allerta-vvf
/
allerta-vvf
mirror of https://github.com/allerta-vvf/allerta-vvf
1
0
Fork 0
Code Issues Releases Wiki Activity

Trying to improve auth

This commit is contained in:
Matteo Gheza 2023-09-04 01:09:53 +02:00
parent 5e1182184b
commit 800e2436ee
6 changed files with 38 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
backend/app/Http/Controllers/AuthController.php
View File

@ -39,7 +39,6 @@ class AuthController extends Controller
public function login(Request $request)
{
//TODO: https://stackoverflow.com/a/73980629
if (!Auth::attempt($request->only('username', 'password'))) {
return response()->json([
'message' => 'Invalid login details'
@ -60,9 +59,14 @@ class AuthController extends Controller
public function logout(Request $request)
{
//TODO: https://stackoverflow.com/a/73980629
Logger::log("Logout");
auth('web')->logout();
if(
method_exists(auth()->user(), 'currentAccessToken') &&
method_exists(auth()->user()->currentAccessToken(), 'delete')
) {
auth()->user()->currentAccessToken()->delete();
}
auth()->guard('api')->logout();
return;
}
@ -81,6 +85,18 @@ class AuthController extends Controller
public function impersonate(Request $request, $user)
{
if(!$request->user()) {
return response()->json([
'message' => 'Unauthorized'
], 401);
}
$authUser = User::find($request->user()->id);
if(!$authUser->canImpersonate()) {
return response()->json([
'message' => 'Unauthorized'
], 401);
}
$impersonatedUser = User::find($user);
$request->user()->impersonate($impersonatedUser);
$token = $impersonatedUser->createToken('auth_token')->plainTextToken;
@ -93,6 +109,12 @@ class AuthController extends Controller
public function stopImpersonating(Request $request)
{
if(!$request->user()) {
return response()->json([
'message' => 'Unauthorized'
], 401);
}
$request->user()->leaveImpersonation();
return;
}

2
backend/app/Http/Kernel.php
View File

@ -39,9 +39,11 @@ class Kernel extends HttpKernel
],
'api' => [
\App\Http\Middleware\EncryptCookies::class,
\Laravel\Sanctum\Http\Middleware\EnsureFrontendRequestsAreStateful::class,
\Illuminate\Routing\Middleware\ThrottleRequests::class.':api',
\Illuminate\Routing\Middleware\SubstituteBindings::class,
\Illuminate\Session\Middleware\StartSession::class,
],
];

7
backend/config/auth.php
View File

@ -14,7 +14,7 @@ return [
*/
'defaults' => [
'guard' => 'web',
'guard' => 'api',
'passwords' => 'users',
],
@ -40,6 +40,11 @@ return [
'driver' => 'session',
'provider' => 'users',
],
'api' => [
'driver' => 'session',
'provider' => 'users',
'hash' => true,
]
],
/*

2
backend/config/laratrust.php
View File

@ -299,7 +299,7 @@ return [
| These middleware will get attached onto each Laratrust panel route.
|
*/
'middleware' => ['web'],
'middleware' => ['api'],
/*
|--------------------------------------------------------------------------

2
backend/config/sanctum.php
View File

@ -33,7 +33,7 @@ return [
|
*/
'guard' => ['web'],
'guard' => ['api'],
/*
|--------------------------------------------------------------------------

7
backend/routes/api.php
View File

@ -25,15 +25,14 @@ use Illuminate\Support\Facades\Artisan;
*/
Route::post('/login', [AuthController::class, 'login']);
Route::post('/impersonate/{user}', [AuthController::class, 'impersonate']);
Route::post('/stop_impersonating', [AuthController::class, 'stopImpersonating']);
Route::middleware('auth:web')->group( function () {
Route::middleware('auth:sanctum')->group( function () {
//Route::post('/register', [AuthController::class, 'register']); //TODO: replace with admin only route
Route::get('/me', [AuthController::class, 'me']);
Route::post('/me', [AuthController::class, 'me']);
Route::post('/impersonate/{user}', [AuthController::class, 'impersonate']);
Route::post('/stop_impersonating', [AuthController::class, 'stopImpersonating']);
Route::get('/list', [UserController::class, 'index']);