2017 © Pedro Peláez
 

project bundle-api

image

absolvent/bundle-api

  • Tuesday, March 20, 2018
  • by mcharytoniuk
  • Repository
  • 7 Watchers
  • 0 Stars
  • 4,254 Installations
  • PHP
  • 0 Dependents
  • 0 Suggesters
  • 0 Forks
  • 0 Open issues
  • 22 Versions
  • 9 % Grown

The README.md

absolvent/bundle-api

JWT Authentication Guard

Enable in project

  1. Add Absolvent\api\Providers\AuthServiceProvider to config/app.php providers.
  2. Create config/jwt.php similar to config/jwt.php in this bundle
  3. Change defaults.guard to jwt in config/auth.php
  4. Add
'jwt' => [
    'driver' => 'jwt',
    'provider' => 'users',
],

to guards in config/auth.php, (*1)

  1. Add JWT_SECRET variable to .env (eq. JWT_SECRET=SvfJknJLYWwvadkCLVE7HIzn2JpWDkXv)

NOTE: JWT_SECRET should be te same as in microservice-users, (*2)

Usage

Generally all Laravel authorization and authentication functionality should work out of the box when JwtAuthenticationGuard is configured properly., (*3)

Get jwt token / user information

use Illuminate\Support\Facades\Auth;

$user = Auth::user(); // returns JwtUser or null
$user = Auth::authenticate() // returns JwtUser or throws Exception
$jwtToken = Auth::getName(); // returns jwt token
$userSub = Auth::id(); // returns user email (jwt token `sub` claim)

User information are taken from jwt token so there are very basic. To get extended user information you have to issue call to microservice-users., (*4)

Permission based endpoint authentication

Add permission or can middleware to endpoint controller, (*5)

class EndpointController extends \Absolvent\api\Http\Controller
{
    public function __construct()
    {
        $this->middleware('permission:TALENTDAYS_ADMIN|TALENTDAYS_AREA');
    }

    // ...
}

In above example only user with TALENTDAYS_ADMIN or TALENTDAYS_AREA can access the endpoint, (*6)

Allow sending PATH requests with multipart-form content type

Add Absolvent\api\Http\Middleware\PreparePatchMultiPartForm to Absolvent\api\Http\Kernel::$middleware, (*7)

Make sure that PreparePatchMultiPartForm is after ValidatePostSize, (*8)

The Versions