From ad57c29e8d4d3f78a7c5bc0c56158ec8681811e2 Mon Sep 17 00:00:00 2001 From: ro Date: Wed, 6 Mar 2024 09:50:09 -0600 Subject: [PATCH] filled out auth service class expanded the auth service class to store member info in the current session so validation is easier also added a token to session data that expires every hour so people won't be logged in forever and take breaks hey, you matter too --- app/Http/Controllers/DashController.php | 19 ++++---- app/Services/AuthService.php | 41 +++++++++++++++-- composer.json | 1 + composer.lock | 61 ++++++++++++++++++++++++- 4 files changed, 108 insertions(+), 14 deletions(-) diff --git a/app/Http/Controllers/DashController.php b/app/Http/Controllers/DashController.php index aa3d8ff..b37e467 100644 --- a/app/Http/Controllers/DashController.php +++ b/app/Http/Controllers/DashController.php @@ -3,26 +3,29 @@ namespace App\Http\Controllers; use App\Interfaces\PageRepositoryInterface; +use App\Services\AuthService; class DashController extends Controller { protected PageRepositoryInterface $pages; + protected AuthService $auth; public function __construct( PageRepositoryInterface $pageRepository, + AuthService $authService, ) { $this->pages = $pageRepository; + $this->auth = $authService; } public function start() { - $status = session('handle') !== null ? true : false; $result = []; - if ($status) { + if ($this->auth::status()) { $result = $this->pages->getGroup(1, 4); } return view('back.start', [ - "status" => $status, + "status" => $this->auth::status(), "result" => $result, "title" => "Start" ]); @@ -30,13 +33,12 @@ class DashController extends Controller public function book($pageFilter = 'all', $pageNum = 1) { - $status = session('handle') !== null ? true : false; $result = []; - if ($status) { + if ($this->auth::status()) { $result = $this->pages->getGroup($pageNum, 4, $pageFilter); } return view('back.book', [ - "status" => $status, + "status" => $this->auth::status(), "result" => $result, "currentPage" => $pageNum, "title" => "Pages" @@ -45,10 +47,9 @@ class DashController extends Controller public function page($mode, $uuid) { - $status = session('handle') !== null ? true : false; - $page = $this->pages->getById($uuid)->first(); + $page = $this->pages->getById($uuid)->first(); return view('back.page', [ - "status" => $status, + "status" => $this->auth::status(), "mode" => $mode, "page" => $page, "title" => 'Editing ' . $page['title'] diff --git a/app/Services/AuthService.php b/app/Services/AuthService.php index ffced9b..3c59faf 100644 --- a/app/Services/AuthService.php +++ b/app/Services/AuthService.php @@ -2,6 +2,8 @@ namespace App\Services; +use ReallySimpleJWT\Token; + use function _\find; class AuthService @@ -20,10 +22,25 @@ class AuthService $found = find($folks, ['handle' => $request->handle]); if ($found) { if (password_verify($request->password, $found['password'])) { - $request->session()->put('handle', $found['handle']); - $request->session()->put('email', $found['email']); - $request->session()->put('role', $found['role']); - $request->session()->put('avi', $found['avi']); + $member = [ + 'handle' => $found['handle'], + 'email' => $found['email'], + 'role' => $found['role'], + 'avatar' => $found['avi'], + 'key' => $found['key'], + 'secret' => $found['secret'], + ]; + + $token = Token::create( + $found['key'], + $found['secret'], + time() + 3600, + 'localhost' + ); //expires in an hour + $form_token = md5(uniqid(microtime(), true)); + $request->session()->put('member', $member); + $request->session()->put('token', $token); + $request->session()->put('form_token', $form_token); return ['status' => true, 'message' => 'HEY WELCOME BACK']; //DO SESSION STUFF } else { @@ -34,4 +51,20 @@ class AuthService return ['status' => false, 'message' => 'CHECK THAT HANDLE']; } } + + public static function status() + { + if (session('member') !== null) { + if ( + Token::validate(session('token'), session('member')['secret']) && + Token::validateExpiration(session('token'), session('member')['secret']) + ) { + return true; + } else { + return false; + } + } else { + return false; + } + } } diff --git a/composer.json b/composer.json index 8e53702..42ef42c 100644 --- a/composer.json +++ b/composer.json @@ -26,6 +26,7 @@ "mindtwo/laravel-blade-spaceless": "^1.2", "mnapoli/front-yaml": "^2.0", "olegatro/html-sanitizer-relative": "^1.0", + "rbdwllr/reallysimplejwt": "^5.0", "symfony/yaml": "^7.0", "tgalopin/html-sanitizer": "^1.5" }, diff --git a/composer.lock b/composer.lock index ce47cc5..f05f7c7 100644 --- a/composer.lock +++ b/composer.lock @@ -4,7 +4,7 @@ "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies", "This file is @generated automatically" ], - "content-hash": "7fbeca42f1a6ac784e32ca1e42e61d7a", + "content-hash": "6ae8a3cfbf0bceca61b34d852e461d95", "packages": [ { "name": "brick/math", @@ -3507,6 +3507,65 @@ ], "time": "2023-11-08T05:53:05+00:00" }, + { + "name": "rbdwllr/reallysimplejwt", + "version": "5.0.0", + "source": { + "type": "git", + "url": "https://github.com/RobDWaller/ReallySimpleJWT.git", + "reference": "d7e1014ccbfba43420866fd3dc3f18a521883868" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/RobDWaller/ReallySimpleJWT/zipball/d7e1014ccbfba43420866fd3dc3f18a521883868", + "reference": "d7e1014ccbfba43420866fd3dc3f18a521883868", + "shasum": "" + }, + "require": { + "php": ">=8.0.0" + }, + "require-dev": { + "friendsofphp/php-cs-fixer": "^2.19", + "infection/infection": "^0.26", + "phpbench/phpbench": "^1.2", + "phploc/phploc": "^7.0", + "phpmd/phpmd": "^2.11", + "phpstan/phpstan": "^1.2", + "phpunit/phpunit": "^9.5", + "sebastian/phpcpd": "^6.0", + "squizlabs/php_codesniffer": "^3.6" + }, + "type": "library", + "autoload": { + "psr-4": { + "ReallySimpleJWT\\": "src/" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Rob Waller", + "email": "rdwaller1984@gmail.com" + } + ], + "description": "A really simple library to generate user authentication JSON Web Tokens.", + "keywords": [ + "Authentication", + "json", + "json web tokens", + "jwt", + "php", + "tokens" + ], + "support": { + "issues": "https://github.com/RobDWaller/ReallySimpleJWT/issues", + "source": "https://github.com/RobDWaller/ReallySimpleJWT/tree/5.0.0" + }, + "time": "2022-04-16T14:00:21+00:00" + }, { "name": "sebastian/comparator", "version": "5.0.1",