improve login controller
This commit is contained in:
parent
aec6913000
commit
8a1a1425a7
@ -11,6 +11,7 @@ namespace mobileapi\controllers;
|
|||||||
use mobileapi\models\LoginForm;
|
use mobileapi\models\LoginForm;
|
||||||
use sizeg\jwt\Jwt;
|
use sizeg\jwt\Jwt;
|
||||||
use Yii;
|
use Yii;
|
||||||
|
use yii\web\BadRequestHttpException;
|
||||||
use yii\web\UnauthorizedHttpException;
|
use yii\web\UnauthorizedHttpException;
|
||||||
|
|
||||||
/** @noinspection PhpUnused */
|
/** @noinspection PhpUnused */
|
||||||
@ -20,44 +21,42 @@ class LoginController extends RestController
|
|||||||
|
|
||||||
/**
|
/**
|
||||||
* hash for password test is:
|
* hash for password test is:
|
||||||
* $2y$13$D2BauYE2nhCdVDNatT9BMeWGxOvi5t5V6W2OUjr6sj2FRpb317Cpq
|
|
||||||
*
|
*
|
||||||
*/
|
*/
|
||||||
/** @noinspection PhpUnused */
|
/** @noinspection PhpUnused */
|
||||||
public function actionLogin()
|
public function actionLogin()
|
||||||
{
|
{
|
||||||
$form = new LoginForm();
|
$form = new LoginForm();
|
||||||
$post = \Yii::$app->request->post();
|
|
||||||
|
|
||||||
$post2 = $_POST;
|
|
||||||
$form->load(\Yii::$app->request->post(), '');
|
$form->load(\Yii::$app->request->post(), '');
|
||||||
|
|
||||||
if ($form->validate()) {
|
if (!$form->validate()) {
|
||||||
|
throw new BadRequestHttpException("Hibás e-mail cím vagy jelszó!");
|
||||||
/** @var Jwt $jwt */
|
|
||||||
$jwt = Yii::$app->jwt;
|
|
||||||
$signer = $jwt->getSigner('HS256');
|
|
||||||
$key = $jwt->getKey();
|
|
||||||
$time = time();
|
|
||||||
|
|
||||||
// Adoption for lcobucci/jwt ^4.0 version
|
|
||||||
$token = $jwt->getBuilder()
|
|
||||||
->issuedBy('mobileapi')// Configures the issuer (iss claim)
|
|
||||||
->permittedFor('customer')// Configures the audience (aud claim)
|
|
||||||
->identifiedBy('A989C57D19E2AF756BA9585AC4CFAF7974AE3D2BCA7CCA7307B39AB28CC7C2C8', true)// Configures the id (jti claim), replicating as a header item
|
|
||||||
->issuedAt($time)// Configures the time that the token was issue (iat claim)
|
|
||||||
->expiresAt($time + 3600)// Configures the expiration time of the token (exp claim)
|
|
||||||
->withClaim('uid', $form->getCustomer()->getId())// Configures a new claim, called "uid"
|
|
||||||
->getToken($signer, $key); // Retrieves the generated token
|
|
||||||
|
|
||||||
return $this->asJson([
|
|
||||||
'token' => (string)$token,
|
|
||||||
]);
|
|
||||||
} else {
|
|
||||||
throw new UnauthorizedHttpException("Hibás e-mail cím vagy jelszó!");
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/** @var Jwt $jwt */
|
||||||
|
$jwt = Yii::$app->jwt;
|
||||||
|
$signer = $jwt->getSigner('HS256');
|
||||||
|
$key = $jwt->getKey();
|
||||||
|
$time = time();
|
||||||
|
|
||||||
|
$validFor = 60 * 60 * 24 * 7 * 2; // 4 weeks
|
||||||
|
// Adoption for lcobucci/jwt ^4.0 version
|
||||||
|
$token = $jwt->getBuilder()
|
||||||
|
->issuedBy('mobileapi')// Configures the issuer (iss claim)
|
||||||
|
->permittedFor('customer')// Configures the audience (aud claim)
|
||||||
|
->identifiedBy('A989C57D19E2AF756BA9585AC4CFAF7974AE3D2BCA7CCA7307B39AB28CC7C2C8', true)// Configures the id (jti claim), replicating as a header item
|
||||||
|
->issuedAt($time)// Configures the time that the token was issue (iat claim)
|
||||||
|
->expiresAt($time + $validFor)// Configures the expiration time of the token (exp claim)
|
||||||
|
->withClaim('uid', $form->getCustomer()->getId())// Configures a new claim, called "uid"
|
||||||
|
->getToken($signer, $key); // Retrieves the generated token
|
||||||
|
|
||||||
|
return $this->asJson([
|
||||||
|
'token' => (string)$token,
|
||||||
|
]);
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
protected function getOptionalActions()
|
protected function getOptionalActions()
|
||||||
{
|
{
|
||||||
return ['login'];
|
return ['login'];
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user