auth

@@ -159,15 +159,6 @@ class ApiController extends Controller
 
 
     }
     }
 
 
-    public function getApi($json)
-    {
-        $file = Storage::disk('public')->get('interface.js');
-        return $file;
-
-        return (new Response($file, 200))
-            ->header('Content-Type', 'text/html');
-    }
-
 
 
 
 
     public function getPdf($json)
     public function getPdf($json)

+<?php namespace App\Http\Controllers;
+ 
+use JWTAuth;
+use Tymon\JWTAuth\Exceptions\JWTException;
+use Illuminate\Http\Request;
+use App\User;
+
+
+class AuthenticateController extends Controller
+{
+    public function authenticate(Request $request)
+    {
+        // grab credentials from the request
+		//return User::create(['email' => 'jeffmbalicki@gmail.com', 'password' => bcrypt('518862')]);
+        $credentials = $request->only('email', 'password');
+       
+        try {
+            // attempt to verify the credentials and create a token for the user
+            if (! $token = JWTAuth::attempt($credentials)) {
+                return response()->json(['error' => 'invalid_credentials'], 401);
+            }
+        } catch (JWTException $e) {
+            // something went wrong whilst attempting to encode the token
+            return response()->json(['error' => 'could_not_create_token'], 500);
+        }
+		
+        // all good so return the token
+        return response()->json(compact('token'));
+    }
+	public function getAuthenticatedUser()
+{
+    try {
+
+        if (! $user = JWTAuth::parseToken()->authenticate()) {
+            return response()->json(['user_not_found'], 404);
+        }
+
+    } catch (Tymon\JWTAuth\Exceptions\TokenExpiredException $e) {
+
+        return response()->json(['token_expired'], $e->getStatusCode());
+
+    } catch (Tymon\JWTAuth\Exceptions\TokenInvalidException $e) {
+
+        return response()->json(['token_invalid'], $e->getStatusCode());
+
+    } catch (Tymon\JWTAuth\Exceptions\JWTException $e) {
+
+        return response()->json(['token_absent'], $e->getStatusCode());
+
+    }
+
+    // the token is valid and we have found the user via the sub claim
+    return response()->json(compact('user'));
+}
+}
\ No newline at end of file

@@ -69,40 +69,7 @@ class FileEntryController extends Controller {
 	}
 	}
 
 
 	
 	
-	public function postUpload(){
-
-		$files = Input::file('files');
-
-		$json = array(
-			'files' => array()
-		);
-
-		foreach( $files as $file ):
-
-			$filename = $file->getClientOriginalName().".".$file->getClientOriginalExtension();
-
-			$json['files'][] = array(
-				'name' => $filename,
-				'size' => $file->getSize(),
-				'type' => $file->getMimeType(),
-				'url' => '/uploads/files/'.$filename,
-				'deleteType' => 'DELETE',
-				'deleteUrl' => self::$route.'/deleteFile/'.$filename,
-			);
-
-			$upload = $file->move( public_path().'/files', $filename );
-
-
-		endforeach;
-
-
-
-
-
-		return Response::json($json);
-
-	}
-
+	
 
 
 
 
 
 
@@ -113,7 +80,7 @@ class FileEntryController extends Controller {
 		$file = Storage::disk('public')->get('js/interface.js');
 		$file = Storage::disk('public')->get('js/interface.js');
 
 
 		return (new Response($file, 200))
 		return (new Response($file, 200))
-			->header('Content-Type', 'text/html');
+			->header('Content-Type', 'application/x-javascript');
 	}
 	}
 
 
 }
 }

@@ -28,7 +28,8 @@ class Kernel extends HttpKernel
             \Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class,
             \Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class,
             \Illuminate\Session\Middleware\StartSession::class,
             \Illuminate\Session\Middleware\StartSession::class,
             \Illuminate\View\Middleware\ShareErrorsFromSession::class,
             \Illuminate\View\Middleware\ShareErrorsFromSession::class,
-            \App\Http\Middleware\VerifyCsrfToken::class,
+           // \App\Http\Middleware\VerifyCsrfToken::class,
+			
         ],
         ],
 
 
         'api' => [
         'api' => [
@@ -50,5 +51,7 @@ class Kernel extends HttpKernel
         'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class,
         'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class,
         'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class,
         'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class,
         'cors' => \App\Http\Middleware\Cors::class,
         'cors' => \App\Http\Middleware\Cors::class,
+		'jwt.auth' => \Tymon\JWTAuth\Middleware\GetUserFromToken::class,
+        'jwt.refresh' => \Tymon\JWTAuth\Middleware\RefreshToken::class
     ];
     ];
 }
 }

@@ -11,7 +11,7 @@ class VerifyCsrfToken extends BaseVerifier
      *
      *
      * @var array
      * @var array
      */
      */
-    protected $except = [ 'api/update'
+    protected $except = [ 'api/update', 'api/authenticate'
         //
         //
     ];
     ];
 }
 }

@@ -29,10 +29,14 @@ Route::group(array('prefix' => 'api/v1'), function($json)
     Route::resource('get-list', 'ApiController@getList');
     Route::resource('get-list', 'ApiController@getList');
     Route::resource('get-pdf', 'ApiController@getpdf');
     Route::resource('get-pdf', 'ApiController@getpdf');
     Route::resource('api', 'FileEntryController@getApi');
     Route::resource('api', 'FileEntryController@getApi');
+	
 
 
 });
 });
 
 
 Route::any('api/update',   'ApiController@update');
 Route::any('api/update',   'ApiController@update');
+Route::post('api/authenticate', 'AuthenticateController@authenticate');
+Route::get('api/authenticate/user', 'AuthenticateController@getAuthenticatedUser');
+
 
 
 Route::any('fileentry/postUpload',  'FileEntryController@postUpload');
 Route::any('fileentry/postUpload',  'FileEntryController@postUpload');
 
 

-<?php
-
+<? 
 namespace App;
 namespace App;
+use Illuminate\Auth\Authenticatable; use Illuminate\Database\Eloquent\Model; use Illuminate\Auth\Passwords\CanResetPassword; use Illuminate\Foundation\Auth\Access\Authorizable; use Illuminate\Contracts\Auth\Authenticatable as AuthenticatableContract; use Illuminate\Contracts\Auth\Access\Authorizable as AuthorizableContract; use Illuminate\Contracts\Auth\CanResetPassword as CanResetPasswordContract;
+class User extends Model implements AuthenticatableContract, AuthorizableContract, CanResetPasswordContract { use Authenticatable, Authorizable, CanResetPassword;
+/**
+ * The database table used by the model.
+ *
+ * @var string
+ */
+protected $table = 'users';
 
 
-use Illuminate\Foundation\Auth\User as Authenticatable;
-
-class User extends Authenticatable
-{
-    /**
-     * The attributes that are mass assignable.
-     *
-     * @var array
-     */
-    protected $fillable = [
-        'name', 'email', 'password',
-    ];
-
-    /**
-     * The attributes that should be hidden for arrays.
-     *
-     * @var array
-     */
-    protected $hidden = [
-        'password', 'remember_token',
-    ];
-}
+/**
+ * The attributes that are mass assignable.
+ *
+ * @var array
+ */
+protected $fillable = ['first_name', 'last_name', 'username', 'email', 'password'];
+/**
+ * The attributes excluded from the model's JSON form.
+ *
+ * @var array
+ */
+protected $hidden = ['password'];
+}
\ No newline at end of file

@@ -147,7 +147,7 @@ return [
         Illuminate\Translation\TranslationServiceProvider::class,
         Illuminate\Translation\TranslationServiceProvider::class,
         Illuminate\Validation\ValidationServiceProvider::class,
         Illuminate\Validation\ValidationServiceProvider::class,
         Illuminate\View\ViewServiceProvider::class,
         Illuminate\View\ViewServiceProvider::class,
-
+		Tymon\JWTAuth\Providers\JWTAuthServiceProvider::class,
         /*
         /*
          * Application Service Providers...
          * Application Service Providers...
          */
          */
@@ -201,6 +201,7 @@ return [
         'URL' => Illuminate\Support\Facades\URL::class,
         'URL' => Illuminate\Support\Facades\URL::class,
         'Validator' => Illuminate\Support\Facades\Validator::class,
         'Validator' => Illuminate\Support\Facades\Validator::class,
         'View' => Illuminate\Support\Facades\View::class,
         'View' => Illuminate\Support\Facades\View::class,
+		'JWTAuth' => Tymon\JWTAuth\Facades\JWTAuth::class,
 
 
     ],
     ],
 
 

+<?php
+
+/*
+ * This file is part of jwt-auth.
+ *
+ * (c) Sean Tymon <tymon148@gmail.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+return [
+
+    /*
+    |--------------------------------------------------------------------------
+    | JWT Authentication Secret
+    |--------------------------------------------------------------------------
+    |
+    | Don't forget to set this, as it will be used to sign your tokens.
+    | A helper command is provided for this: `php artisan jwt:generate`
+    |
+    */
+
+    'secret' => env('JWT_SECRET', 'O1RUwmBjmDjsYJDpAgGB5GZLwnhDeGqS'),
+
+    /*
+    |--------------------------------------------------------------------------
+    | JWT time to live
+    |--------------------------------------------------------------------------
+    |
+    | Specify the length of time (in minutes) that the token will be valid for.
+    | Defaults to 1 hour
+    |
+    */
+
+    'ttl' => 60,
+
+    /*
+    |--------------------------------------------------------------------------
+    | Refresh time to live
+    |--------------------------------------------------------------------------
+    |
+    | Specify the length of time (in minutes) that the token can be refreshed
+    | within. I.E. The user can refresh their token within a 2 week window of
+    | the original token being created until they must re-authenticate.
+    | Defaults to 2 weeks
+    |
+    */
+
+    'refresh_ttl' => 20160,
+
+    /*
+    |--------------------------------------------------------------------------
+    | JWT hashing algorithm
+    |--------------------------------------------------------------------------
+    |
+    | Specify the hashing algorithm that will be used to sign the token.
+    |
+    | See here: https://github.com/namshi/jose/tree/2.2.0/src/Namshi/JOSE/Signer
+    | for possible values
+    |
+    */
+
+    'algo' => 'HS256',
+
+    /*
+    |--------------------------------------------------------------------------
+    | User Model namespace
+    |--------------------------------------------------------------------------
+    |
+    | Specify the full namespace to your User model.
+    | e.g. 'Acme\Entities\User'
+    |
+    */
+
+    'user' => 'App\User',
+
+    /*
+    |--------------------------------------------------------------------------
+    | User identifier
+    |--------------------------------------------------------------------------
+    |
+    | Specify a unique property of the user that will be added as the 'sub'
+    | claim of the token payload.
+    |
+    */
+
+    'identifier' => 'userid',
+
+    /*
+    |--------------------------------------------------------------------------
+    | Required Claims
+    |--------------------------------------------------------------------------
+    |
+    | Specify the required claims that must exist in any token.
+    | A TokenInvalidException will be thrown if any of these claims are not
+    | present in the payload.
+    |
+    */
+
+    'required_claims' => ['iss', 'iat', 'exp', 'nbf', 'sub', 'jti'],
+
+    /*
+    |--------------------------------------------------------------------------
+    | Blacklist Enabled
+    |--------------------------------------------------------------------------
+    |
+    | In order to invalidate tokens, you must have the the blacklist enabled.
+    | If you do not want or need this functionality, then set this to false.
+    |
+    */
+
+    'blacklist_enabled' => env('JWT_BLACKLIST_ENABLED', true),
+
+    /*
+    |--------------------------------------------------------------------------
+    | Providers
+    |--------------------------------------------------------------------------
+    |
+    | Specify the various providers used throughout the package.
+    |
+    */
+
+    'providers' => [
+
+        /*
+        |--------------------------------------------------------------------------
+        | User Provider
+        |--------------------------------------------------------------------------
+        |
+        | Specify the provider that is used to find the user based
+        | on the subject claim
+        |
+        */
+
+        'user' => 'Tymon\JWTAuth\Providers\User\EloquentUserAdapter',
+
+        /*
+        |--------------------------------------------------------------------------
+        | JWT Provider
+        |--------------------------------------------------------------------------
+        |
+        | Specify the provider that is used to create and decode the tokens.
+        |
+        */
+
+        'jwt' => 'Tymon\JWTAuth\Providers\JWT\NamshiAdapter',
+
+        /*
+        |--------------------------------------------------------------------------
+        | Authentication Provider
+        |--------------------------------------------------------------------------
+        |
+        | Specify the provider that is used to authenticate users.
+        |
+        */
+
+        'auth' => 'Tymon\JWTAuth\Providers\Auth\IlluminateAuthAdapter',
+
+        /*
+        |--------------------------------------------------------------------------
+        | Storage Provider
+        |--------------------------------------------------------------------------
+        |
+        | Specify the provider that is used to store tokens in the blacklist
+        |
+        */
+
+        'storage' => 'Tymon\JWTAuth\Providers\Storage\IlluminateCacheAdapter',
+
+    ],
+
+];

@@ -15,6 +15,8 @@
     RewriteCond %{REQUEST_FILENAME} !-f
     RewriteCond %{REQUEST_FILENAME} !-f
     RewriteRule ^ index.php [L]
     RewriteRule ^ index.php [L]
 
 
+    RewriteCond %{HTTP:Authorization} ^(.*)
+    RewriteRule .* - [e=HTTP_AUTHORIZATION:%1]
     # Handle Authorization Header
     # Handle Authorization Header
 
 
 </IfModule>
 </IfModule>