Giter Club home page Giter Club logo

slim-jwt-demo's Introduction

slim-jwt-demo's People

Contributors

anehkumar avatar

Stargazers

Breno Sobral avatar Chalermporn Posoppitakwong avatar

Watchers

Rayon Reid avatar avatar

Forkers

infinitylogic joroni

slim-jwt-demo's Issues

set auth route and non auth route?

I am following your tutorial, and done as described. but i do not know how to set the route with authentication and route with no authentication.
What i want is like in my APIs register, login, forgot-password do not require the token.
and rest of APIs needs the token.
This is my Middleware.php

    `use Tuupola\Middleware\HttpBasicAuthentication;
      $container = $app->getContainer();
      $container['logger'] = function($c) {
      $logger = new \Monolog\Logger('logger');
      $file_handler = new \Monolog\Handler\StreamHandler("App/logs/app.log");
      $logger->pushHandler($file_handler);
       return $logger;
       };

$container["jwt"] = function ($container) {
return new StdClass;
};

     $app->add(new \Slim\Middleware\JwtAuthentication([
"path" => "/auth",
    "secure" => false,
    "logger" => $container['logger'],
    "secret" => "devendrasinghchouhan",
    "rules" => [
    new \Slim\Middleware\JwtAuthentication\RequestPathRule([
    "path" => "/auth",
    "passthrough" => ["/token", "/not-secure"]
    ]),
    new \Slim\Middleware\JwtAuthentication\RequestMethodRule([
    "passthrough" => ["OPTIONS"]
    ]),
    ],
   "callback" => function ($request, $response, $arguments) use ($container) {
    $container["jwt"] = $arguments["decoded"];
    },
    "error" => function ($request, $response, $arguments) {
    $data["status"] = "error";
    $data["message"] = $arguments["message"];
    return $response
    ->withHeader("Content-Type", "application/json")
    ->write(json_encode($data, JSON_UNESCAPED_SLASHES | JSON_PRETTY_PRINT));
     }
    ]));
    $app->add(new \Slim\Middleware\HttpBasicAuthentication([
   "path" => "/user",
   "secure" => false,
   "users" => [
   "user" => "password"
   ]
   ]));

   $app->add(new \Tuupola\Middleware\Cors([
   "logger" => $container["logger"],
   "origin" => ["*"],
   "methods" => ["GET", "POST", "PUT", "PATCH", "DELETE"],
   "headers.allow" => ["Authorization", "If-Match", "If-Unmodified-Since"],
   "headers.expose" => ["Authorization", "Etag"],
   "credentials" => true,
   "cache" => 60,
   "error" => function ($request, $response, $arguments) {
    return new UnauthorizedResponse($arguments["message"], 401);
    }
    ]));`

And this is my route.php

   `$app->group('/api/v1', function ($app) {            
   $app->group('/auth', function ($app) {

   $app->post("/register",  function ($request, $response, $args) {
   /* Here generate and return JWT to the client. */
   $requested_scopes = $request->getParsedBody() ?: [];
   $now = new DateTime();
   $future = new DateTime("+01 minutes");
   $server = $request->getServerParams();
   $jti = (new Base62)->encode(random_bytes(16));
   $payload = [
   "iat" => $now->getTimeStamp(),
   "exp" => $future->getTimeStamp(),
   "jti" => $jti,
   "sub" => $server["192.168.64.2"]];

   $secret = "devendrasinghchouhan";
   $token = JWT::encode($payload, $secret, "HS256");
   $data["token"] = $token;
   $data["expires"] = $future->getTimeStamp();
   return $response->withStatus(201)
   ->withHeader("Content-Type", "application/json")
   ->write(json_encode($data, JSON_UNESCAPED_SLASHES | JSON_PRETTY_PRINT));
    });

    //login
    //forgot-password

       });

     });

      $app->group('/api/v1', function ($app) {           

      $app->group('/user', function ($app) {

      $app->post("/get-user",  function ($request, $response, $args) {
        $data = ["status" => 1, 'msg' => "This route is secure!"];
        $pdo = $this->db->prepare("SELECT * FROM prj_users");
        $pdo->execute();
        $todos = $pdo->fetchAll(PDO::FETCH_ASSOC);
        if (is_null($todos)) {
            $data["status"] = true;
        } else {
            $data["status"] = false;
        }
        return $response->withStatus(200)
        ->withHeader("Content-Type", "application/json")
        ->write(json_encode($data, JSON_UNESCAPED_SLASHES | JSON_PRETTY_PRINT));
        });

        });
        });`

I want to run get-user with token. and auth/register without token.

Plus i want to know that do i need to store the token in db for later check?
Or this framework will handle all this?
On what basis its generating the token?
from email address?

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.