Merge pull request #69 from ramosisw/master

ADmad · web-flow · commit c6db1247adaf · 2018-04-30T22:01:07.000+05:30
Add support to cookies
diff --git a/src/Auth/JwtAuthenticate.php b/src/Auth/JwtAuthenticate.php
@@ -60,6 +60,7 @@ class JwtAuthenticate extends BaseAuthenticate
      *
      * Settings for this object.
      *
+     * - `cookie` - Cookie name to check. Defaults to `false`.
      * - `header` - Header name to check. Defaults to `'authorization'`.
      * - `prefix` - Token prefix. Defaults to `'bearer'`.
      * - `parameter` - The url parameter name of the token. Defaults to `token`.
@@ -89,6 +90,7 @@ class JwtAuthenticate extends BaseAuthenticate
     public function __construct(ComponentRegistry $registry, $config)
     {
         $defaultConfig = [
+            'cookie' => false,
             'header' => 'authorization',
             'prefix' => 'bearer',
             'parameter' => 'token',
@@ -200,6 +202,15 @@ public function getToken($request = null)
             return $this->_token = str_ireplace($config['prefix'] . ' ', '', $header);
         }
 
+        if (!empty($this->_config['cookie'])) {
+            $token = $request->getCookie($this->_config['cookie']);
+            if ($token !== null) {
+                $token = (string)$token;
+            }
+
+            return $this->_token = $token;
+        }
+
         if (!empty($this->_config['parameter'])) {
             $token = $request->getQuery($this->_config['parameter']);
             if ($token !== null) {
diff --git a/tests/TestCase/Auth/JwtAuthenticateTest.php b/tests/TestCase/Auth/JwtAuthenticateTest.php
@@ -321,4 +321,56 @@ public function testCustomKey()
         $result = $auth->getUser($request, $this->response);
         $this->assertEquals($payload, $result);
     }
+
+    /**
+     * test authenticate token as cookie.
+     *
+     * @return void
+     */
+    public function testAuthenticateCookie()
+    {
+        $request = new ServerRequest('posts/index');
+
+        $this->auth = new JwtAuthenticate($this->Registry, [
+            'userModel' => 'Users',
+            'cookie' => 'jwt',
+        ]);
+
+        $result = $this->auth->getUser($request, $this->response);
+        $this->assertFalse($result);
+
+        $expected = [
+            'id' => 1,
+            'group_id' => 1,
+            'user_name' => 'admad',
+            'email' => 'admad@example.com',
+            'created' => new Time('2014-03-17 01:18:23'),
+            'updated' => new Time('2014-03-17 01:20:31'),
+        ];
+
+        $request = new ServerRequest([
+            'url' => 'posts/index',
+            'cookies' => ['jwt' => $this->token]
+        ]);
+
+        $result = $this->auth->getUser($request, $this->response);
+        $this->assertEquals($expected, $result);
+
+        $this->auth->setConfig('cookie', 'tokenname');
+        $request = new ServerRequest([
+            'url' => 'posts/index',
+            'cookies' => ['tokenname' => $this->token]
+        ]);
+
+        $result = $this->auth->getUser($request, $this->response);
+        $this->assertEquals($expected, $result);
+
+        $request = new ServerRequest([
+            'url' => 'posts/index',
+            'cookies' => ['wrongtoken' => $this->token]
+        ]);
+
+        $result = $this->auth->getUser($request, $this->response);
+        $this->assertFalse($result);
+    }
 }
