Browse Source

begin auth filter

tags/0.1.0
Robin Thoni 9 years ago
parent
commit
6f31895c1b

+ 1
- 0
composer.json View File

@@ -16,6 +16,7 @@
16 16
     }],
17 17
     "require": {
18 18
       "laravel/lumen-framework": "5.1.x-dev",
19
+      "firebase/php-jwt": "~2.0",
19 20
       "luticate/utils": "*"
20 21
     },
21 22
     "require-dev": {

+ 5
- 0
src/Auth/Business/LuticatePermissionsBusiness.php View File

@@ -11,4 +11,9 @@ class LuticatePermissionsBusiness extends LuBusiness {
11 11
     {
12 12
         $this->dataAccess = new LuticatePermissionsDataAccess();
13 13
     }
14
+
15
+    public static function getUserPermission($user_id, $permission_name)
16
+    {
17
+        return LuticatePermissionsDataAccess::getUserPermission($user_id, $permission_name);
18
+    }
14 19
 }

+ 48
- 0
src/Auth/Business/LuticateUsersBusiness.php View File

@@ -2,13 +2,61 @@
2 2
 
3 3
 namespace Luticate\Auth\Business;
4 4
 
5
+use Illuminate\Http\Request;
5 6
 use Luticate\Utils\LuBusiness;
6 7
 use Luticate\Auth\DataAccess\LuticateUsersDataAccess;
7 8
 use Luticate\Auth\DBO\LuticateUsersDbo;
9
+use Luticate\Utils\LuRoute;
8 10
 
9 11
 class LuticateUsersBusiness extends LuBusiness {
12
+    /**
13
+     * @var LuticateUsersDbo
14
+     */
15
+    private static $_currentUser;
16
+
17
+    const TOKEN_HEADER = "X-Authentication";
18
+
10 19
     public function __construct()
11 20
     {
12 21
         $this->dataAccess = new LuticateUsersDataAccess();
13 22
     }
23
+
24
+    public static function getCurrentUser()
25
+    {
26
+        return self::$_currentUser;
27
+    }
28
+
29
+    /**
30
+     * @param $permissions string[]
31
+     * @param $request Request
32
+     * @return bool
33
+     */
34
+    public static function authFilter($permissions, $request)
35
+    {
36
+        $token = $request->header(self::TOKEN_HEADER);
37
+        if ($token == null)
38
+        {
39
+            return false;
40
+        }
41
+        $data = JwtHelper::decode($token);
42
+        if ($data == null)
43
+        {
44
+            return false;
45
+        }
46
+        $user_id = $data[JwtHelper::USER_KEY];
47
+
48
+        foreach ($permissions as $permission) {
49
+            if (!LuticatePermissionsBusiness::getUserPermission($user_id, $permission)) {
50
+                return false;
51
+            }
52
+        }
53
+
54
+        $user = LuticateUsersBusiness::getById($user_id);
55
+        if ($user == null)
56
+        {
57
+            return false;
58
+        }
59
+        self::$_currentUser = $user;
60
+        return true;
61
+    }
14 62
 }

+ 6
- 0
src/Auth/DataAccess/LuticatePermissionsDataAccess.php View File

@@ -2,6 +2,7 @@
2 2
 
3 3
 namespace Luticate\Auth\DataAccess;
4 4
 
5
+use Luticate\Auth\DataAccess\SP\SpLuGetUserPermission;
5 6
 use Luticate\Utils\LuDataAccess;
6 7
 use Luticate\Auth\DataAccess\Models\LuticatePermissions;
7 8
 use Luticate\Auth\DBO\LuticatePermissionsDbo;
@@ -12,4 +13,9 @@ class LuticatePermissionsDataAccess extends LuDataAccess {
12 13
         parent::__construct();
13 14
         $this->model = new LuticatePermissions();
14 15
     }
16
+
17
+    public static function getUserPermission($user_id, $permission_name)
18
+    {
19
+        return SpLuGetUserPermission::execute($user_id, $permission_name);
20
+    }
15 21
 }

Loading…
Cancel
Save