JWT changes

jbelke · Jun 23, 2015 · 89b40b1 · 89b40b1
1 parent 94f1e2c
commit 89b40b1
Show file tree

Hide file tree

Showing 4 changed files with 25 additions and 16 deletions.
diff --git a/app/Http/Controllers/Auth/AuthController.php b/app/Http/Controllers/Auth/AuthController.php
@@ -134,9 +134,9 @@ public function postLogin(Request $request)
         if ($this->auth->attempt($credentials, $request->has('remember'))) {
             $user = \Auth::user();
             $user->update(['last_login_date' => Carbon::now()->toDateTimeString()]);
-            Session::setUserInfo($user->toArray());
+            Session::setUserInfoWithJWT($user);
 
-            return redirect()->intended($this->redirectPath());
+            return redirect()->intended($this->redirectPath().'?token='.Session::getSessionToken());
         }
 
         return redirect($this->loginPath())->withInput($request->only('email', 'remember'))->withErrors(

diff --git a/app/Http/Controllers/SplashController.php b/app/Http/Controllers/SplashController.php
@@ -29,7 +29,6 @@ public function __construct()
     public function index()
     {
         return redirect(env('LANDING_PAGE', '/launchpad'));
-//        return view( 'splash' );
     }
 
     /**
@@ -45,11 +44,10 @@ public function handleOAuthLogin($provider)
     {
         /** @var BaseOAuthService $service */
         $service = ServiceHandler::getService($provider);
-
         /** @var Provider $driver */
         $driver = $service->getDriver();
 
-        return $driver->redirect();
+        return $driver->stateless()->redirect();
     }
 
     /**
@@ -81,11 +79,10 @@ public static function handleADLdapLogin($provider)
                 $ldapUser = $driver->getUser();
                 $user = $service->createShadowADLdapUser($ldapUser);
                 $user->update(['last_login_date' => Carbon::now()->toDateTimeString()]);
+                //\Auth::login($user, \Request::has('remember'));
+                Session::setUserInfoWithJWT($user);
 
-                \Auth::login($user, \Request::has('remember'));
-                Session::setUserInfo($user->toArray());
-
-                return redirect()->intended(env('LANDING_PAGE', '/launchpad'));
+                return redirect()->intended(env('LANDING_PAGE', '/launchpad').'?token='.Session::getSessionToken());
             }
         }
 
@@ -116,18 +113,18 @@ public function handleOAuthCallback($serviceName)
         $driver = $service->getDriver();
 
         /** @var User $user */
-        $user = $driver->user();
+        $user = $driver->stateless()->user();
 
         $dfUser = $service->createShadowOAuthUser($user);
         $dfUser->update(['last_login_date' => Carbon::now()->toDateTimeString()]);
 
-        \Auth::login($dfUser);
-        Session::setUserInfo($dfUser->toArray());
+        //\Auth::login($dfUser);
+        Session::setUserInfoWithJWT($dfUser);
 
         if (\Request::ajax()) {
-            return ['success' => true, 'session_id' => Session::getId()];
+            return ['success' => true, 'session_id' => Session::getSessionToken()];
         } else {
-            return redirect()->intended(env('LANDING_PAGE', '/launchpad'));
+            return redirect()->intended(env('LANDING_PAGE', '/launchpad').'?token='.Session::getSessionToken());
         }
     }
 }
diff --git a/app/Http/Middleware/Authenticate.php b/app/Http/Middleware/Authenticate.php
@@ -1,7 +1,9 @@
 <?php namespace DreamFactory\Http\Middleware;
 
 use Closure;
+use JWTAuth;
 use Illuminate\Contracts\Auth\Guard;
+use DreamFactory\Core\Utility\Session;
 
 class Authenticate
 {
@@ -37,7 +39,17 @@ public function handle($request, Closure $next)
             if ($request->ajax()) {
                 return response('Unauthorized.', 401);
             } else {
-                return redirect()->guest('/auth/login');
+                $token = $request->input('token');
+                if(!empty($token)){
+                    JWTAuth::setToken($token);
+                    /** @type Payload $payload */
+                    $payload = JWTAuth::getPayload();
+                    $userId = $payload->get('user_id');
+                    Session::setSessionData(null, $userId);
+                }
+                else {
+                    return redirect()->guest('/auth/login');
+                }
             }
         }
 

diff --git a/config/jwt.php b/config/jwt.php
@@ -90,7 +90,7 @@
     */
 
     //'required_claims' => ['iss', 'iat', 'exp', 'nbf', 'sub', 'jti'],
-    'required_claims' => ['iat', 'exp', 'user_id', 'role_id', 'app_id', 'app_key'],
+    'required_claims' => ['iat', 'exp', 'user_id'],
 
     /*
     |--------------------------------------------------------------------------