService
|
|||||||
return '';
|
return '';
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public function getByAccessToken(string $token)
|
||||||
|
{
|
||||||
|
return $this->getByField("access_token", $token);
|
||||||
|
}
|
||||||
|
|
||||||
}
|
}
|
@ -3,6 +3,7 @@
|
|||||||
use kernel\App;
|
use kernel\App;
|
||||||
use Phroute\Phroute\RouteCollector;
|
use Phroute\Phroute\RouteCollector;
|
||||||
|
|
||||||
|
App::$collector->filter("auth", [\kernel\middlewares\AuthMiddleware::class, "handler"]);
|
||||||
|
|
||||||
App::$collector->group(["prefix" => "admin"], function (RouteCollector $router){
|
App::$collector->group(["prefix" => "admin"], function (RouteCollector $router){
|
||||||
App::$collector->group(["before" => "auth"], function (RouteCollector $router){
|
App::$collector->group(["before" => "auth"], function (RouteCollector $router){
|
||||||
|
Loading…
Reference in New Issue
Block a user