-
Notifications
You must be signed in to change notification settings - Fork 20
/
routes.php
119 lines (96 loc) · 4.04 KB
/
routes.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
<?php
use RainLab\User\Models\User as UserModel;
use Vdomah\JWTAuth\Models\Settings;
Route::group(['prefix' => 'api'], function() {
Route::post('login', function (Request $request) {
if (Settings::get('is_login_disabled'))
App::abort(404, 'Page not found');
$arFields = Settings::get('login_fields');
if (!is_array($arFields) || empty($arFields)) {
$arFields = ['email', 'password', 'password_confirmation'];
}
$credentials = Input::only($arFields);
try {
// verify the credentials and create a token for the user
if (! $token = JWTAuth::attempt($credentials)) {
return response()->json(['error' => 'invalid_credentials'], 401);
}
} catch (JWTException $e) {
// something went wrong
return response()->json(['error' => 'could_not_create_token'], 500);
}
$userModel = JWTAuth::authenticate($token);
if ($userModel->methodExists('getAuthApiSigninAttributes')) {
$user = $userModel->getAuthApiSigninAttributes();
} else {
$user = [
'id' => $userModel->id,
'name' => $userModel->name,
'surname' => $userModel->surname,
'username' => $userModel->username,
'email' => $userModel->email,
'is_activated' => $userModel->is_activated,
];
}
// if no errors are encountered we can return a JWT
return response()->json(compact('token', 'user'));
});
Route::post('refresh', function (Request $request) {
if (Settings::get('is_refresh_disabled'))
App::abort(404, 'Page not found');
$token = Request::get('token');
try {
// attempt to refresh the JWT
if (!$token = JWTAuth::refresh($token)) {
return response()->json(['error' => 'could_not_refresh_token'], 401);
}
} catch (Exception $e) {
// something went wrong
return response()->json(['error' => 'could_not_refresh_token'], 500);
}
// if no errors are encountered we can return a new JWT
return response()->json(compact('token'));
});
Route::post('invalidate', function (Request $request) {
if (Settings::get('is_invalidate_disabled'))
App::abort(404, 'Page not found');
$token = Request::get('token');
try {
// invalidate the token
JWTAuth::invalidate($token);
} catch (Exception $e) {
// something went wrong
return response()->json(['error' => 'could_not_invalidate_token'], 500);
}
// if no errors we can return a message to indicate that the token was invalidated
return response()->json('token_invalidated');
});
Route::post('signup', function (Request $request) {
if (Settings::get('is_signup_disabled'))
App::abort(404, 'Page not found');
$arFields = Settings::get('signup_fields');
if (!is_array($arFields) || empty($arFields)) {
$arFields = ['email', 'password', 'password_confirmation'];
}
$credentials = Input::only($arFields);
try {
$userModel = UserModel::create($credentials);
if ($userModel->methodExists('getAuthApiSignupAttributes')) {
$user = $userModel->getAuthApiSignupAttributes();
} else {
$user = [
'id' => $userModel->id,
'name' => $userModel->name,
'surname' => $userModel->surname,
'username' => $userModel->username,
'email' => $userModel->email,
'is_activated' => $userModel->is_activated,
];
}
} catch (Exception $e) {
return Response::json(['error' => $e->getMessage()], 401);
}
$token = JWTAuth::fromUser($userModel);
return Response::json(compact('token', 'user'));
});
});