allerta-vvf
/
allerta-vvf
mirror of https://github.com/allerta-vvf/allerta-vvf
1
0
Fork 0
Code Issues Releases Wiki Activity

Trying to improve auth

This commit is contained in:
Matteo Gheza 2023-09-04 01:09:53 +02:00
parent 5e1182184b
commit 800e2436ee
6 changed files with 38 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
backend/app/Http/Controllers/AuthController.php
View File

@ -39,7 +39,6 @@ class AuthController extends Controller
public function login(Request $request) public function login(Request $request)
{ {
//TODO: https://stackoverflow.com/a/73980629
if (!Auth::attempt($request->only('username', 'password'))) { if (!Auth::attempt($request->only('username', 'password'))) {
return response()->json([ return response()->json([
'message' => 'Invalid login details' 'message' => 'Invalid login details'
@ -60,9 +59,14 @@ class AuthController extends Controller
public function logout(Request $request) public function logout(Request $request)
{ {
//TODO: https://stackoverflow.com/a/73980629
Logger::log("Logout"); Logger::log("Logout");
auth('web')->logout(); if(
method_exists(auth()->user(), 'currentAccessToken') &&
method_exists(auth()->user()->currentAccessToken(), 'delete')
) {
auth()->user()->currentAccessToken()->delete();
}
auth()->guard('api')->logout();
return; return;
} }
@ -81,6 +85,18 @@ class AuthController extends Controller
public function impersonate(Request $request, $user) public function impersonate(Request $request, $user)
{ {
if(!$request->user()) {
return response()->json([
'message' => 'Unauthorized'
], 401);
}
$authUser = User::find($request->user()->id);
if(!$authUser->canImpersonate()) {
return response()->json([
'message' => 'Unauthorized'
], 401);
}
$impersonatedUser = User::find($user); $impersonatedUser = User::find($user);
$request->user()->impersonate($impersonatedUser); $request->user()->impersonate($impersonatedUser);
$token = $impersonatedUser->createToken('auth_token')->plainTextToken; $token = $impersonatedUser->createToken('auth_token')->plainTextToken;
@ -93,6 +109,12 @@ class AuthController extends Controller
public function stopImpersonating(Request $request) public function stopImpersonating(Request $request)
{ {
if(!$request->user()) {
return response()->json([
'message' => 'Unauthorized'
], 401);
}
$request->user()->leaveImpersonation(); $request->user()->leaveImpersonation();
return; return;
} }

2
backend/app/Http/Kernel.php
View File

@ -39,9 +39,11 @@ class Kernel extends HttpKernel
], ],
'api' => [ 'api' => [
\App\Http\Middleware\EncryptCookies::class,
\Laravel\Sanctum\Http\Middleware\EnsureFrontendRequestsAreStateful::class, \Laravel\Sanctum\Http\Middleware\EnsureFrontendRequestsAreStateful::class,
\Illuminate\Routing\Middleware\ThrottleRequests::class.':api', \Illuminate\Routing\Middleware\ThrottleRequests::class.':api',
\Illuminate\Routing\Middleware\SubstituteBindings::class, \Illuminate\Routing\Middleware\SubstituteBindings::class,
\Illuminate\Session\Middleware\StartSession::class,
], ],
]; ];

7
backend/config/auth.php
View File

@ -14,7 +14,7 @@ return [
*/ */
'defaults' => [ 'defaults' => [
'guard' => 'web', 'guard' => 'api',
'passwords' => 'users', 'passwords' => 'users',
], ],
@ -40,6 +40,11 @@ return [
'driver' => 'session', 'driver' => 'session',
'provider' => 'users', 'provider' => 'users',
], ],
'api' => [
'driver' => 'session',
'provider' => 'users',
'hash' => true,
]
], ],
/* /*

2
backend/config/laratrust.php
View File

@ -299,7 +299,7 @@ return [
| These middleware will get attached onto each Laratrust panel route. | These middleware will get attached onto each Laratrust panel route.
| |
*/ */
'middleware' => ['web'], 'middleware' => ['api'],
/* /*
|-------------------------------------------------------------------------- |--------------------------------------------------------------------------

2
backend/config/sanctum.php
View File

@ -33,7 +33,7 @@ return [
| |
*/ */
'guard' => ['web'], 'guard' => ['api'],
/* /*
|-------------------------------------------------------------------------- |--------------------------------------------------------------------------

7
backend/routes/api.php
View File

@ -25,15 +25,14 @@ use Illuminate\Support\Facades\Artisan;
*/ */
Route::post('/login', [AuthController::class, 'login']); Route::post('/login', [AuthController::class, 'login']);
Route::post('/impersonate/{user}', [AuthController::class, 'impersonate']);
Route::post('/stop_impersonating', [AuthController::class, 'stopImpersonating']);
Route::middleware('auth:web')->group( function () { Route::middleware('auth:sanctum')->group( function () {
//Route::post('/register', [AuthController::class, 'register']); //TODO: replace with admin only route //Route::post('/register', [AuthController::class, 'register']); //TODO: replace with admin only route
Route::get('/me', [AuthController::class, 'me']); Route::get('/me', [AuthController::class, 'me']);
Route::post('/me', [AuthController::class, 'me']); Route::post('/me', [AuthController::class, 'me']);
Route::post('/impersonate/{user}', [AuthController::class, 'impersonate']);
Route::post('/stop_impersonating', [AuthController::class, 'stopImpersonating']);
Route::get('/list', [UserController::class, 'index']); Route::get('/list', [UserController::class, 'index']);