Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add filters to authentication flow to allow external authentication #129

Open
wants to merge 1 commit into
base: develop
Choose a base branch
from
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
36 changes: 28 additions & 8 deletions src/Auth.php
Original file line number Diff line number Diff line change
Expand Up @@ -38,7 +38,7 @@ public static function get_secret_key() {
* @throws \Exception
* @since 0.0.1
*/
public static function login_and_get_token( $username, $password ) {
public static function login_and_get_token( $username, $password, $fullInput ) {

/**
* First thing, check the secret key if not exist return a error
Expand All @@ -50,7 +50,7 @@ public static function login_and_get_token( $username, $password ) {
/**
* Authenticate the user and get the Authenticated user object in response
*/
$user = self::authenticate_user( $username, $password );
$user = self::authenticate_user( $username, $password, $fullInput );

/**
* Set the current user to the authenticated user
Expand Down Expand Up @@ -351,18 +351,38 @@ public static function is_refresh_token() {
*
* @return null|\WP_Error|\WP_User
*/
protected static function authenticate_user( $username, $password ) {
protected static function authenticate_user( $username, $password, $fullInput ) {

/**
* Try to authenticate the user with the passed credentials
*/
$user = wp_authenticate( sanitize_user( $username ), trim( $password ) );
/**
* Filter boolean if we should use WordPress authentication
*
* @param boolean true
* @param object $fullInput
*/
if(apply_filters( 'graphql_jwt_auth_use_wp_authentication', true, $fullInput )){

/**
* Try to authenticate the user with the passed credentials
*/
$user = wp_authenticate( sanitize_user( $username ), trim( $password ) );
} else {

/**
* Filter login input data to authenticate user using some other method.
*
* @param string username
* @param string password
* @param object $fullInput
*/
$defaultDenial = new \WP_Error(__('Those credentials were not authenticated by any third party provider'));
$user = apply_filters( 'graphql_jwt_auth_authenticate_user', $defaultDenial, sanitize_user( $username ), trim( $password ), $fullInput );
}

/**
* If the authentication fails return a error
*/
if ( is_wp_error( $user ) ) {
$error_code = ! empty( $user->get_error_code() ) ? $user->get_error_code() : 'invalid login';
$error_code = (! empty( $user->get_error_code() ) ? $user->get_error_code() : 'invalid login')." | ".$user->get_error_message();
throw new UserError( esc_html( $error_code ) );
}

Expand Down
2 changes: 1 addition & 1 deletion src/Login.php
Original file line number Diff line number Diff line change
Expand Up @@ -49,7 +49,7 @@ public static function register_mutation() {
],
'mutateAndGetPayload' => function( $input, AppContext $context, ResolveInfo $info ) {
// Login the user in and get an authToken and user in response.
return Auth::login_and_get_token( sanitize_user( $input['username'] ), trim( $input['password'] ) );
return Auth::login_and_get_token( sanitize_user( $input['username'] ), trim( $input['password'] ),$input );
},
]
);
Expand Down