- WIP on v2.x authentication

2026-02-25 20:10:09 +00:00 · 2026-02-25 20:10:09 +00:00 · 0eaaf79ad8
commit 0eaaf79ad8
parent 0271aec31b
6 changed files with 47 additions and 27 deletions
--- a/src/Authorize/Bearer/JsonWebTokenDecoder.php
+++ b/src/Authorize/Bearer/JsonWebTokenDecoder.php
@ -70,12 +70,12 @@ class JsonWebTokenDecoder
    public function isJWT() : bool
    {
        try {
-            return $this->parse();
+            return count(explode('.', $this->encoded)) === 3;
        }
-        catch(\Throwable $t) {}
-
+        catch(\Throwable $t) {
            return false;
        }
+    }

    public function getPayload() : array
    {
--- a/src/Authorize/Header/BearerMethod.php
+++ b/src/Authorize/Header/BearerMethod.php
@ -6,6 +6,7 @@ use Psr\Http\Message\ServerRequestInterface;
 use Ulmus\User\Authorize\Bearer\JsonWebTokenDecoder;
 use Ulmus\User\Entity\UserInterface;
 use Ulmus\User\Lib\Authenticate;
+use Ulmus\User\Lib\AuthenticationMethodEnum;

 class BearerMethod implements MethodInterface
 {
@ -23,10 +24,15 @@ class BearerMethod implements MethodInterface

        switch($this->autodetectTokenType()) {
            case BearerTokenTypeEnum::JsonWebToken:
+                $this->jwt->decode();
+
                $payload = $this->jwt->getPayload();

                if ( $payload['sub'] ?? false) {
-                    $request = $request->withAttribute('authentication_middleware:user_id', $payload['sub']);
+                    $request = $request
+                        ->withAttribute('authentication_middleware:method', AuthenticationMethodEnum::ForceLogin)
+                        ->withAttribute('authentication_middleware:jwt', $payload)
+                        ->withAttribute('authentication_middleware:user_id', $payload['sub']);
                }
                else {
                    throw new \InvalidArgumentException("Given JsonWebToken is missing a 'sub' key (which concords to user id)");
@ -37,6 +43,8 @@ class BearerMethod implements MethodInterface
            case BearerTokenTypeEnum::UniqueKey:
                # @TODO
                break;
+
+            default:
        }

        return $request;
--- a/src/Entity/User.php
+++ b/src/Entity/User.php
@ -48,12 +48,12 @@ abstract class User implements UserInterface {
    #[Field]
    public string $password;

-    #[Field\UpdatedAt(name: "updated_at", readonly: true)]
-    public ? Datetime $updatedAt;
-
    #[Field\CreatedAt(name: "created_at", readonly: true)]
    public Datetime $createdAt;

+    #[Field\UpdatedAt(name: "updated_at", readonly: true)]
+    public ? Datetime $updatedAt;
+
    public bool $logged = false;

    public function __toString() : string
--- a/src/Exception/InvalidUserException.php
+++ b/src/Exception/InvalidUserException.php
@ -0,0 +1,5 @@
+<?php
+
+namespace Ulmus\User\Exception;
+
+class InvalidUserException extends \Exception {}
--- a/src/Middleware/AuthenticationMiddleware.php
+++ b/src/Middleware/AuthenticationMiddleware.php
@ -10,6 +10,7 @@ use Psr\Http\{
 };
 use Ulmus\User\Entity\UserInterface;
 use Ulmus\User\Authorize\PostRequestAuthentication;
+use Ulmus\User\Exception\InvalidUserException;
 use Ulmus\User\Lib\Authenticate;
 use Ulmus\User\Lib\AuthenticationMethodEnum;

@ -23,11 +24,23 @@ class AuthenticationMiddleware implements MiddlewareInterface
    public function process(ServerRequestInterface $request, RequestHandlerInterface $handler): ResponseInterface
    {
        try {
+            $this->launchAuthentication($request);
+        }
+        catch(InvalidUserException $e) {
+            return call_user_func($this->loginFailedResponse, [ 'api.error_message' => $e->getMessage() ]);
+        }
+
+        return $handler->handle($request);
+    }
+
+    protected function launchAuthentication(ServerRequestInterface $request) : void
+    {
        if (null !== $id = $request->getAttribute('authentication_middleware:user_id')) {
+
            $this->authenticator->loadUser($id);

            if ( ! $this->authenticator->user->isLoaded() ) {
-                    throw new \Exception("Given user id do not match with an existing/active user");
+                throw new InvalidUserException("Given user id do not match with an existing/active user");
            }
        }

@ -41,10 +54,4 @@ class AuthenticationMiddleware implements MiddlewareInterface
                break;
        }
    }
-        catch(\Exception $e) {
-            return call_user_func($this->loginFailedResponse, [ 'api.error_message' => $e->getMessage() ]);
-        }
-
-        return $handler->handle($request);
-    }
 }