filled out auth service class

expanded the auth service class to store member info in the current
session so validation is easier

also added a token to session data that expires every hour so people
won't be logged in forever and take breaks

hey, you matter too
This commit is contained in:
ro 2024-03-06 09:50:09 -06:00
parent 47c8f7b008
commit ad57c29e8d
No known key found for this signature in database
GPG key ID: 29B551CDBD4D3B50
4 changed files with 108 additions and 14 deletions

View file

@ -3,26 +3,29 @@
namespace App\Http\Controllers;
use App\Interfaces\PageRepositoryInterface;
use App\Services\AuthService;
class DashController extends Controller
{
protected PageRepositoryInterface $pages;
protected AuthService $auth;
public function __construct(
PageRepositoryInterface $pageRepository,
AuthService $authService,
) {
$this->pages = $pageRepository;
$this->auth = $authService;
}
public function start()
{
$status = session('handle') !== null ? true : false;
$result = [];
if ($status) {
if ($this->auth::status()) {
$result = $this->pages->getGroup(1, 4);
}
return view('back.start', [
"status" => $status,
"status" => $this->auth::status(),
"result" => $result,
"title" => "Start"
]);
@ -30,13 +33,12 @@ class DashController extends Controller
public function book($pageFilter = 'all', $pageNum = 1)
{
$status = session('handle') !== null ? true : false;
$result = [];
if ($status) {
if ($this->auth::status()) {
$result = $this->pages->getGroup($pageNum, 4, $pageFilter);
}
return view('back.book', [
"status" => $status,
"status" => $this->auth::status(),
"result" => $result,
"currentPage" => $pageNum,
"title" => "Pages"
@ -45,10 +47,9 @@ class DashController extends Controller
public function page($mode, $uuid)
{
$status = session('handle') !== null ? true : false;
$page = $this->pages->getById($uuid)->first();
$page = $this->pages->getById($uuid)->first();
return view('back.page', [
"status" => $status,
"status" => $this->auth::status(),
"mode" => $mode,
"page" => $page,
"title" => 'Editing ' . $page['title']

View file

@ -2,6 +2,8 @@
namespace App\Services;
use ReallySimpleJWT\Token;
use function _\find;
class AuthService
@ -20,10 +22,25 @@ class AuthService
$found = find($folks, ['handle' => $request->handle]);
if ($found) {
if (password_verify($request->password, $found['password'])) {
$request->session()->put('handle', $found['handle']);
$request->session()->put('email', $found['email']);
$request->session()->put('role', $found['role']);
$request->session()->put('avi', $found['avi']);
$member = [
'handle' => $found['handle'],
'email' => $found['email'],
'role' => $found['role'],
'avatar' => $found['avi'],
'key' => $found['key'],
'secret' => $found['secret'],
];
$token = Token::create(
$found['key'],
$found['secret'],
time() + 3600,
'localhost'
); //expires in an hour
$form_token = md5(uniqid(microtime(), true));
$request->session()->put('member', $member);
$request->session()->put('token', $token);
$request->session()->put('form_token', $form_token);
return ['status' => true, 'message' => 'HEY WELCOME BACK'];
//DO SESSION STUFF
} else {
@ -34,4 +51,20 @@ class AuthService
return ['status' => false, 'message' => 'CHECK THAT HANDLE'];
}
}
public static function status()
{
if (session('member') !== null) {
if (
Token::validate(session('token'), session('member')['secret']) &&
Token::validateExpiration(session('token'), session('member')['secret'])
) {
return true;
} else {
return false;
}
} else {
return false;
}
}
}

View file

@ -26,6 +26,7 @@
"mindtwo/laravel-blade-spaceless": "^1.2",
"mnapoli/front-yaml": "^2.0",
"olegatro/html-sanitizer-relative": "^1.0",
"rbdwllr/reallysimplejwt": "^5.0",
"symfony/yaml": "^7.0",
"tgalopin/html-sanitizer": "^1.5"
},

61
composer.lock generated
View file

@ -4,7 +4,7 @@
"Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies",
"This file is @generated automatically"
],
"content-hash": "7fbeca42f1a6ac784e32ca1e42e61d7a",
"content-hash": "6ae8a3cfbf0bceca61b34d852e461d95",
"packages": [
{
"name": "brick/math",
@ -3507,6 +3507,65 @@
],
"time": "2023-11-08T05:53:05+00:00"
},
{
"name": "rbdwllr/reallysimplejwt",
"version": "5.0.0",
"source": {
"type": "git",
"url": "https://github.com/RobDWaller/ReallySimpleJWT.git",
"reference": "d7e1014ccbfba43420866fd3dc3f18a521883868"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/RobDWaller/ReallySimpleJWT/zipball/d7e1014ccbfba43420866fd3dc3f18a521883868",
"reference": "d7e1014ccbfba43420866fd3dc3f18a521883868",
"shasum": ""
},
"require": {
"php": ">=8.0.0"
},
"require-dev": {
"friendsofphp/php-cs-fixer": "^2.19",
"infection/infection": "^0.26",
"phpbench/phpbench": "^1.2",
"phploc/phploc": "^7.0",
"phpmd/phpmd": "^2.11",
"phpstan/phpstan": "^1.2",
"phpunit/phpunit": "^9.5",
"sebastian/phpcpd": "^6.0",
"squizlabs/php_codesniffer": "^3.6"
},
"type": "library",
"autoload": {
"psr-4": {
"ReallySimpleJWT\\": "src/"
}
},
"notification-url": "https://packagist.org/downloads/",
"license": [
"MIT"
],
"authors": [
{
"name": "Rob Waller",
"email": "rdwaller1984@gmail.com"
}
],
"description": "A really simple library to generate user authentication JSON Web Tokens.",
"keywords": [
"Authentication",
"json",
"json web tokens",
"jwt",
"php",
"tokens"
],
"support": {
"issues": "https://github.com/RobDWaller/ReallySimpleJWT/issues",
"source": "https://github.com/RobDWaller/ReallySimpleJWT/tree/5.0.0"
},
"time": "2022-04-16T14:00:21+00:00"
},
{
"name": "sebastian/comparator",
"version": "5.0.1",