Skip to content

Tenzing / pdf-customizer

Go to a project
Toggle navigation
Toggle navigation pinning
e0b2e00a by Jeff Balicki
Options

auth

1 parent 40f1a5df
Inline Side-by-side
Showing 11 changed files with 614 additions and 71 deletions
......@@ -159,15 +159,6 @@ class ApiController extends Controller
}
public function getApi($json)
{
$file = Storage::disk('public')->get('interface.js');
return $file;
return (new Response($file, 200))
->header('Content-Type', 'text/html');
}
public function getPdf($json)
......
<?php namespace App\Http\Controllers;
use JWTAuth;
use Tymon\JWTAuth\Exceptions\JWTException;
use Illuminate\Http\Request;
use App\User;
class AuthenticateController extends Controller
{
public function authenticate(Request $request)
{
// grab credentials from the request
//return User::create(['email' => 'jeffmbalicki@gmail.com', 'password' => bcrypt('518862')]);
$credentials = $request->only('email', 'password');
try {
// attempt to verify the credentials and create a token for the user
if (! $token = JWTAuth::attempt($credentials)) {
return response()->json(['error' => 'invalid_credentials'], 401);
}
} catch (JWTException $e) {
// something went wrong whilst attempting to encode the token
return response()->json(['error' => 'could_not_create_token'], 500);
}
// all good so return the token
return response()->json(compact('token'));
}
public function getAuthenticatedUser()
{
try {
if (! $user = JWTAuth::parseToken()->authenticate()) {
return response()->json(['user_not_found'], 404);
}
} catch (Tymon\JWTAuth\Exceptions\TokenExpiredException $e) {
return response()->json(['token_expired'], $e->getStatusCode());
} catch (Tymon\JWTAuth\Exceptions\TokenInvalidException $e) {
return response()->json(['token_invalid'], $e->getStatusCode());
} catch (Tymon\JWTAuth\Exceptions\JWTException $e) {
return response()->json(['token_absent'], $e->getStatusCode());
}
// the token is valid and we have found the user via the sub claim
return response()->json(compact('user'));
}
}
\ No newline at end of file
......@@ -69,40 +69,7 @@ class FileEntryController extends Controller {
}
public function postUpload(){
$files = Input::file('files');
$json = array(
'files' => array()
);
foreach( $files as $file ):
$filename = $file->getClientOriginalName().".".$file->getClientOriginalExtension();
$json['files'][] = array(
'name' => $filename,
'size' => $file->getSize(),
'type' => $file->getMimeType(),
'url' => '/uploads/files/'.$filename,
'deleteType' => 'DELETE',
'deleteUrl' => self::$route.'/deleteFile/'.$filename,
);
$upload = $file->move( public_path().'/files', $filename );
endforeach;
return Response::json($json);
}
......@@ -113,7 +80,7 @@ class FileEntryController extends Controller {
$file = Storage::disk('public')->get('js/interface.js');
return (new Response($file, 200))
->header('Content-Type', 'text/html');
->header('Content-Type', 'application/x-javascript');
}
}
......
......@@ -28,7 +28,8 @@ class Kernel extends HttpKernel
\Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class,
\Illuminate\Session\Middleware\StartSession::class,
\Illuminate\View\Middleware\ShareErrorsFromSession::class,
\App\Http\Middleware\VerifyCsrfToken::class,
// \App\Http\Middleware\VerifyCsrfToken::class,
],
'api' => [
......@@ -50,5 +51,7 @@ class Kernel extends HttpKernel
'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class,
'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class,
'cors' => \App\Http\Middleware\Cors::class,
'jwt.auth' => \Tymon\JWTAuth\Middleware\GetUserFromToken::class,
'jwt.refresh' => \Tymon\JWTAuth\Middleware\RefreshToken::class
];
}
......
......@@ -11,7 +11,7 @@ class VerifyCsrfToken extends BaseVerifier
*
* @var array
*/
protected $except = [ 'api/update'
protected $except = [ 'api/update', 'api/authenticate'
//
];
}
......
......@@ -29,10 +29,14 @@ Route::group(array('prefix' => 'api/v1'), function($json)
Route::resource('get-list', 'ApiController@getList');
Route::resource('get-pdf', 'ApiController@getpdf');
Route::resource('api', 'FileEntryController@getApi');
});
Route::any('api/update', 'ApiController@update');
Route::post('api/authenticate', 'AuthenticateController@authenticate');
Route::get('api/authenticate/user', 'AuthenticateController@getAuthenticatedUser');
Route::any('fileentry/postUpload', 'FileEntryController@postUpload');
......
<?php
<?
namespace App;
use Illuminate\Auth\Authenticatable; use Illuminate\Database\Eloquent\Model; use Illuminate\Auth\Passwords\CanResetPassword; use Illuminate\Foundation\Auth\Access\Authorizable; use Illuminate\Contracts\Auth\Authenticatable as AuthenticatableContract; use Illuminate\Contracts\Auth\Access\Authorizable as AuthorizableContract; use Illuminate\Contracts\Auth\CanResetPassword as CanResetPasswordContract;
class User extends Model implements AuthenticatableContract, AuthorizableContract, CanResetPasswordContract { use Authenticatable, Authorizable, CanResetPassword;
/**
* The database table used by the model.
*
* @var string
*/
protected $table = 'users';
use Illuminate\Foundation\Auth\User as Authenticatable;
class User extends Authenticatable
{
/**
* The attributes that are mass assignable.
*
* @var array
*/
protected $fillable = [
'name', 'email', 'password',
];
/**
* The attributes that should be hidden for arrays.
*
* @var array
*/
protected $hidden = [
'password', 'remember_token',
];
}
/**
* The attributes that are mass assignable.
*
* @var array
*/
protected $fillable = ['first_name', 'last_name', 'username', 'email', 'password'];
/**
* The attributes excluded from the model's JSON form.
*
* @var array
*/
protected $hidden = ['password'];
}
\ No newline at end of file
......
......@@ -147,7 +147,7 @@ return [
Illuminate\Translation\TranslationServiceProvider::class,
Illuminate\Validation\ValidationServiceProvider::class,
Illuminate\View\ViewServiceProvider::class,
Tymon\JWTAuth\Providers\JWTAuthServiceProvider::class,
/*
* Application Service Providers...
*/
......@@ -201,6 +201,7 @@ return [
'URL' => Illuminate\Support\Facades\URL::class,
'Validator' => Illuminate\Support\Facades\Validator::class,
'View' => Illuminate\Support\Facades\View::class,
'JWTAuth' => Tymon\JWTAuth\Facades\JWTAuth::class,
],
......
<?php
/*
* This file is part of jwt-auth.
*
* (c) Sean Tymon <tymon148@gmail.com>
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*/
return [
/*
|--------------------------------------------------------------------------
| JWT Authentication Secret
|--------------------------------------------------------------------------
|
| Don't forget to set this, as it will be used to sign your tokens.
| A helper command is provided for this: `php artisan jwt:generate`
|
*/
'secret' => env('JWT_SECRET', 'O1RUwmBjmDjsYJDpAgGB5GZLwnhDeGqS'),
/*
|--------------------------------------------------------------------------
| JWT time to live
|--------------------------------------------------------------------------
|
| Specify the length of time (in minutes) that the token will be valid for.
| Defaults to 1 hour
|
*/
'ttl' => 60,
/*
|--------------------------------------------------------------------------
| Refresh time to live
|--------------------------------------------------------------------------
|
| Specify the length of time (in minutes) that the token can be refreshed
| within. I.E. The user can refresh their token within a 2 week window of
| the original token being created until they must re-authenticate.
| Defaults to 2 weeks
|
*/
'refresh_ttl' => 20160,
/*
|--------------------------------------------------------------------------
| JWT hashing algorithm
|--------------------------------------------------------------------------
|
| Specify the hashing algorithm that will be used to sign the token.
|
| See here: https://github.com/namshi/jose/tree/2.2.0/src/Namshi/JOSE/Signer
| for possible values
|
*/
'algo' => 'HS256',
/*
|--------------------------------------------------------------------------
| User Model namespace
|--------------------------------------------------------------------------
|
| Specify the full namespace to your User model.
| e.g. 'Acme\Entities\User'
|
*/
'user' => 'App\User',
/*
|--------------------------------------------------------------------------
| User identifier
|--------------------------------------------------------------------------
|
| Specify a unique property of the user that will be added as the 'sub'
| claim of the token payload.
|
*/
'identifier' => 'userid',
/*
|--------------------------------------------------------------------------
| Required Claims
|--------------------------------------------------------------------------
|
| Specify the required claims that must exist in any token.
| A TokenInvalidException will be thrown if any of these claims are not
| present in the payload.
|
*/
'required_claims' => ['iss', 'iat', 'exp', 'nbf', 'sub', 'jti'],
/*
|--------------------------------------------------------------------------
| Blacklist Enabled
|--------------------------------------------------------------------------
|
| In order to invalidate tokens, you must have the the blacklist enabled.
| If you do not want or need this functionality, then set this to false.
|
*/
'blacklist_enabled' => env('JWT_BLACKLIST_ENABLED', true),
/*
|--------------------------------------------------------------------------
| Providers
|--------------------------------------------------------------------------
|
| Specify the various providers used throughout the package.
|
*/
'providers' => [
/*
|--------------------------------------------------------------------------
| User Provider
|--------------------------------------------------------------------------
|
| Specify the provider that is used to find the user based
| on the subject claim
|
*/
'user' => 'Tymon\JWTAuth\Providers\User\EloquentUserAdapter',
/*
|--------------------------------------------------------------------------
| JWT Provider
|--------------------------------------------------------------------------
|
| Specify the provider that is used to create and decode the tokens.
|
*/
'jwt' => 'Tymon\JWTAuth\Providers\JWT\NamshiAdapter',
/*
|--------------------------------------------------------------------------
| Authentication Provider
|--------------------------------------------------------------------------
|
| Specify the provider that is used to authenticate users.
|
*/
'auth' => 'Tymon\JWTAuth\Providers\Auth\IlluminateAuthAdapter',
/*
|--------------------------------------------------------------------------
| Storage Provider
|--------------------------------------------------------------------------
|
| Specify the provider that is used to store tokens in the blacklist
|
*/
'storage' => 'Tymon\JWTAuth\Providers\Storage\IlluminateCacheAdapter',
],
];
......@@ -15,6 +15,8 @@
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^ index.php [L]
RewriteCond %{HTTP:Authorization} ^(.*)
RewriteRule .* - [e=HTTP_AUTHORIZATION:%1]
# Handle Authorization Header
</IfModule>
......
function getAuth(){
jQuery(document).ready(function($) {
var settings = {
"async": true,
"crossDomain": true,
"url": "http://localhost:8888/pdf-customizer/public/api/authenticate",
"method": "POST",
"headers": {
"authorization": "Basic amVmZkBnb3RlbnppbmcuY29tOjUxODg2Mg==",
"cache-control": "no-cache",
"postman-token": "fe3549e8-0ba4-6214-c850-35863ef49a92"
},
"processData": false,
"contentType": false,
"mimeType": "multipart/form-data",
"data": form,
"success": function (data) {
getJson(user_id);
},
error: function (xhr, ajaxOptions, thrownError) { //Add these parameters to display the required response
//alert(xhr.status);
document.getElementById('contentArea').innerHTML =xhr.responseText;
}
}
$.ajax(settings).done(function (response) {
console.log(response);
token = response;
});
});
}
function getJson(user_id){
jQuery(document).ready(function($) {
$.getJSON("http://localhost:8888/pdf-customizer/public/api/v1/get-list/"+user_id, function (data) {
// Get the element with id summary and set the inner text to the result.
var json = JSON.stringify(data);
pickPdfFromList(json);
});
});
}
function getOneJson(id){
jQuery(document).ready(function($) {
$.getJSON("http://localhost:8888/pdf-customizer/public/api/v1/get-pdf/"+id, function (data) {
// Get the element with id summary and set the inner text to the result.
var json = JSON.stringify(data);
changePdfOptions(json);
});
});
}
function pickPdfFromList(json){
json = JSON.parse(json);
var strVar="";
strVar += "<link rel=\"stylesheet\" href=\"http:\/\/dhbhdrzi4tiry.cloudfront.net\/cdn\/sites\/foundation.min.css\">";
strVar += " <link href=\"http:\/\/cdnjs.cloudflare.com\/ajax\/libs\/foundicons\/3.0.0\/foundation-icons.css\" rel=\"stylesheet\" type=\"text\/css\">";
var i;
var pdflist = "";
for (i = 0; i < json.length; ++i) {
pdflist += "<div class=\"column\">";
pdflist += '<a href=\"#\" onclick=\"getOneJson(' +json[i].idPDF+');\"> <img class=\"thumbnail\" src="http://localhost:8888/pdf-customizer/public/fileentry/getImage/' + json[i].folder + '/' + json[i].image + '" height=\"270px\"></a>';
pdflist += " <h5>" + json[i].name + "<\/h5>";
pdflist += "<\/div>";
}
strVar += " <div class=\"callout primary\">";
strVar += " <div class=\"row column\">";
strVar += " <h1>Welcome to Synapsus Online PDF Editor<\/h1>";
strVar += " <p class=\"lead\">Please pick a PDF<\/p>";
strVar += " <\/div>";
strVar += " <\/div>";
strVar += " <div class=\"row small-up-2 medium-up-3 large-up-4\">";
strVar += pdflist;
strVar += " <\/div>";
strVar += " <hr>";
strVar += "";
strVar += " <\/div>";
strVar += " <\/div>";
strVar += " <\/div>";
strVar += " <\/div>";
strVar += "<\/div>";
strVar += "<\/div>";
strVar += "";
strVar += "<script src=\"http:\/\/dhbhdrzi4tiry.cloudfront.net\/cdn\/sites\/foundation.js\"><\/script>";
strVar += "<script>";
strVar += " $(document).foundation();";
strVar += "<\/script>";
strVar += "";
strVar += "";
document.getElementById('contentArea').innerHTML = strVar;
}
function changePdfOptions(json){
json = JSON.parse(json);
var strVar2="";
strVar2 += "<link rel=\"stylesheet\" href=\"http:\/\/dhbhdrzi4tiry.cloudfront.net\/cdn\/sites\/foundation.min.css\">";
strVar2 += "<link href=\"http:\/\/cdnjs.cloudflare.com\/ajax\/libs\/foundicons\/3.0.0\/foundation-icons.css\" rel=\"stylesheet\" type=\"text\/css\">";
var pdflist ="";
pdflist += "<div class=\"column\">";
pdflist += ' <img src=\"http://localhost:8888/pdf-customizer/public/fileentry/getImage/' + json[0].folder + '/' + json[0].image + '\" width=\"300px\">';
pdflist += "<\/div>";
var pdfChange="<br>";
pdfChange += "<form id=\"changes\" name=\"changes\" enctype=\"multipart/form-data\" action=\"#\" METHOD=\"POST\"><h4>" + json[0].name+"</h4>";
pdfChange += " <input type=\"hidden\" id=\"id\" name=\"id\" value=\""+json[0].idPDF+"\">";
for (i = 0; i < json.length; ++i) {
if(json[i].change_type == "text"){
pdfChange += " Text: <input id=\"content\" type=\"text\" name=\"content\" value=\""+json[i].content+"\">";
;
}if(json[i].change_type == "img"){
pdfChange += "Image: <input class=\"fileupload\" id=\"content\" style=\"display: block; box-sizing: border-box; width: 100%; height: 2.4375rem; padding: .5rem; border: 1px solid #cacaca; margin: 0 0 1rem; font-family: inherit; font-size: 1rem; color: #8a8a8a; background-color: #fefefe; box-shadow: inset 0 1px 2px rgba(10,10,10,.1); border-radius: 0; transition: box-shadow .5s,border-color .25s ease-in-out; -webkit-appearance: none; -moz-appearance: none;\" type=\"file\" name=\"content\" >";
}
}
pdfChange += " <input type=\"submit\" onclick=' ' value=\"Submit\">";
pdfChange += "<\/form>";
strVar2 += " <link rel=\"stylesheet\" href=\"http:\/\/dhbhdrzi4tiry.cloudfront.net\/cdn\/sites\/foundation.min.css\">";
strVar2 += " <div class=\"callout primary\">";
strVar2 += " <div class=\"row column\">";
strVar2 += " <h1>Welcome to Synapsus Online PDF Editor<\/h1>";
strVar2 += " <p class=\"lead\">Please make your changes or return <a href=\"#\" onclick=\"getJson("+user_id+");\">back to the list</a><\/p>";
strVar2 += " <\/div>";
strVar2 += " <\/div>";
strVar2 += " <div class=\"row small-up-2 medium-up-3 large-up-3\">";
strVar2 += pdflist+"<div class=\"column\">"+pdfChange+"<\/div>";
strVar2 += " <\/div>";
strVar2 += " <hr>";
strVar2 += "";
strVar2 += " <\/div>";
strVar2 += " <\/div>";
strVar2 += " <\/div>";
strVar2 += " <\/div>";
strVar2 += "<\/div>";
strVar2 += "";
strVar2 += "<script src=\"http:\/\/dhbhdrzi4tiry.cloudfront.net\/cdn\/sites\/foundation.js\"><\/script>";
strVar2 += "<script>";
strVar2 += " $(document).foundation();";
strVar2 += "<\/script>";
strVar2 += "";
document.getElementById('contentArea').innerHTML =strVar2;
$("document").ready(function(){
var files;
// Add events
$(".fileupload").change(function() { files = event.target.files; console.log(files); });
$("#changes").submit(function(e) {
e.preventDefault();
var form = $("#changes");
// var values = {};
//form.each(function() {
// values[this.name] = $(this).val();
//});
console.log(form);
returnfileOptions(files, form);
return false;});
}) ;
}
function returnfileOptions(files,form) {
var data = new FormData();
$.each(files, function(key, value)
{
data.append(key, value);
});
$.ajax({
url: 'http://localhost:8888/Forms/wp-content/plugins/pdf-customizer-plugin/admin/uploadfile.php?files',
type: 'POST',
data: data,
cache: false,
dataType: 'json',
processData: false, // Don't process the files
contentType: false, // Set content type to false as jQuery will tell the server its a query string request
success: function(data, textStatus, jqXHR)
{
if(typeof data.error === 'undefined')
{
returnOptions(form);
}
else
{
// Handle errors here
console.log('ERRORS: ' + data.error);
}
},
error: function(jqXHR, textStatus, errorThrown)
{
// Handle errors here
console.log('ERRORS: ' + textStatus);
// STOP LOADING SPINNER
}
});
}
function returnOptions(form) {
// console.log(form[0][1].value);
jQuery(document).ready(function ($) {
$.getJSON("http://localhost:8888/pdf-customizer/public/api/v1/get-pdf/" + id.value, function (dataReturnd) {
// Get the element with id summary and set the inner text to the result.
var json = dataReturnd;
//console.log(json);
var jsonReturn = '{"pdf":[{"name":"' + json[0].name + '", "folder":"' + json[0].folder + '", "pdfLocation":"' + json[0].file + '"}],"changes":['
var e = 1;
for (i = 0; i < json.length; ++i) {
var style = JSON.stringify(json[i].style);
var content = JSON.stringify(form[0][e].value);
jsonReturn += '{"label":"' + json[i].label + '", "locationUp":"' + json[i].locationUp + '", "locationRight":"' + json[i].locationRight + '","width":"' + json[i].width + '","height":"' + json[i].height + '", "pages":"' + json[i].pages + '", "content":' + content + ', "z-index":null, "idstylesPDF":"' + json[i].idstylesPDF + '", "style":' + style + ', "order":"' + json[i].order + '", "idchange_typePDF":"' + json[i].idchange_typePDF + '", "change_type":"' + json[i].change_type + '", "fileLocation":"http://contact.gotenzing.com/wp-content/plugins/pdf-customizer-plugin/admin/images"}';
if (i < json.length - 1){
jsonReturn += ',';
}
++e
}
jsonReturn += ' ]}';
// console.log(jsonReturn);
$.ajax({
url: "http://localhost:8888/pdf-customizer/public/api/update",
type: "POST",
dataType: 'json',
data: jsonReturn,
processData: false,
contentType: "application/json",
CrossDomain:true,
async: true,
success: function (data) {
document.getElementById('contentArea').innerHTML ='<a href="http://localhost:8888/pdf-customizer/public/fileentry/getPDF/'+json[0].folder+'/new_'+json[0].file+'" download="'+json[0].file+'" >Download Here</a>';
},
error: function (xhr, ajaxOptions, thrownError) { //Add these parameters to display the required response
alert(xhr.status);
document.getElementById('contentArea').innerHTML =xhr.responseText;
}
});
});
});
}