very basic initial push of API
This commit is contained in:
parent
c080025bab
commit
98b3355158
13 changed files with 555 additions and 118 deletions
|
@ -1,6 +1,7 @@
|
|||
APP_ENV=local
|
||||
APP_DEBUG=true
|
||||
APP_KEY=SomeRandomString
|
||||
JWT_SECRET=ChangeMe
|
||||
|
||||
DB_HOST=localhost
|
||||
DB_PORT=3306
|
||||
|
@ -22,3 +23,7 @@ MAIL_PORT=2525
|
|||
MAIL_USERNAME=null
|
||||
MAIL_PASSWORD=null
|
||||
MAIL_ENCRYPTION=null
|
||||
|
||||
API_PREFIX=api
|
||||
API_VERSION=v1
|
||||
API_DEBUG=false
|
||||
|
|
|
@ -55,7 +55,7 @@ class Handler extends ExceptionHandler
|
|||
$e = new NotFoundHttpException($e->getMessage(), $e);
|
||||
}
|
||||
|
||||
if ($request->isXmlHttpRequest() || $request->ajax() || $request->is('api/*') || $request->is('remote/*')) {
|
||||
if ($request->isXmlHttpRequest() || $request->ajax() || $request->is('remote/*')) {
|
||||
|
||||
$exception = 'An exception occured while attempting to perform this action, please try again.';
|
||||
|
||||
|
|
64
app/Http/Controllers/API/AuthController.php
Normal file
64
app/Http/Controllers/API/AuthController.php
Normal file
|
@ -0,0 +1,64 @@
|
|||
<?php
|
||||
|
||||
namespace Pterodactyl\Http\Controllers\API;
|
||||
|
||||
use JWTAuth;
|
||||
use Tymon\JWTAuth\Exceptions\JWTException;
|
||||
|
||||
use Illuminate\Http\Request;
|
||||
use \Symfony\Component\HttpKernel\Exception\UnauthorizedHttpException;
|
||||
use \Symfony\Component\HttpKernel\Exception\ServiceUnavailableHttpException;
|
||||
|
||||
use Pterodactyl\Transformers\UserTransformer;
|
||||
use Pterodactyl\Models;
|
||||
|
||||
/**
|
||||
* @Resource("Auth", uri="/auth")
|
||||
*/
|
||||
class AuthController extends BaseController
|
||||
{
|
||||
|
||||
/**
|
||||
* Authenticate
|
||||
*
|
||||
* Authenticate with the API to recieved a JSON Web Token
|
||||
*
|
||||
* @Post("/login")
|
||||
* @Versions({"v1"})
|
||||
* @Request({"email": "e@mail.com", "password": "soopersecret"})
|
||||
* @Response(200, body={"token": "<jwt-token>"})
|
||||
*/
|
||||
public function postLogin(Request $request) {
|
||||
$credentials = $request->only('email', 'password');
|
||||
|
||||
try {
|
||||
$token = JWTAuth::attempt($credentials, [
|
||||
'permissions' => [
|
||||
'view_users' => true,
|
||||
'edit_users' => true,
|
||||
'delete_users' => false,
|
||||
]
|
||||
]);
|
||||
if (!$token) {
|
||||
throw new UnauthorizedHttpException('');
|
||||
}
|
||||
} catch (JWTException $ex) {
|
||||
throw new ServiceUnavailableHttpException('');
|
||||
}
|
||||
|
||||
return compact('token');
|
||||
}
|
||||
|
||||
/**
|
||||
* Check if Authenticated
|
||||
*
|
||||
* @Post("/validate")
|
||||
* @Versions({"v1"})
|
||||
* @Request(headers={"Authorization": "Bearer <jwt-token>"})
|
||||
* @Response(204);
|
||||
*/
|
||||
public function postValidate(Request $request) {
|
||||
return $this->response->noContent();
|
||||
}
|
||||
|
||||
}
|
11
app/Http/Controllers/API/BaseController.php
Normal file
11
app/Http/Controllers/API/BaseController.php
Normal file
|
@ -0,0 +1,11 @@
|
|||
<?php
|
||||
|
||||
namespace Pterodactyl\Http\Controllers\API;
|
||||
|
||||
use Dingo\Api\Routing\Helpers;
|
||||
use Illuminate\Routing\Controller;
|
||||
|
||||
class BaseController extends Controller
|
||||
{
|
||||
use Helpers;
|
||||
}
|
|
@ -2,82 +2,32 @@
|
|||
|
||||
namespace Pterodactyl\Http\Controllers\API;
|
||||
|
||||
use Gate;
|
||||
use Log;
|
||||
use Debugbar;
|
||||
use Pterodactyl\Models\API;
|
||||
use Pterodactyl\Models\User;
|
||||
|
||||
use Pterodactyl\Http\Controllers\Controller;
|
||||
use Illuminate\Http\Request;
|
||||
|
||||
class UserController extends Controller
|
||||
use Pterodactyl\Transformers\UserTransformer;
|
||||
use Pterodactyl\Models;
|
||||
|
||||
/**
|
||||
* @Resource("Users", uri="/users")
|
||||
*/
|
||||
class UserController extends BaseController
|
||||
{
|
||||
|
||||
/**
|
||||
* Constructor
|
||||
*/
|
||||
public function __construct()
|
||||
{
|
||||
//
|
||||
}
|
||||
|
||||
public function getAllUsers(Request $request)
|
||||
{
|
||||
|
||||
// Policies don't work if the user isn't logged in for whatever reason in Laravel...
|
||||
if(!API::checkPermission($request->header('X-Authorization'), 'get-users')) {
|
||||
return API::noPermissionError();
|
||||
}
|
||||
|
||||
return response()->json([
|
||||
'users' => User::all()
|
||||
]);
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns JSON response about a user given their ID.
|
||||
* If fields are provided only those fields are returned.
|
||||
* List All Users
|
||||
*
|
||||
* Does not return protected fields (i.e. password & totp_secret)
|
||||
* Lists all users currently on the system.
|
||||
*
|
||||
* @param Request $request
|
||||
* @param int $id
|
||||
* @param string $fields
|
||||
* @return Response
|
||||
* @Get("/{?page}")
|
||||
* @Versions({"v1"})
|
||||
* @Parameters({
|
||||
* @Parameter("page", type="integer", description="The page of results to view.", default=1)
|
||||
* })
|
||||
* @Response(200)
|
||||
*/
|
||||
public function getUser(Request $request, $id, $fields = null)
|
||||
{
|
||||
|
||||
// Policies don't work if the user isn't logged in for whatever reason in Laravel...
|
||||
if(!API::checkPermission($request->header('X-Authorization'), 'get-users')) {
|
||||
return API::noPermissionError();
|
||||
}
|
||||
|
||||
if (is_null($fields)) {
|
||||
return response()->json(User::find($id));
|
||||
}
|
||||
|
||||
$query = User::where('id', $id);
|
||||
$explode = explode(',', $fields);
|
||||
|
||||
foreach($explode as &$exploded) {
|
||||
if(!empty($exploded)) {
|
||||
$query->addSelect($exploded);
|
||||
}
|
||||
}
|
||||
|
||||
try {
|
||||
return response()->json($query->get());
|
||||
} catch (\Exception $e) {
|
||||
if ($e instanceof \Illuminate\Database\QueryException) {
|
||||
return response()->json([
|
||||
'error' => 'One of the fields provided in your argument list is invalid.'
|
||||
], 500);
|
||||
}
|
||||
throw $e;
|
||||
}
|
||||
|
||||
public function getUsers(Request $request) {
|
||||
$users = Models\User::paginate(15);
|
||||
return $this->response->paginator($users, new UserTransformer);
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -17,7 +17,6 @@ class Kernel extends HttpKernel
|
|||
\Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class,
|
||||
\Illuminate\Session\Middleware\StartSession::class,
|
||||
\Illuminate\View\Middleware\ShareErrorsFromSession::class,
|
||||
\Pterodactyl\Http\Middleware\VerifyCsrfToken::class,
|
||||
];
|
||||
|
||||
/**
|
||||
|
@ -30,7 +29,7 @@ class Kernel extends HttpKernel
|
|||
'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
|
||||
'guest' => \Pterodactyl\Http\Middleware\RedirectIfAuthenticated::class,
|
||||
'server' => \Pterodactyl\Http\Middleware\CheckServer::class,
|
||||
'api' => \Pterodactyl\Http\Middleware\APIAuthenticate::class,
|
||||
'admin' => \Pterodactyl\Http\Middleware\AdminAuthenticate::class,
|
||||
'csrf' => \Pterodactyl\Http\Middleware\VerifyCsrfToken::class,
|
||||
];
|
||||
}
|
||||
|
|
|
@ -1,46 +0,0 @@
|
|||
<?php
|
||||
|
||||
namespace Pterodactyl\Http\Middleware;
|
||||
|
||||
use Closure;
|
||||
use Debugbar;
|
||||
|
||||
use Pterodactyl\Models\API;
|
||||
|
||||
class APIAuthenticate
|
||||
{
|
||||
/**
|
||||
* Handle an incoming request.
|
||||
*
|
||||
* @param \Illuminate\Http\Request $request
|
||||
* @param \Closure $next
|
||||
* @return mixed
|
||||
*/
|
||||
public function handle($request, Closure $next)
|
||||
{
|
||||
|
||||
if(!$request->header('X-Authorization')) {
|
||||
return response()->json([
|
||||
'error' => 'Authorization header was missing with this request. Please pass the \'X-Authorization\' header with your request.'
|
||||
], 403);
|
||||
}
|
||||
|
||||
$api = API::where('key', $request->header('X-Authorization'))->first();
|
||||
if (!$api) {
|
||||
return response()->json([
|
||||
'error' => 'Invalid API key was provided in the request.'
|
||||
], 403);
|
||||
}
|
||||
|
||||
if (!is_null($api->allowed_ips)) {
|
||||
if (!in_array($request->ip(), json_decode($api->allowed_ips, true))) {
|
||||
return response()->json([
|
||||
'error' => 'This IP (' . $request->ip() . ') is not permitted to access the API with that token.'
|
||||
], 403);
|
||||
}
|
||||
}
|
||||
|
||||
return $next($request);
|
||||
|
||||
}
|
||||
}
|
47
app/Http/Routes/APIRoutes.php
Normal file
47
app/Http/Routes/APIRoutes.php
Normal file
|
@ -0,0 +1,47 @@
|
|||
<?php
|
||||
|
||||
namespace Pterodactyl\Http\Routes;
|
||||
|
||||
use Pterodactyl\Models;
|
||||
use Illuminate\Routing\Router;
|
||||
|
||||
class APIRoutes
|
||||
{
|
||||
|
||||
public function map(Router $router) {
|
||||
|
||||
app('Dingo\Api\Auth\Auth')->extend('jwt', function ($app) {
|
||||
return new \Dingo\Api\Auth\Provider\JWT($app['Tymon\JWTAuth\JWTAuth']);
|
||||
});
|
||||
|
||||
$api = app('Dingo\Api\Routing\Router');
|
||||
|
||||
$api->version('v1', function ($api) {
|
||||
$api->post('auth/login', [
|
||||
'as' => 'api.auth.login',
|
||||
'uses' => 'Pterodactyl\Http\Controllers\API\AuthController@postLogin'
|
||||
]);
|
||||
|
||||
$api->post('auth/validate', [
|
||||
'middleware' => 'api.auth',
|
||||
'as' => 'api.auth.validate',
|
||||
'uses' => 'Pterodactyl\Http\Controllers\API\AuthController@postValidate'
|
||||
]);
|
||||
});
|
||||
|
||||
$api->version('v1', ['middleware' => 'api.auth'], function ($api) {
|
||||
|
||||
$api->get('users', [
|
||||
'as' => 'api.auth.validate',
|
||||
'uses' => 'Pterodactyl\Http\Controllers\API\UserController@getUsers'
|
||||
]);
|
||||
|
||||
$api->get('users/{id}', function($id) {
|
||||
return Models\User::findOrFail($id);
|
||||
});
|
||||
|
||||
|
||||
});
|
||||
}
|
||||
|
||||
}
|
21
app/Transformers/UserTransformer.php
Normal file
21
app/Transformers/UserTransformer.php
Normal file
|
@ -0,0 +1,21 @@
|
|||
<?php
|
||||
|
||||
namespace Pterodactyl\Transformers;
|
||||
|
||||
use Pterodactyl\Models\User;
|
||||
use League\Fractal\TransformerAbstract;
|
||||
|
||||
class UserTransformer extends TransformerAbstract
|
||||
{
|
||||
|
||||
/**
|
||||
* Turn this item object into a generic array
|
||||
*
|
||||
* @return array
|
||||
*/
|
||||
public function transform(User $user)
|
||||
{
|
||||
return $user;
|
||||
}
|
||||
|
||||
}
|
|
@ -8,12 +8,14 @@
|
|||
"php": ">=5.5.9",
|
||||
"laravel/framework": "5.2.*",
|
||||
"barryvdh/laravel-debugbar": "^2.0",
|
||||
"dingo/api": "1.0.*@dev",
|
||||
"doctrine/dbal": "^2.5",
|
||||
"guzzlehttp/guzzle": "^6.1",
|
||||
"pragmarx/google2fa": "^0.7.1",
|
||||
"webpatser/laravel-uuid": "^2.0",
|
||||
"prologue/alerts": "^0.4.0",
|
||||
"s1lentium/iptools": "^1.0"
|
||||
"s1lentium/iptools": "^1.0",
|
||||
"tymon/jwt-auth": "^0.5.6"
|
||||
},
|
||||
"require-dev": {
|
||||
"fzaninotto/faker": "~1.4",
|
||||
|
|
209
config/api.php
Normal file
209
config/api.php
Normal file
|
@ -0,0 +1,209 @@
|
|||
<?php
|
||||
|
||||
return [
|
||||
|
||||
/*
|
||||
|--------------------------------------------------------------------------
|
||||
| Standards Tree
|
||||
|--------------------------------------------------------------------------
|
||||
|
|
||||
| Versioning an API with Dingo revolves around content negotiation and
|
||||
| custom MIME types. A custom type will belong to one of three
|
||||
| standards trees, the Vendor tree (vnd), the Personal tree
|
||||
| (prs), and the Unregistered tree (x).
|
||||
|
|
||||
| By default the Unregistered tree (x) is used, however, should you wish
|
||||
| to you can register your type with the IANA. For more details:
|
||||
| https://tools.ietf.org/html/rfc6838
|
||||
|
|
||||
*/
|
||||
|
||||
'standardsTree' => env('API_STANDARDS_TREE', 'x'),
|
||||
|
||||
/*
|
||||
|--------------------------------------------------------------------------
|
||||
| API Subtype
|
||||
|--------------------------------------------------------------------------
|
||||
|
|
||||
| Your subtype will follow the standards tree you use when used in the
|
||||
| "Accept" header to negotiate the content type and version.
|
||||
|
|
||||
| For example: Accept: application/x.SUBTYPE.v1+json
|
||||
|
|
||||
*/
|
||||
|
||||
'subtype' => env('API_SUBTYPE', 'pterodactyl'),
|
||||
|
||||
/*
|
||||
|--------------------------------------------------------------------------
|
||||
| Default API Version
|
||||
|--------------------------------------------------------------------------
|
||||
|
|
||||
| This is the default version when strict mode is disabled and your API
|
||||
| is accessed via a web browser. It's also used as the default version
|
||||
| when generating your APIs documentation.
|
||||
|
|
||||
*/
|
||||
|
||||
'version' => env('API_VERSION', 'v1'),
|
||||
|
||||
/*
|
||||
|--------------------------------------------------------------------------
|
||||
| Default API Prefix
|
||||
|--------------------------------------------------------------------------
|
||||
|
|
||||
| A default prefix to use for your API routes so you don't have to
|
||||
| specify it for each group.
|
||||
|
|
||||
*/
|
||||
|
||||
'prefix' => env('API_PREFIX', null),
|
||||
|
||||
/*
|
||||
|--------------------------------------------------------------------------
|
||||
| Default API Domain
|
||||
|--------------------------------------------------------------------------
|
||||
|
|
||||
| A default domain to use for your API routes so you don't have to
|
||||
| specify it for each group.
|
||||
|
|
||||
*/
|
||||
|
||||
'domain' => env('API_DOMAIN', null),
|
||||
|
||||
/*
|
||||
|--------------------------------------------------------------------------
|
||||
| Name
|
||||
|--------------------------------------------------------------------------
|
||||
|
|
||||
| When documenting your API using the API Blueprint syntax you can
|
||||
| configure a default name to avoid having to manually specify
|
||||
| one when using the command.
|
||||
|
|
||||
*/
|
||||
|
||||
'name' => env('API_NAME', 'Pterodactyl Panel API'),
|
||||
|
||||
/*
|
||||
|--------------------------------------------------------------------------
|
||||
| Conditional Requests
|
||||
|--------------------------------------------------------------------------
|
||||
|
|
||||
| Globally enable conditional requests so that an ETag header is added to
|
||||
| any successful response. Subsequent requests will perform a check and
|
||||
| will return a 304 Not Modified. This can also be enabled or disabled
|
||||
| on certain groups or routes.
|
||||
|
|
||||
*/
|
||||
|
||||
'conditionalRequest' => env('API_CONDITIONAL_REQUEST', true),
|
||||
|
||||
/*
|
||||
|--------------------------------------------------------------------------
|
||||
| Strict Mode
|
||||
|--------------------------------------------------------------------------
|
||||
|
|
||||
| Enabling strict mode will require clients to send a valid Accept header
|
||||
| with every request. This also voids the default API version, meaning
|
||||
| your API will not be browsable via a web browser.
|
||||
|
|
||||
*/
|
||||
|
||||
'strict' => env('API_STRICT', false),
|
||||
|
||||
/*
|
||||
|--------------------------------------------------------------------------
|
||||
| Debug Mode
|
||||
|--------------------------------------------------------------------------
|
||||
|
|
||||
| Enabling debug mode will result in error responses caused by thrown
|
||||
| exceptions to have a "debug" key that will be populated with
|
||||
| more detailed information on the exception.
|
||||
|
|
||||
*/
|
||||
|
||||
'debug' => env('API_DEBUG', false),
|
||||
|
||||
/*
|
||||
|--------------------------------------------------------------------------
|
||||
| Generic Error Format
|
||||
|--------------------------------------------------------------------------
|
||||
|
|
||||
| When some HTTP exceptions are not caught and dealt with the API will
|
||||
| generate a generic error response in the format provided. Any
|
||||
| keys that aren't replaced with corresponding values will be
|
||||
| removed from the final response.
|
||||
|
|
||||
*/
|
||||
|
||||
'errorFormat' => [
|
||||
'message' => ':message',
|
||||
'errors' => ':errors',
|
||||
'code' => ':code',
|
||||
'status_code' => ':status_code',
|
||||
'debug' => ':debug',
|
||||
],
|
||||
|
||||
/*
|
||||
|--------------------------------------------------------------------------
|
||||
| Authentication Providers
|
||||
|--------------------------------------------------------------------------
|
||||
|
|
||||
| The authentication providers that should be used when attempting to
|
||||
| authenticate an incoming API request.
|
||||
|
|
||||
*/
|
||||
|
||||
'auth' => [
|
||||
'jwt' => 'Dingo\Api\Auth\Provider\JWT'
|
||||
],
|
||||
|
||||
/*
|
||||
|--------------------------------------------------------------------------
|
||||
| Throttling / Rate Limiting
|
||||
|--------------------------------------------------------------------------
|
||||
|
|
||||
| Consumers of your API can be limited to the amount of requests they can
|
||||
| make. You can create your own throttles or simply change the default
|
||||
| throttles.
|
||||
|
|
||||
*/
|
||||
|
||||
'throttling' => [
|
||||
|
||||
],
|
||||
|
||||
/*
|
||||
|--------------------------------------------------------------------------
|
||||
| Response Transformer
|
||||
|--------------------------------------------------------------------------
|
||||
|
|
||||
| Responses can be transformed so that they are easier to format. By
|
||||
| default a Fractal transformer will be used to transform any
|
||||
| responses prior to formatting. You can easily replace
|
||||
| this with your own transformer.
|
||||
|
|
||||
*/
|
||||
|
||||
'transformer' => env('API_TRANSFORMER', Dingo\Api\Transformer\Adapter\Fractal::class),
|
||||
|
||||
/*
|
||||
|--------------------------------------------------------------------------
|
||||
| Response Formats
|
||||
|--------------------------------------------------------------------------
|
||||
|
|
||||
| Responses can be returned in multiple formats by registering different
|
||||
| response formatters. You can also customize an existing response
|
||||
| formatter.
|
||||
|
|
||||
*/
|
||||
|
||||
'defaultFormat' => env('API_DEFAULT_FORMAT', 'json'),
|
||||
|
||||
'formats' => [
|
||||
|
||||
'json' => Dingo\Api\Http\Response\Format\Json::class,
|
||||
|
||||
],
|
||||
|
||||
];
|
|
@ -112,6 +112,9 @@ return [
|
|||
|
||||
'providers' => [
|
||||
|
||||
Dingo\Api\Provider\LaravelServiceProvider::class,
|
||||
Tymon\JWTAuth\Providers\JWTAuthServiceProvider::class,
|
||||
|
||||
/*
|
||||
* Laravel Framework Service Providers...
|
||||
*/
|
||||
|
@ -179,6 +182,8 @@ return [
|
|||
'Crypt' => Illuminate\Support\Facades\Crypt::class,
|
||||
'DB' => Illuminate\Support\Facades\DB::class,
|
||||
'Debugbar' => Barryvdh\Debugbar\Facade::class,
|
||||
'DingoAPI' => Dingo\Api\Facade\API::class,
|
||||
'DingoRoute' => Dingo\Api\Facade\Route::class,
|
||||
'Eloquent' => Illuminate\Database\Eloquent\Model::class,
|
||||
'Event' => Illuminate\Support\Facades\Event::class,
|
||||
'File' => Illuminate\Support\Facades\File::class,
|
||||
|
@ -187,6 +192,8 @@ return [
|
|||
'Hash' => Illuminate\Support\Facades\Hash::class,
|
||||
'Input' => Illuminate\Support\Facades\Input::class,
|
||||
'Inspiring' => Illuminate\Foundation\Inspiring::class,
|
||||
'JWTAuth' => Tymon\JWTAuth\Facades\JWTAuth::class,
|
||||
'JWTFactory' => Tymon\JWTAuth\Facades\JWTFactory::class,
|
||||
'Lang' => Illuminate\Support\Facades\Lang::class,
|
||||
'Log' => Illuminate\Support\Facades\Log::class,
|
||||
'Mail' => Illuminate\Support\Facades\Mail::class,
|
||||
|
|
168
config/jwt.php
Normal file
168
config/jwt.php
Normal file
|
@ -0,0 +1,168 @@
|
|||
<?php
|
||||
|
||||
return [
|
||||
|
||||
/*
|
||||
|--------------------------------------------------------------------------
|
||||
| JWT Authentication Secret
|
||||
|--------------------------------------------------------------------------
|
||||
|
|
||||
| Don't forget to set this, as it will be used to sign your tokens.
|
||||
| A helper command is provided for this: `php artisan jwt:generate`
|
||||
|
|
||||
*/
|
||||
|
||||
'secret' => env('JWT_SECRET', 'changeme'),
|
||||
|
||||
/*
|
||||
|--------------------------------------------------------------------------
|
||||
| JWT time to live
|
||||
|--------------------------------------------------------------------------
|
||||
|
|
||||
| Specify the length of time (in minutes) that the token will be valid for.
|
||||
| Defaults to 1 hour
|
||||
|
|
||||
*/
|
||||
|
||||
'ttl' => 60,
|
||||
|
||||
/*
|
||||
|--------------------------------------------------------------------------
|
||||
| Refresh time to live
|
||||
|--------------------------------------------------------------------------
|
||||
|
|
||||
| Specify the length of time (in minutes) that the token can be refreshed
|
||||
| within. I.E. The user can refresh their token within a 2 week window of
|
||||
| the original token being created until they must re-authenticate.
|
||||
| Defaults to 2 weeks
|
||||
|
|
||||
*/
|
||||
|
||||
'refresh_ttl' => 20160,
|
||||
|
||||
/*
|
||||
|--------------------------------------------------------------------------
|
||||
| JWT hashing algorithm
|
||||
|--------------------------------------------------------------------------
|
||||
|
|
||||
| Specify the hashing algorithm that will be used to sign the token.
|
||||
|
|
||||
| See here: https://github.com/namshi/jose/tree/2.2.0/src/Namshi/JOSE/Signer
|
||||
| for possible values
|
||||
|
|
||||
*/
|
||||
|
||||
'algo' => 'HS256',
|
||||
|
||||
/*
|
||||
|--------------------------------------------------------------------------
|
||||
| User Model namespace
|
||||
|--------------------------------------------------------------------------
|
||||
|
|
||||
| Specify the full namespace to your User model.
|
||||
| e.g. 'Acme\Entities\User'
|
||||
|
|
||||
*/
|
||||
|
||||
'user' => 'Pterodactyl\Models\User',
|
||||
|
||||
/*
|
||||
|--------------------------------------------------------------------------
|
||||
| User identifier
|
||||
|--------------------------------------------------------------------------
|
||||
|
|
||||
| Specify a unique property of the user that will be added as the 'sub'
|
||||
| claim of the token payload.
|
||||
|
|
||||
*/
|
||||
|
||||
'identifier' => 'id',
|
||||
|
||||
/*
|
||||
|--------------------------------------------------------------------------
|
||||
| Required Claims
|
||||
|--------------------------------------------------------------------------
|
||||
|
|
||||
| Specify the required claims that must exist in any token.
|
||||
| A TokenInvalidException will be thrown if any of these claims are not
|
||||
| present in the payload.
|
||||
|
|
||||
*/
|
||||
|
||||
'required_claims' => ['iss', 'iat', 'exp', 'nbf', 'sub', 'jti'],
|
||||
|
||||
/*
|
||||
|--------------------------------------------------------------------------
|
||||
| Blacklist Enabled
|
||||
|--------------------------------------------------------------------------
|
||||
|
|
||||
| In order to invalidate tokens, you must have the the blacklist enabled.
|
||||
| If you do not want or need this functionality, then set this to false.
|
||||
|
|
||||
*/
|
||||
|
||||
'blacklist_enabled' => env('JWT_BLACKLIST_ENABLED', true),
|
||||
|
||||
/*
|
||||
|--------------------------------------------------------------------------
|
||||
| Providers
|
||||
|--------------------------------------------------------------------------
|
||||
|
|
||||
| Specify the various providers used throughout the package.
|
||||
|
|
||||
*/
|
||||
|
||||
'providers' => [
|
||||
|
||||
/*
|
||||
|--------------------------------------------------------------------------
|
||||
| User Provider
|
||||
|--------------------------------------------------------------------------
|
||||
|
|
||||
| Specify the provider that is used to find the user based
|
||||
| on the subject claim
|
||||
|
|
||||
*/
|
||||
|
||||
'user' => 'Tymon\JWTAuth\Providers\User\EloquentUserAdapter',
|
||||
|
||||
/*
|
||||
|--------------------------------------------------------------------------
|
||||
| JWT Provider
|
||||
|--------------------------------------------------------------------------
|
||||
|
|
||||
| Specify the provider that is used to create and decode the tokens.
|
||||
|
|
||||
*/
|
||||
|
||||
'jwt' => 'Tymon\JWTAuth\Providers\JWT\NamshiAdapter',
|
||||
|
||||
/*
|
||||
|--------------------------------------------------------------------------
|
||||
| Authentication Provider
|
||||
|--------------------------------------------------------------------------
|
||||
|
|
||||
| Specify the provider that is used to authenticate users.
|
||||
|
|
||||
*/
|
||||
|
||||
'auth' => function ($app) {
|
||||
return new Tymon\JWTAuth\Providers\Auth\IlluminateAuthAdapter($app['auth']);
|
||||
},
|
||||
|
||||
/*
|
||||
|--------------------------------------------------------------------------
|
||||
| Storage Provider
|
||||
|--------------------------------------------------------------------------
|
||||
|
|
||||
| Specify the provider that is used to store tokens in the blacklist
|
||||
|
|
||||
*/
|
||||
|
||||
'storage' => function ($app) {
|
||||
return new Tymon\JWTAuth\Providers\Storage\IlluminateCacheAdapter($app['cache']);
|
||||
}
|
||||
|
||||
]
|
||||
|
||||
];
|
Loading…
Reference in a new issue