rodude123/my-portfolio
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Created the JWT authentication for the editor so that it's more secure and can potentially be used to create a desktop app in the future. Used Tuupola's JWT auth middleware implementation to help with the auth part. Used Firebase's JWT method to create the token

Browse Source 
Signed-off-by: rodude123 <rodude123@gmail.com>
This commit is contained in:
Rohit Pai
2022-10-09 02:40:06 +01:00
parent c22e7f41b1
commit 98c026b946
13 changed files with 728 additions and 64 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/api/index.php
+19 -23
View File
@@ -1,4 +1,4 @@
<?php
<?php /** @noinspection PhpIncludeInspection */
session_start();
////////////////// Index file //////////////
@@ -7,40 +7,30 @@ session_start();
////////////////////////////////////////////
//require “routes.php”;
require "../vendor/autoload.php";
include "middleware.php";
include "timelineData.php";
include "projectData.php";
include "user.php";
use api\middleware;
use api\projectData;
use api\timelineData;
use api\user;
use Psr\Http\Message\ResponseInterface as Response;
use Psr\Http\Message\ServerRequestInterface as Request;
use Selective\SameSiteCookie\SameSiteCookieConfiguration;
use Slim\Factory\AppFactory;
use Selective\SameSiteCookie\SameSiteCookieMiddleware;
use Slim\Handlers\Strategies\RequestHandler;
use Slim\Factory\AppFactory;
use Tuupola\Middleware\JwtAuthentication;
// Start slim
$app = AppFactory::create();
// create middleware
$app->addRoutingMiddleware();
$ssConfig = new SameSiteCookieConfiguration(["same_site" => "strict"]);
// add in same site cookie stuff
$app->add(new SameSiteCookieMiddleware($ssConfig));
// for error checking
$errorMiddleware = $app->addErrorMiddleware(true, true, true);
// set base path for all routes
$app->setBasePath("/api");
// return all responses as JSON
/*$app->add(function($request, $handler) {
$response = $handler->handle($request);
return $response->withHeader("Content-Type", "application/json");
});*/
// Add middleware
new middleware($app);
$timelineData = new timelineData();
$projectData = new projectData();
@@ -277,8 +267,9 @@ $app->post("/user/login", function (Request $request, Response $response)
if ($user->checkUser($data["username"], $data["password"]))
{
// yay, user is logged in
$_SESSION["token"] = $user->createToken();
$_SESSION["token"] = $user->createToken($data["username"]);
$_SESSION["username"] = $data["username"];
$response->getBody()->write(json_encode(array("token" => $_SESSION["token"])));
return $response;
}
return $response->withStatus(401);
@@ -297,7 +288,7 @@ $app->get("/user/isLoggedIn", function (Request $request, Response $response)
if (empty($_SESSION["token"]))
{
// user is logged in but no token was created
$_SESSION["token"] = $user->createToken();
$_SESSION["token"] = $user->createToken($_SESSION["username"]);
return $response;
}
@@ -319,8 +310,7 @@ $app->get("/user/checkResetEmail/{email}", function (Request $request, Response
if ($user->checkEmail($args["email"]))
{
// yay email does exist
$token = $user->sendResetEmail($args["email"]);
$_SESSION["resetToken"] = $token;
$_SESSION["resetToken"] = $user->sendResetEmail($args["email"]);
$_SESSION["resetEmail"] = $args["email"];
return $response;
}
@@ -335,7 +325,7 @@ $app->get("/user/resendEmail", function (Request $request, Response $response)
return $response->withStatus(401);
}
global $user;
$user->sendResetEmail($_SESSION["resetEmail"]);
$_SESSION["resetToken"] = $user->sendResetEmail($_SESSION["resetEmail"]);
return $response;
});
@@ -383,4 +373,10 @@ $app->post("/user/changePassword", function (Request $request, Response $respons
return $response->withStatus(500);
});
$app->post("/projectData", function (Request $request, Response $response)
{
$response->getBody()->write(json_encode(array("test" => "test")));
return $response;
});
$app->run();