57 lines
1.8 KiB
PHP
57 lines
1.8 KiB
PHP
<?php
|
|
|
|
namespace kernel\modules\secure\controllers;
|
|
|
|
use Firebase\JWT\JWT;
|
|
use Firebase\JWT\Key;
|
|
use JetBrains\PhpStorm\NoReturn;
|
|
use kernel\helpers\Debug;
|
|
use kernel\modules\user\models\User;
|
|
use kernel\Request;
|
|
use kernel\RestController;
|
|
|
|
class SecureRestController extends RestController
|
|
{
|
|
public function __construct()
|
|
{
|
|
$this->model = new User();
|
|
}
|
|
|
|
#[NoReturn] public function actionAuth(): void
|
|
{
|
|
$request = new Request();
|
|
$data = $request->post();
|
|
$model = $this->model->where('username', $data['username'])->first();
|
|
$res = [];
|
|
if ($model) {
|
|
if (password_verify($data["password"], $model->password_hash)) {
|
|
$baseUrl = (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off') ? 'https://' : 'http://';
|
|
$baseUrl .= $_SERVER['HTTP_HOST'];
|
|
// $baseUrl .= $_SERVER['REQUEST_URI'];;
|
|
$jwt = JWT::encode(
|
|
payload: [
|
|
"iss" => $baseUrl,
|
|
"aud" => $baseUrl,
|
|
"iat" => time(),
|
|
"exp" => date("Y-m-d H:i:s", strtotime("+30 days"))
|
|
],
|
|
key: $model->{'password_hash'},
|
|
alg: 'HS256'
|
|
);
|
|
|
|
$model->{'access_token'} = $jwt;
|
|
$model->{'access_token_expires_at'} =
|
|
JWT::decode($jwt, new Key($model->{'password_hash'}, 'HS256'))->exp;
|
|
|
|
$res = [
|
|
"access_token" => $model->{'access_token'},
|
|
"access_token_expires_at" => $model->{'access_token_expires_at'},
|
|
];
|
|
}
|
|
$model->save();
|
|
}
|
|
|
|
$this->renderApi($res);
|
|
|
|
}
|
|
} |