Comments (2)
Hi,
Sorry for necro post but i have find a solution for using Form auth AND ADmad/JWT Auth.
1st step : creation a custom UnauthorizedJWTException (i register this exception in bootstrap.php)
class UnauthorizedJWTException extends Exception
{
public function __construct($message = NULL, $code = 401)
{
if (empty($message)) {
$message = 'access denied';
}
parent::__construct($message, $code);
}
}
2nd step : Register a custom ExceptionRenderer in app.php
'Error' => ['errorLevel' => E_ALL,
'exceptionRenderer' => 'App\Error\AppExceptionRenderer',
'skipLog' => [],
'log' => TRUE,
'trace' => TRUE,],
3rd step : implement this custom renderer in app/src/Error/AppExceptionRenderer.php
<?php
namespace App\Error;
use App\Controller\AppController;
use Cake\Error\ExceptionRenderer;
use Cake\Routing\Router;
use UnauthorizedJWTException;
class AppExceptionRenderer extends ExceptionRenderer
{
public function __construct($exception)
{
parent::__construct($exception);
}
public function UnauthorizedJWT(UnauthorizedJWTException $error)
{
$controller = $this->_getController();
$header = $controller->request->getHeaderLine('accept');
if (strpos(strtolower($header), 'application/json') === FALSE) {
$controller->response = $controller->response->withStatus(302);
$controller->response = $controller->response->withHeader('location', Router::url(['controller' => 'Users',
'action' => 'login']));
return $controller->response;
} else {
$code = $this->_code($error);
$message = $this->_message($error, $code);
$viewVars = ['message' => $message,
'code' => $code,
'_serialize' => ['message',
'code']];
$this->controller->set($viewVars);
$response = $this->_outputMessage("error401");
$response = $response->withStatus($code);
return $response;
}
}
}
4th step : use the custom exception when you load Auth Component
'ADmad/JwtAuth.Jwt' => [
'userModel' => 'UserManager.Users',
'fields' => ['username' => 'id'],
'parameter' => 'token',
'queryDatasource' => TRUE,
'unauthenticatedException' => 'UnauthorizedJWTException',
'finder' => 'auth']
With this way you can catch the custom exception and redirect (if accept request is application/html) or send a custom error code & message (if accept request is application/json)
With this little trick, i can use the same routes for Mobile App and Browser App.
The bad way is that i can't access to the login url route, and i must write the Router::url inside the AppExceptionRenderer.php
Hope this help
Regards
PS : little precision, i put the Auth Form before the ADmad/JwtAuth
from cakephp-jwt-auth.
Don't use stateless and session based authenticators together. You will have problems. There's nothing I can do about it.
from cakephp-jwt-auth.
Related Issues (20)
- Cake 5 support? HOT 2
- Bearer should be capitalized, based on RFC6750 HOT 2
- how to get the logged in user id HOT 1
- JWT middleware or customize authentication method HOT 1
- JWT token blacklisting on logout HOT 1
- User is null on allowed methods even with Bearer HOT 1
- AppController is not working HOT 1
- Security paper HOT 2
- Cakephp 4 version HOT 6
- How to set timeout for token expires ? HOT 2
- Question : Did this package support cake 2.9 and php v 5.6.40 ? HOT 1
- unauthorizedRedirect HOT 1
- Refresh token HOT 1
- Customise Url HOT 2
- Json format HOT 4
- Add new variable in json HOT 1
- Authorization Error HOT 1
- How to get the package for Cakephp3 HOT 1
- loginAction false giving error HOT 1
- Syntax error, malformed JSON HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from cakephp-jwt-auth.