Airlock Auth Provider #1700
Comments
|
I have this so far as a provider, but I feel there is definitely a better way to do it. If you want, I can PR this in? <?php
namespace App\Providers;
use Illuminate\Http\Request;
use Dingo\Api\Routing\Route;
use Dingo\Api\Auth\Provider\Authorization;
use Illuminate\Support\Facades\Auth as LaravelAuth;
use Laravel\Airlock\PersonalAccessToken;
use Symfony\Component\HttpKernel\Exception\UnauthorizedHttpException;
/**
* Class AirlockAuthProvider
*
* @package App\Providers
*/
class AirlockAuthProvider extends Authorization
{
/**
* @param Request $request
* @param Route $route
* @return mixed
*/
public function authenticate(Request $request, Route $route)
{
// Validate
$this->validateAuthorizationHeader($request);
// Grab the token
$token = $this->getToken($request);
// Lookup token
$foundToken = PersonalAccessToken::query()->where('token', $token)->first();
if (empty($foundToken)) {
throw new UnauthorizedHttpException('airlock', 'Unable to authenticate with invalid token.');
}
// Manually auth the user
LaravelAuth::loginUsingId($foundToken->user_id);
// Return User Model
return $foundToken->user;
}
/**
* Authorization Header Prefix
*
* @return string
*/
public function getAuthorizationMethod()
{
return 'bearer';
}
/**
* Get the token value from the request
*
* @param Request $request
* @return string
*/
public function getToken(Request $request)
{
return trim(str_replace(ucfirst($this->getAuthorizationMethod()), '', $request->headers->get('authorization')));
}
} |
|
Hi My advice is that Tymon JWT Auth is a superior solution (way more functionality), however if you want to add airlock, I don't really mind. My only request is that you include unit testing in your PR, just like for current providers. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Would possible to get an airlock (https://github.com/laravel/airlock) auth provider?
The text was updated successfully, but these errors were encountered: