PHP Firebase help - Set up JWT
On my server I am running a few PHP files that read my Firebase Realtime Database. According to Firebase\'s documents I need to set up custom token to get my Firebase PHP Client
-
firebase/php-jwt
Source Link with Angular App
<?php // Allow from any origin if (isset($_SERVER['HTTP_ORIGIN'])) { header("Access-Control-Allow-Origin: {$_SERVER['HTTP_ORIGIN']}"); header('Access-Control-Allow-Credentials: true'); header('Access-Control-Max-Age: 86400'); // cache for 1 day } // Access-Control headers are received during OPTIONS requests if ($_SERVER['REQUEST_METHOD'] == 'OPTIONS') { if (isset($_SERVER['HTTP_ACCESS_CONTROL_REQUEST_METHOD'])) header("Access-Control-Allow-Methods: GET, POST, OPTIONS"); if (isset($_SERVER['HTTP_ACCESS_CONTROL_REQUEST_HEADERS'])) header("Access-Control-Allow-Headers: {$_SERVER['HTTP_ACCESS_CONTROL_REQUEST_HEADERS']}"); exit(0); } require_once('vendor/autoload.php'); use \Firebase\JWT\JWT; define('SECRET_KEY','Super-Secret-Key'); // secret key can be a random string and keep in secret from anyone define('ALGORITHM','HS256'); // Algorithm used to sign the token $postdata = file_get_contents("php://input"); $request = json_decode($postdata); $action = $request->action; // Login section if ($action == 'login') { $email = $request->email; $password = $request->password; //A dummy credential match.. you should have some SQl queries to match from databases if($email == "freaky@jolly.com" && $password == "12345678") { $iat = time(); // time of token issued at $nbf = $iat + 10; //not before in seconds $exp = $iat + 60; // expire time of token in seconds $token = array( "iss" => "http://example.org", "aud" => "http://example.com", "iat" => $iat, "nbf" => $nbf, "exp" => $exp, "data" => array( "id" => 11, "email" => $email ) ); http_response_code(200); $jwt = JWT::encode($token, SECRET_KEY); $data_insert=array( 'access_token' => $jwt, 'id' => '007', 'name' => 'Jolly', 'time' => time(), 'username' => 'FreakyJolly', 'email' => 'contact@freakyjolly.com', 'status' => "success", 'message' => "Successfully Logged In" ); }else{ $data_insert=array( "data" => "0", "status" => "invalid", "message" => "Invalid Request" ); } } // Get Dashboard stuff else if($action == 'stuff'){ $authHeader = $_SERVER['HTTP_AUTHORIZATION']; $temp_header = explode(" ", $authHeader); $jwt = $temp_header[1]; try { JWT::$leeway = 10; $decoded = JWT::decode($jwt, SECRET_KEY, array(ALGORITHM)); // Access is granted. Add code of the operation here $data_from_server = '{"Coords":[{"Accuracy":"65","Latitude":"53.277720488429026","Longitude":"-9.012038778269686","Timestamp":"Fri Jul 05 2013 11:59:34 GMT+0100 (IST)"},{"Accuracy":"65","Latitude":"53.277720488429026","Longitude":"-9.012038778269686","Timestamp":"Fri Jul 05 2013 11:59:34 GMT+0100 (IST)"},{"Accuracy":"65","Latitude":"53.27770755361785","Longitude":"-9.011979642121824","Timestamp":"Fri Jul 05 2013 12:02:09 GMT+0100 (IST)"},{"Accuracy":"65","Latitude":"53.27769091555766","Longitude":"-9.012051410095722","Timestamp":"Fri Jul 05 2013 12:02:17 GMT+0100 (IST)"},{"Accuracy":"65","Latitude":"53.27769091555766","Longitude":"-9.012051410095722","Timestamp":"Fri Jul 05 2013 12:02:17 GMT+0100 (IST)"}]}'; $data_insert=array( "data" => json_decode($data_from_server), "status" => "success", "message" => "Request authorized" ); }catch (Exception $e){ http_response_code(401); $data_insert=array( //"data" => $data_from_server, "jwt" => $jwt, "status" => "error", "message" => $e->getMessage() ); } } echo json_encode($data_insert); ?>讨论(0) -
firebase/php-jwt library uses Composer. Composer is a dependency manager for PHP similar to Maven in Java if you come from Android development background. You would need to know how to import classes in PHP using require/include functions of PHP. You would need some experience with php to use composer.
In order to use firebase/php-jwt library without composer you could use the following sample code: (I downloaded the library inside
jwtfolder)require_once 'jwt/src/BeforeValidException.php'; require_once 'jwt/src/ExpiredException.php'; require_once 'jwt/src/SignatureInvalidException.php'; require_once 'jwt/src/JWT.php'; use \Firebase\JWT\JWT; $key = "example_key"; $token = array( "iss" => "http://example.org", "aud" => "http://example.com", "iat" => 1356999524, "nbf" => 1357000000 ); /** * IMPORTANT: * You must specify supported algorithms for your application. See * https://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-40 * for a list of spec-compliant algorithms. */ $jwt = JWT::encode($token, $key); $decoded = JWT::decode($jwt, $key, array('HS256')); print_r($decoded); /* NOTE: This will now be an object instead of an associative array. To get an associative array, you will need to cast it as such: */ $decoded_array = (array) $decoded; /** * You can add a leeway to account for when there is a clock skew times between * the signing and verifying servers. It is recommended that this leeway should * not be bigger than a few minutes. * * Source: http://self-issued.info/docs/draft-ietf-oauth-json-web-token.html#nbfDef */ JWT::$leeway = 60; // $leeway in seconds $decoded = JWT::decode($jwt, $key, array('HS256'));讨论(0)
加载中...
- 热议问题