Giter Club home page Giter Club logo

Comments (2)

cyberbobjr avatar cyberbobjr commented on July 30, 2024 1

Hi,
Sorry for necro post but i have find a solution for using Form auth AND ADmad/JWT Auth.
1st step : creation a custom UnauthorizedJWTException (i register this exception in bootstrap.php)

class UnauthorizedJWTException extends Exception
{
    public function __construct($message = NULL, $code = 401)
    {
        if (empty($message)) {
            $message = 'access denied';
        }
        parent::__construct($message, $code);
    }
}

2nd step : Register a custom ExceptionRenderer in app.php

        'Error'              => ['errorLevel'        => E_ALL,
                                 'exceptionRenderer' => 'App\Error\AppExceptionRenderer',
                                 'skipLog'           => [],
                                 'log'               => TRUE,
                                 'trace'             => TRUE,],

3rd step : implement this custom renderer in app/src/Error/AppExceptionRenderer.php

<?php

namespace App\Error;

use App\Controller\AppController;
use Cake\Error\ExceptionRenderer;
use Cake\Routing\Router;
use UnauthorizedJWTException;

class AppExceptionRenderer extends ExceptionRenderer
{
    public function __construct($exception)
    {
        parent::__construct($exception);
    }

    public function UnauthorizedJWT(UnauthorizedJWTException $error)
    {
        $controller = $this->_getController();
        $header = $controller->request->getHeaderLine('accept');
        if (strpos(strtolower($header), 'application/json') === FALSE) {
            $controller->response = $controller->response->withStatus(302);
            $controller->response = $controller->response->withHeader('location', Router::url(['controller' => 'Users',
                                                                                               'action'     => 'login']));
            return $controller->response;
        } else {
            $code = $this->_code($error);
            $message = $this->_message($error, $code);
            $viewVars = ['message'    => $message,
                         'code'       => $code,
                         '_serialize' => ['message',
                                          'code']];
            $this->controller->set($viewVars);
            $response = $this->_outputMessage("error401");
            $response = $response->withStatus($code);
            return $response;
        }
    }
}

4th step : use the custom exception when you load Auth Component

'ADmad/JwtAuth.Jwt' => [
                                              'userModel'                => 'UserManager.Users',
                                              'fields'                   => ['username' => 'id'],
                                              'parameter'                => 'token',
                                              'queryDatasource'          => TRUE,
                                              'unauthenticatedException' => 'UnauthorizedJWTException',
                                              'finder'                   => 'auth']

With this way you can catch the custom exception and redirect (if accept request is application/html) or send a custom error code & message (if accept request is application/json)

With this little trick, i can use the same routes for Mobile App and Browser App.

The bad way is that i can't access to the login url route, and i must write the Router::url inside the AppExceptionRenderer.php

Hope this help
Regards

PS : little precision, i put the Auth Form before the ADmad/JwtAuth

from cakephp-jwt-auth.

ADmad avatar ADmad commented on July 30, 2024

Don't use stateless and session based authenticators together. You will have problems. There's nothing I can do about it.

from cakephp-jwt-auth.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.