ElyBy-Mirror/accounts
1
0
Fork 0
mirror of https://github.com/elyby/accounts.git synced 2025-05-31 14:11:46 +05:30
Code Issues Packages Projects Releases Wiki Activity

Replace emarref/jwt with lcobucci/jwt

Browse Source 
Refactor all JWT-related components
Replace RS256 with ES256 as a preferred JWT algorithm
This commit is contained in:
ErickSkrauch
2019-08-01 12:17:12 +03:00
parent 4c2a9cc172
commit 45c2ed601d
47 changed files with 805 additions and 621 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
api/models/authentication/LoginForm.php
View File

@@ -4,7 +4,7 @@ declare(strict_types=1);
namespace api\models\authentication;
use api\aop\annotations\CollectModelMetrics;
use api\components\User\AuthenticationResult;
use api\components\Tokens\TokensFactory;
use api\models\base\ApiForm;
use api\traits\AccountFinder;
use api\validators\TotpValidator;
@@ -30,12 +30,12 @@ class LoginForm extends ApiForm {
['login', 'required', 'message' => E::LOGIN_REQUIRED],
['login', 'validateLogin'],
['password', 'required', 'when' => function(self $model) {
['password', 'required', 'when' => function(self $model): bool {
return !$model->hasErrors();
}, 'message' => E::PASSWORD_REQUIRED],
['password', 'validatePassword'],
['totp', 'required', 'when' => function(self $model) {
['totp', 'required', 'when' => function(self $model): bool {
return !$model->hasErrors() && $model->getAccount()->is_otp_enabled;
}, 'message' => E::TOTP_REQUIRED],
['totp', 'validateTotp'],
@@ -97,11 +97,10 @@ class LoginForm extends ApiForm {
/**
* @CollectModelMetrics(prefix="authentication.login")
* @return AuthenticationResult|bool
*/
public function login() {
public function login(): ?AuthenticationResult {
if (!$this->validate()) {
return false;
return null;
}
$transaction = Yii::$app->db->beginTransaction();
@@ -113,21 +112,22 @@ class LoginForm extends ApiForm {
Assert::true($account->save(), 'Unable to upgrade user\'s password');
}
$session = null;
$refreshToken = null;
if ($this->rememberMe) {
$session = new AccountSession();
$session->account_id = $account->id;
$session->setIp(Yii::$app->request->userIP);
$session->generateRefreshToken();
Assert::true($session->save(), 'Cannot save account session model');
$refreshToken = $session->refresh_token;
}
$token = Yii::$app->user->createJwtAuthenticationToken($account, $session);
$jwt = Yii::$app->user->serializeToken($token);
$token = TokensFactory::createForAccount($account, $session);
$transaction->commit();
return new AuthenticationResult($account, $jwt, $session);
return new AuthenticationResult($token, $refreshToken);
}
}