-
Notifications
You must be signed in to change notification settings - Fork 0
/
app_client.php
104 lines (81 loc) · 4 KB
/
app_client.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
<?php
/**
* This file processes the login request and sends back a token response
* if successful.
*/
$requestMethod = $_SERVER['REQUEST_METHOD'];
// retrieve the inbound parameters based on request type.
switch($requestMethod) {
case 'POST':
$username = '';
$password = '';
if (isset($_POST['username'])) {$username = $_POST['username'];}
if (isset($_POST['password'])) {$password = $_POST['password'];}
if (($username == 'john.doe') && ($password == 'foobar')) {
require_once('jwt.php');
/**
* Create some payload data with user data we would normally retrieve from a
* database with users credentials. Then when the client sends back the token,
* this payload data is available for us to use to retrieve other data
* if necessary.
*/
$userId = 'USER123456';
/**
* Uncomment the following line and add an appropriate date to enable the
* "not before" feature.
*/
// $nbf = strtotime('2021-01-01 00:00:01');
/**
* Uncomment the following line and add an appropriate date and time to enable the
* "expire" feature.
*/
// $exp = strtotime('2021-01-01 00:00:01');
// Get our server-side secret key from a secure location.
$serverKey = '5f2b5cdbe5194f10b3241568fe4e2b24';
// create a token
$payloadArray = array();
$payloadArray['userId'] = $userId;
if (isset($nbf)) {$payloadArray['nbf'] = $nbf;}
if (isset($exp)) {$payloadArray['exp'] = $exp;}
$token = JWT::encode($payloadArray, $serverKey);
// return to caller
$returnArray = array('token' => $token);
$jsonEncodedReturnArray = json_encode($returnArray, JSON_PRETTY_PRINT);
echo $jsonEncodedReturnArray;
}
else {
$returnArray = array('error' => 'Invalid user ID or password.');
$jsonEncodedReturnArray = json_encode($returnArray, JSON_PRETTY_PRINT);
echo $jsonEncodedReturnArray;
}
break;
case 'GET':
$token = null;
if (isset($_GET['token'])) {$token = $_GET['token'];}
if (!is_null($token)) {
require_once('jwt.php');
// Get our server-side secret key from a secure location.
$serverKey = '5f2b5cdbe5194f10b3241568fe4e2b24';
try {
$payload = JWT::decode($token, $serverKey, array('HS256'));
$returnArray = array('userId' => $payload->userId);
if (isset($payload->exp)) {
$returnArray['exp'] = date(DateTime::ISO8601, $payload->exp);;
}
}
catch(Exception $e) {
$returnArray = array('error' => $e->getMessage());
}
}
else {
$returnArray = array('error' => 'You are not logged in with a valid token.');
}
// return to caller
$jsonEncodedReturnArray = json_encode($returnArray, JSON_PRETTY_PRINT);
echo $jsonEncodedReturnArray;
break;
default:
$returnArray = array('error' => 'You have requested an invalid method.');
$jsonEncodedReturnArray = json_encode($returnArray, JSON_PRETTY_PRINT);
echo $jsonEncodedReturnArray;
}