WebSVN – LeadersLinked - Services – Diff – /module/LeadersLinked/src/Controller/AuthController.php

 use Nullix\CryptoJsAes\CryptoJsAes;
 use GeoIp2\Database\Reader as GeoIp2Reader;
 use Laminas\Authentication\AuthenticationService;
-use Laminas\Authentication\Result as AuthResult;
-use Laminas\Db\Adapter\AdapterInterface;
-use Laminas\Http\Header\SetCookie;
+use Laminas\Authentication\Result as AuthResult;
-use Laminas\Mvc\Controller\AbstractActionController;
-use Laminas\Log\LoggerInterface;
-use Laminas\View\Model\ViewModel;
+use Laminas\Mvc\Controller\AbstractActionController;
 use Laminas\View\Model\JsonModel;
 use LeadersLinked\Form\Auth\SigninForm;
 use LeadersLinked\Model\UserPassword;
 use LeadersLinked\Model\Connection;
 use LeadersLinked\Authentication\AuthImpersonateAdapter;
-use LeadersLinked\Model\Network;
-use LeadersLinked\Cache\CacheInterface;
-use LeadersLinked\Cache\CacheImpl;
-use Laminas\Mvc\I18n\Translator;
+use LeadersLinked\Model\Network;
 use LeadersLinked\Model\JwtToken;
 use LeadersLinked\Mapper\JwtTokenMapper;
+use Firebase\JWT\JWT;
-use Firebase\JWT\JWT;
+use Firebase\JWT\Key;
         $request = $this->getRequest();
         if ($request->isPost()) {
             $currentNetworkPlugin = $this->plugin('currentNetworkPlugin');
+            $currentNetwork = $currentNetworkPlugin->getNetwork();
+            $jwtToken = null;
+            $headers = getallheaders();
+            if(isset($headers['authorization'])) {
+                $token = trim($headers['authorization']);
+                if (substr($token, 0, 6 ) == 'Bearer') {
+                    $token = trim(substr($token, 7));
+                    if(!empty($this->config['leaderslinked.jwt.key'])) {
+                        $key = $this->config['leaderslinked.jwt.key'];
+                        try {
+                            $payload = JWT::decode($token, new Key($key, 'HS256'));
+                            if(empty($payload->iss) || $payload->iss != $_SERVER['HTTP_HOST']) {
+                                return new JsonModel(['success' => false, 'data' => 'Unauthorized - JWT - Wrong server',  'fatal'  => true]);
+                            }
+                            $uuid = empty($payload->uuid) ? '' : $payload->uuid;
+                            $jwtTokenMapper = JwtTokenMapper::getInstance($this->adapter);
+                            $jwtToken = $jwtTokenMapper->fetchOneByUuid($uuid);
+                            if(!$jwtToken) {
+                                return new JsonModel(['success' => false, 'data' => 'Unauthorized - JWT - Expired',  'fatal'  => true]);
+                            }
+                        } catch(\Exception $e) {
+                            return new JsonModel(['success' => false, 'data' => 'Unauthorized - JWT - Wrong key',  'fatal'  => true]);
+                        }
+                    } else {
+                        return new JsonModel(['success' => false, 'data' => 'Unauthorized - JWT - SecreteKey required',  'fatal'  => true]);
+                    }
+                } else {
+                    return new JsonModel(['success' => false, 'data' => 'Unauthorized - JWT - Bearer required',  'fatal'  => true]);
+                }
+            } else {
+                return new JsonModel(['success' => false, 'data' => 'Unauthorized - JWT - Required',  'fatal'  => true]);
             $currentNetwork = $currentNetworkPlugin->getNetwork();
+            }
             $form->setData($dataPost);
             if ($form->isValid()) {
             if ($form->isValid()) {
                 $dataPost = (array) $form->getData();
+                        }
                     } else {
                         $userIpMapper->update($userIp);
+                    }
                     /*
                     if ($remember) {
                         $expired = time() + 365 * 24 * 60 * 60;
+                    }
+                    $response = $this->getResponse();
-                    $response = $this->getResponse();
+                    $response->getHeaders()->addHeader($cookieEmail);
-                    $response->getHeaders()->addHeader($cookieEmail);
+                    */

Proyectos de Subversion LeadersLinked - Services

(root)/module/LeadersLinked/src/Controller/AuthController.php – Rev 23 → 24