feat: projeto ranking com JWT configurado
This commit is contained in:
@@ -54,6 +54,7 @@ class Kernel extends HttpKernel
|
||||
*/
|
||||
protected $middlewareAliases = [
|
||||
'auth' => \App\Http\Middleware\Authenticate::class,
|
||||
'jwt.auth' => \App\Http\Middleware\JwtAuthMiddleware::class,
|
||||
'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
|
||||
'auth.session' => \Illuminate\Session\Middleware\AuthenticateSession::class,
|
||||
'cache.headers' => \Illuminate\Http\Middleware\SetCacheHeaders::class,
|
||||
|
||||
50
app/Http/Middleware/JwtAuthMiddleware.php
Normal file
50
app/Http/Middleware/JwtAuthMiddleware.php
Normal file
@@ -0,0 +1,50 @@
|
||||
<?php
|
||||
|
||||
namespace App\Http\Middleware;
|
||||
|
||||
use Closure;
|
||||
use Illuminate\Http\Request;
|
||||
use Firebase\JWT\JWT;
|
||||
use Firebase\JWT\Key;
|
||||
|
||||
class JwtAuthMiddleware
|
||||
{
|
||||
public function handle(Request $request, Closure $next)
|
||||
{
|
||||
try {
|
||||
$authHeader = $request->header('Authorization');
|
||||
|
||||
if (!$authHeader) {
|
||||
return response()->json(['message' => 'Missing Authorization header'], 401);
|
||||
}
|
||||
|
||||
if (!preg_match('/Bearer\s(\S+)/', $authHeader, $matches)) {
|
||||
return response()->json(['message' => 'Invalid token format'], 401);
|
||||
}
|
||||
|
||||
$token = $matches[1];
|
||||
|
||||
$publicKey = str_replace('\\n', "\n", env('JWT_PUBLIC_KEY_PEM'));
|
||||
|
||||
$decoded = JWT::decode($token, new Key($publicKey, 'RS256'));
|
||||
|
||||
if (
|
||||
$decoded->iss !== env('JWT_ISSUER') ||
|
||||
$decoded->aud !== env('JWT_AUDIENCE') ||
|
||||
empty($decoded->sub)
|
||||
) {
|
||||
return response()->json(['message' => 'Invalid token'], 401);
|
||||
}
|
||||
|
||||
$request->attributes->set('auth', [
|
||||
'id' => $decoded->sub,
|
||||
'token' => $token
|
||||
]);
|
||||
|
||||
return $next($request);
|
||||
|
||||
} catch (\Exception $e) {
|
||||
return response()->json(['message' => 'Invalid or expired token'], 401);
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -3,23 +3,30 @@
|
||||
use Illuminate\Http\Request;
|
||||
use Illuminate\Support\Facades\Route;
|
||||
use App\Http\Controllers\GameController;
|
||||
|
||||
/*
|
||||
|--------------------------------------------------------------------------
|
||||
| API Routes
|
||||
|--------------------------------------------------------------------------
|
||||
|
|
||||
| Here is where you can register API routes for your application. These
|
||||
| routes are loaded by the RouteServiceProvider and all of them will
|
||||
| be assigned to the "api" middleware group. Make something great!
|
||||
|
|
||||
*/
|
||||
Route::prefix('v1')->group(function () {
|
||||
|
||||
Route::prefix('v1')->middleware(['jwt.auth'])->group(function () {
|
||||
|
||||
// Rankings
|
||||
Route::get('/rankings/weekly', [GameController::class, 'weeklyRanking']);
|
||||
Route::get('/rankings/monthly', [GameController::class, 'monthlyRanking']);
|
||||
Route::get('/rankings/yearly', [GameController::class, 'yearlyRanking']);
|
||||
Route::get('/rankings/history/{id}', [GameController::class, 'history']);
|
||||
Route::get('/games/most-played', [GameController::class, 'mostPlayed']);
|
||||
|
||||
Route::get('/rankings/platforms/{platform}', [GameController::class, 'platformRanking']);
|
||||
|
||||
// Jogos
|
||||
Route::get('/games/most-played', [GameController::class, 'mostPlayed']);
|
||||
|
||||
});
|
||||
|
||||
// 🔓 Rota de teste (opcional)
|
||||
Route::middleware(['jwt.auth'])->get('/test-auth', function (Request $request) {
|
||||
return response()->json([
|
||||
'userId' => $request->attributes->get('auth')['id']
|
||||
]);
|
||||
});
|
||||
Reference in New Issue
Block a user