Add jwt auth && fix the team datatable

zstucsat · Aug 24, 2017 · 0f8a09e · 0f8a09e
1 parent a824d41
commit 0f8a09e
Show file tree

Hide file tree

Showing 21 changed files with 373 additions and 209 deletions.
diff --git a/.gitignore b/.gitignore
@@ -10,3 +10,6 @@ Homestead.yaml
 npm-debug.log
 yarn-error.log
 .env
+package-lock.json
+composer.lock
+*~
diff --git a/app/Http/Controllers/Auth/ForgotPasswordController.php b/app/Http/Controllers/Auth/ForgotPasswordController.php
diff --git a/app/Http/Controllers/Auth/LoginController.php b/app/Http/Controllers/Auth/LoginController.php
diff --git a/app/Http/Controllers/Auth/RegisterController.php b/app/Http/Controllers/Auth/RegisterController.php
diff --git a/app/Http/Controllers/Auth/ResetPasswordController.php b/app/Http/Controllers/Auth/ResetPasswordController.php
diff --git a/app/Http/Controllers/IndexController.php b/app/Http/Controllers/IndexController.php
@@ -9,8 +9,9 @@ class IndexController extends Controller
 {
     public function index(Request $request)
     {
+        $title = 'hctf';
         return APIReturn::success([
-            'hello' => 'hctf'
+            'hello' => $title
         ]);
     }
 }
diff --git a/app/Http/Controllers/TeamController.php b/app/Http/Controllers/TeamController.php
@@ -0,0 +1,58 @@
+<?php
+
+namespace App\Http\Controllers;
+
+use Carbon\Carbon;
+use Illuminate\Http\Request;
+use App\Team;
+use Mockery\Exception;
+use APIReturn;
+use JWTAuth;
+use Tymon\JWTAuth\Exceptions\JWTException;
+
+class TeamController extends Controller
+{
+    private $team;
+    public function __construct(Team $team) {
+        $this->team = $team;
+    }
+
+    public function login(Request $request)
+    {
+        $credentials = $request->only('email', 'password');
+        $access_token = null;
+
+        try {
+            if (!$access_token = JWTAuth::attempt($credentials)) {
+                return APIReturn::error(401, ['invalid_email_or_password'], 401);
+            }
+        } catch (JWTAuthException $err) {
+            return APIReturn::error(500, ['failed_to_create_token'], 500);
+        }
+        return response()->json(compact('access_token'));
+    }
+
+    public function register(Request $request) {
+        $input = $request->only('teamName', 'email', 'password');
+        try {
+            $team = $this->team->create([
+                'teamName' => $input['teamName'],
+                'email' => $input['email'],
+                'password' => bcrypt($input['password']),
+                'signUpTime' => Carbon::now('Asia/Shanghai'),
+                'lastLoginTime' => Carbon::now('Asia/Shanghai'),
+            ]);
+        } catch (Exception $err) {
+            return APIReturn::error(500, ['msg' => 'Team/Email already exists.'], 500);
+        }
+
+        return APIReturn::success([
+            'msg' => 'Welcome to HCTF 2017!',
+        ]);
+    }
+
+    public function getAuthInfo(Request $request) {
+        $team = JWTAuth::parseToken()->authenticate();
+        return APIReturn::success(['team' => $team]);
+    }
+}
diff --git a/app/Http/Controllers/UserController.php b/app/Http/Controllers/UserController.php
@@ -13,7 +13,7 @@ public function __construct(UserRepositoryInterface $userRepository)
         $this->userRepository = $userRepository;
     }
     public function index(Request $request){
-        return \APIReturn::success([
+        return APIReturn::success([
            "param" => $request->get('param')
         ]);
     }

diff --git a/app/Http/Kernel.php b/app/Http/Kernel.php
@@ -3,6 +3,7 @@
 namespace App\Http;
 
 use Illuminate\Foundation\Http\Kernel as HttpKernel;
+use Tymon\JWTAuth\Middleware\GetUserFromToken;
 
 class Kernel extends HttpKernel
 {
@@ -32,7 +33,7 @@ class Kernel extends HttpKernel
             \Illuminate\Session\Middleware\StartSession::class,
             // \Illuminate\Session\Middleware\AuthenticateSession::class,
             \Illuminate\View\Middleware\ShareErrorsFromSession::class,
-            \App\Http\Middleware\VerifyCsrfToken::class,
+            //\App\Http\Middleware\VerifyCsrfToken::class,
             \Illuminate\Routing\Middleware\SubstituteBindings::class,
         ],
 
@@ -56,5 +57,9 @@ class Kernel extends HttpKernel
         'can' => \Illuminate\Auth\Middleware\Authorize::class,
         'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class,
         'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class,
+        'jwt.auth' =>  GetUserFromToken::class,
+        'jwt.refresh' => RefreshToken::class,
+        'jwt.auth.mod' => \App\Http\Middleware\VerifyCsrfToken::class,
+
     ];
 }
diff --git a/app/Http/Middleware/VerifyJWTToken.php b/app/Http/Middleware/VerifyJWTToken.php
@@ -0,0 +1,43 @@
+<?php
+
+namespace App\Http\Middleware;
+
+use Closure;
+use Tymon\JWTAuth\Exceptions\TokenExpiredException;
+use Tymon\JWTAuth\Exceptions\TokenInvalidException;
+use JWTAuth;
+use Tymon\JWTAuth\Exceptions\JWTException;
+
+
+class VerifyJWTToken
+{
+    /**
+     * Handle an incoming request.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @param  \Closure  $next
+     * @return mixed
+     */
+    public function handle($request, Closure $next)
+    {
+        if (! $token = $this->auth->setRequest($request)->getToken()) {
+            return $this->respond('tymon.jwt.absent', 'token_not_provided', 400);
+        }
+
+        try {
+            $user = $this->auth->authenticate($token);
+        } catch (TokenExpiredException $err) {
+            return $this->respond('Token expired', 'token_expired', $err->getStatusCode(), [$err]);
+        } catch (TokenInvalidException $err) {
+            return $this->respond('Token invalid', 'token_invalid', $err->getStatusCode(), [$err]);
+        }
+
+        if (! $user) {
+            return $this->respond('tymon.jwt.user_not_found', 'user_not_found', 404);
+        }
+
+        $this->events->fire('tymon.jwt.valid', $user);
+
+        return $next($request);
+    }
+}
diff --git a/app/Team.php b/app/Team.php
@@ -0,0 +1,41 @@
+<?php
+
+namespace App;
+
+use Illuminate\Notifications\Notifiable;
+use Illuminate\Foundation\Auth\User as Authenticatable;
+
+class Team extends Authenticatable
+{
+    use Notifiable;
+
+    /**
+     * The attributes that are mass assignable.
+     *
+     * @var array
+    | id             | int(10) unsigned | NO     | PRI   | <null>    | auto_increment |
+    | teamName       | varchar(255)     | NO     |       | <null>    |                |
+    | email          | varchar(255)     | YES    | UNI   | <null>    |                |
+    | password       | varchar(255)     | NO     |       | <null>    |                |
+    | signUpTime     | datetime         | NO     |       | <null>    |                |
+    | lastLoginTime  | datetime         | NO     |       | <null>    |                |
+    | score          | decimal(8,2)     | NO     |       | 0.00      |                |
+    | banned         | tinyint(1)       | NO     |       | 0         |                |
+    | remember_token | varchar(100)     | YES    |       | <null>    |                |
+     *
+     */
+    protected $fillable = [
+        'teamName', 'email', 'password', 'signUpTime', 'lastLoginTime'
+    ];
+
+    /**
+     * The attributes that should be hidden for arrays.
+     *
+     * @var array
+     */
+    protected $hidden = [
+        'password', 'remember_token',
+    ];
+
+    public $timestamps = false;
+}
diff --git a/app/User.php b/app/User.php
@@ -27,3 +27,4 @@ class User extends Authenticatable
         'password', 'remember_token',
     ];
 }
+
Original file line number	Diff line number	Diff line change
Expand Up		@@ -27,3 +27,4 @@ class User extends Authenticatable
		'password', 'remember_token',
		];
		}