72 lines
1.7 KiB
PHP
72 lines
1.7 KiB
PHP
<?php
|
|
|
|
namespace customerapi\controllers;
|
|
|
|
|
|
use common\models\Customer;
|
|
use Exception;
|
|
use Lcobucci\JWT\Token;
|
|
use sizeg\jwt\JwtHttpBearerAuth;
|
|
use Yii;
|
|
use yii\filters\auth\AuthMethod;
|
|
use yii\filters\Cors;
|
|
use yii\rest\Controller;
|
|
|
|
class RestController extends Controller
|
|
{
|
|
|
|
public function behaviors()
|
|
{
|
|
$behaviors = parent::behaviors();
|
|
$behaviors['authenticator'] = [
|
|
'class' => JwtHttpBearerAuth::class,
|
|
'auth' => [$this, 'auth'],
|
|
'optional' => $this->getOptionalActions(),
|
|
];
|
|
$behaviors['corsFilter'] = [
|
|
'class' => Cors::class,
|
|
'cors' => [
|
|
// restrict access to
|
|
'Origin' => ['https://botondfitness.hu'],
|
|
// Allow credentials (cookies, authorization headers, etc.) to be exposed to the browser
|
|
'Access-Control-Allow-Credentials' => true,
|
|
]
|
|
];
|
|
return $behaviors;
|
|
}
|
|
|
|
/**
|
|
* This method will check the token
|
|
* @param Token $token
|
|
* @return Customer|null
|
|
*/
|
|
public function auth($token)
|
|
{
|
|
if ( !isset($token ) ) {
|
|
return null;
|
|
}
|
|
try {
|
|
$uid = (string) $token->getClaim('uid');
|
|
$customer = Customer::findOne(['id_customer' => $uid]);
|
|
if (isset($customer)) {
|
|
\Yii::$app->user->setIdentity($customer);
|
|
return $customer;
|
|
}
|
|
} catch (Exception $e) {
|
|
Yii::error('Failed to load customer: ' . $e->getMessage());
|
|
}
|
|
return null;
|
|
}
|
|
|
|
/**
|
|
* @see AuthMethod::$optional
|
|
* @return array
|
|
*/
|
|
protected function getOptionalActions(){
|
|
return [];
|
|
}
|
|
|
|
|
|
}
|
|
|