flusherdock1 / jwtauth Goto Github PK

Could you please add it to packgist.org so I can use it via composer require?

Hi guys

thank you very much for this plugin.
This is something I've worked on too (based on the older OCMS plugin that is based on a pre v1.0 version of tymon/jwt-auth),
and I was very happy when I saw your great implementation.

One thing I want for an OCMS JWT Auth plugin is the possibility to also use it for backend user accounts,
to be able to use the OCMS permissions and roles system and to access non-personal data for background services or frontend app access.

It would be great if you could check out what I have done so far in my fork at https://github.com/marcogrueter/JWTAuth/tree/feature-backend-auth

The implementation is rather simple. The differentiation between the user resolvers is simply handled by looking at the request route, see https://github.com/marcogrueter/JWTAuth/blob/feature-backend-auth/Plugin.php#L53.
Everything else is basically copied and adapted from your work.

Any feedback or comment is welcome, and of course I am willing to work on it if you think this would be something good for the plugin.

I'm currently using it together with another plugin (https://github.com/octobroid/oc-api-plugin/) to create REST API endpoints in Plugins.
This way I can create backend users that have certain roles and permissions set in the OctoberCMS settings and can check for those permissions in my API endpoints, for example:

        // check permissions
        $user = app('JWTGuard')->user();

        if(!$user->hasPermission('medworld.eventmanager.api.list_events')) {
            abort('403', 'Permission denied');
        }

And since the roles and corresponding permissions are sent with the user object after the authentication,
it would also be possible for the client-side to work with them. Example excerpt after loggin in:

Thank you and kind regards
Marco

When I try to install the plugin, I get the following error:

Update Failed
A syntax error was detected in /srv/users/server/apps/neatquiz/public/plugins/vdomah/jwtauth/updates/version.yaml. The string "!!! Generate JWT Authentication Secret using php artisan jwt:generate and assign generated value to JWT_SECRET in .env" could not be parsed as it uses an unsupported built-in tag at line 20 (near "!!! Generate JWT Authentication Secret using php artisan jwt:generate and assign generated value to JWT_SECRET in .env") at line 43 (near "/srv/users/server/apps/neatquiz/public/vendor/october/rain/src/Parse/Yaml.php")

It seems the issue is the !!! in the version.yaml file.

1.0.0:
- Initialize plugin.
1.0.1:
- Custom service provider and config file added.
1.0.2:
- Compability with OctoberCMS builds > 419 (Laravel 5.5)
1.0.3:
- README.md updated
1.0.4:
- Ability to define own set of user attributes in response.
1.0.5:
- /refresh and /invalidate endpoints back.
1.0.6:
- Update README about creating route in another plugin.
1.0.7:
- Compability with OctoberCMS builds > 454 (Authenticatable trait removed)
1.0.8:
- JWT Authentication Secret default value removed from config file. README updated about how to generate the secret.
1.0.9:
- !!! Generate JWT Authentication Secret using php artisan jwt:generate and assign generated value to JWT_SECRET in .env
1.0.10:
- Backend settings to set secret key, signup/login configurable request params.
1.0.11:
- !!! auth.php copying to root/config/ is not required any more. .env options support added to override auth.php and config.php
1.0.12:

• Possibility to disable each endpoint in backend settings
  ~

Removing !!! fixes the problem. Please update the version.yaml file.