Skip to content
Prashant Shah edited this page Dec 16, 2016 · 13 revisions

SQLite

ALTER TABLE "main"."wzusers" ADD COLUMN "authtoken" VARCHAR;

ALTER TABLE "main"."wzusers" ADD COLUMN "authtoken_expiry" INTEGER NOT NULL DEFAULT 0;

General

git push --all manzel

https://127.0.0.1:8443/webzash/

Bitnami SSL : https://bitnami.com/forums/forums/redmine/topics/how-to-activate-ssl-security

Routes

http://127.0.0.1:8080/webzash/ https://127.0.0.1:8443/webzash/ApiLedgers/index.json

routes.php

Router::mapResources('ApiLedgers');

Router::parseExtensions('json');

Authorization headers

  1. custom header

  2. apache_request_headers();

  3. SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1 RewriteEngine on RewriteRule ^$ app/webroot/ [L] RewriteRule (.*) app/webroot/$1 [L]
$this->request->header('Authorization')

JWT

https://www.sitepoint.com/php-authorization-jwt-json-web-tokens/

I'd recommend against using this library for now, clearly whoever's in charge is not interested. There's a valuable pull request that has some documentation if you're bent on using this library. The request is being completely ignored by the owner of this project. :}

Also, it does not install the latest update to firebase's JWT.php when composing. This version includes an exploit involving empty keys.

To get it working for myself, I did the following:

installed JWT.php with: composer require firebase/php-jwt
commented out the namespace as spacebiscuit said (THANK YOU!)
opened JWT.php and in decode, I turned all exceptions into die() because Cake was getting fussy

And I followed this tutorial. https://www.sitepoint.com/php-authorization-jwt-json-web-tokens/

I cannot say with confidence that I've done the best job, but JWTs are working for me without having to use a Cake plugin. My requirements are basic and may not mirror your company's needs.

composer require firebase/php-jwt

https://github.com/t73biz/cakephp2-jwt-auth

https://github.com/namshi/jose

Clone this wiki locally