ryanwong
114 lines
3.0 KiB
PHP
Executable File
114 lines
3.0 KiB
PHP
Executable File
<?php defined('BASEPATH') OR exit('No direct script access allowed');
|
|
include_once __DIR__ . '/../services/Token_service.php';
|
|
/*Powered By: Manaknightdigital Inc. https://manaknightdigital.com/ Year: 2021*/
|
|
/**
|
|
* Token Middleware
|
|
* @copyright 2019 Manaknightdigital Inc.
|
|
* @link https://manaknightdigital.com
|
|
* @license Proprietary Software licensing
|
|
* @author Ryan Wong
|
|
*
|
|
*/
|
|
class Token_middleware
|
|
{
|
|
protected $_controller;
|
|
protected $_ci;
|
|
|
|
public $roles = array();
|
|
|
|
public function __construct(&$controller, &$ci)
|
|
{
|
|
$this->_controller = $controller;
|
|
$this->_ci = $ci;
|
|
}
|
|
|
|
/**
|
|
* Steps:
|
|
* 1.Get authorization header
|
|
* 2.Validate it
|
|
* 3.Check if it matches role
|
|
* 4.Return error if not match
|
|
*
|
|
* @return void
|
|
*/
|
|
public function run()
|
|
{
|
|
$token_service = new Token_service();
|
|
$key = $this->_ci->item('jwt_key');
|
|
|
|
$jwt_token = $this->_get_bearer_token();
|
|
|
|
if (strlen($jwt_token) < 1)
|
|
{
|
|
$this->unauthorize_error_message();
|
|
}
|
|
|
|
$result = $token_service->validate_token ($key, $this->_get_bearer_token());
|
|
|
|
if ($result)
|
|
{
|
|
$this->_controller->set_user_id($result->user_id);
|
|
$this->_controller->set_role_id($result->role_id);
|
|
return TRUE;
|
|
}
|
|
|
|
$this->unauthorize_error_message();
|
|
return FALSE;
|
|
}
|
|
|
|
private function _get_bearer_token()
|
|
{
|
|
$bearer_token = '';
|
|
|
|
$bearer_token_header = $this->_controller->input->get_request_header('Authorization');
|
|
$bearer_token_get = $this->_controller->input->get('Authorization');
|
|
|
|
if (strlen($bearer_token_header) < 1)
|
|
{
|
|
if (strlen($bearer_token_get) < 1)
|
|
{
|
|
$lower_case_bearer_token_header = $this->_controller->input->get_request_header('authorization');
|
|
$lower_case_bearer_token_get = $this->_controller->input->get('authorization');
|
|
if (strlen($lower_case_bearer_token_header) < 1)
|
|
{
|
|
if (strlen($lower_case_bearer_token_get) > 1)
|
|
{
|
|
$bearer_token = $lower_case_bearer_token_get;
|
|
}
|
|
}
|
|
else
|
|
{
|
|
$bearer_token = $lower_case_bearer_token_header;
|
|
}
|
|
}
|
|
else
|
|
{
|
|
$bearer_token = $bearer_token_get;
|
|
}
|
|
}
|
|
else
|
|
{
|
|
$bearer_token = $bearer_token_header;
|
|
}
|
|
|
|
if (strpos($bearer_token, 'Bearer ') !== 0)
|
|
{
|
|
return '';
|
|
}
|
|
else
|
|
{
|
|
return str_replace('Bearer ', '', $bearer_token);
|
|
}
|
|
}
|
|
|
|
private function unauthorize_error_message()
|
|
{
|
|
http_response_code(401);
|
|
echo json_encode([
|
|
'code' => 401,
|
|
'success' => FALSE,
|
|
'message' => 'invalid credentials'
|
|
]);
|
|
stop_execution();
|
|
}
|
|
} |