Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- namespace app\controllers;
- use Yii;
- use yii\rest\Controller;
- use sizeg\jwt\Jwt;
- use sizeg\jwt\JwtHttpBearerAuth;
- class AttendanceController extends \yii\web\Controller
- {
- public function actionIndex()
- {
- return $this->render('index');
- }
- public function actionLogin(){
- $request = Yii::$app->request;
- $username = $request->post('username');
- $password = $request->post('password');
- $header = [
- "alg" => "HS256",
- "typ" => "JWT"
- ];
- // JWT Payload data
- $cmd = Yii::$app->db->createCommand('SELECT * FROM attendence WHERE username = :username');
- $result = $cmd->bindParam(':username', $username)
- ->queryOne();
- if($result) {
- if(Yii::$app->getSecurity()->validatePassword($password, $result['password'])){
- $cmd1 = Yii::$app->db->createCommand('SELECT id FROM attendence WHERE id = :id');
- $data = $cmd1->bindParam(':id', $result['id'])
- ->queryOne();
- $jwt = $this->generateJWT('sha256', $header, $data, 'shh_stfu');
- $res = [
- 'status' => true,
- 'message' => 'Login Success..',
- 'token' => $jwt,
- ];
- }
- else
- {
- $res = [
- 'status' => false,
- 'message' => 'Wrong username or password.',
- ];
- }
- }
- else
- {
- $res = [
- 'status' => false,
- 'message' => 'Wrong username or password.',
- ];
- }
- $response = Yii::$app->response;
- $response->format = \yii\web\Response::FORMAT_JSON;
- $response->data = ['data' => $res ];
- }
- public function actionFacultyDetails() {
- //$request = Yii::$app->request;
- $headers = Yii::$app->request->headers;
- $token = $headers->get('token');
- if($token){
- $verify = $this->verifyJWT('sha256', $token, 'shh_stfu');
- if($verify){
- $data = $this->decodeJWT($token);
- //var_dump(json_decode($data,true)) ;
- //print $data->{'id'};
- $cmd1 = Yii::$app->db->createCommand('SELECT id,name,exp,start_date FROM attendence WHERE id = :id');
- $data1 = $cmd1->bindParam(':id', $data->{'id'})
- ->queryOne();
- $res = [
- 'success' => true,
- 'data' => $data1,
- ];
- }
- else {
- $res = [
- 'success' => false,
- ];
- }
- }
- else {
- $res = [
- 'sucess' => false,
- 'message' => 'no headers provided',
- ];
- }
- $response = Yii::$app->response;
- $response->format = \yii\web\Response::FORMAT_JSON;
- $response->data = ['res' => $res ];
- }
- public function actionTimeTable {
- $request = Yii::$app->request;
- $emp_id = $request->post('emp_id');
- $month = $request->post('month');
- $year = $request->post('year');
- $cmd1 = Yii::$app->db->createCommand('SELECT * FROM acerp-class-timetable-creation WHERE emp_id = :emp_id AND month = :month AND year = :year');
- $data = $cmd1->bindParam(':emp_id', $emp_id)
- ->bindParam(':month', $month)
- ->bindParam(':year', $year)
- ->queryAll();
- $response = Yii::$app->response;
- $response->format = \yii\web\Response::FORMAT_JSON;
- $response->data = ['res' => $data ];
- }
- public function action
- private function base64UrlEncode(string $data): string
- {
- $urlSafeData = strtr(base64_encode($data), '+/', '-_');
- return rtrim($urlSafeData, '=');
- }
- private function base64UrlDecode(string $data): string
- {
- $urlUnsafeData = strtr($data, '-_', '+/');
- $paddedData = str_pad($urlUnsafeData, strlen($data) % 4, '=', STR_PAD_RIGHT);
- return base64_decode($paddedData);
- }
- private function generateJWT(
- string $algo,
- array $header,
- array $payload,
- string $secret
- ): string {
- $headerEncoded = $this->base64UrlEncode(json_encode($header));
- $payloadEncoded = $this->base64UrlEncode(json_encode($payload));
- // Delimit with period (.)
- $dataEncoded = "$headerEncoded.$payloadEncoded";
- $rawSignature = hash_hmac($algo, $dataEncoded, $secret, true);
- $signatureEncoded = $this->base64UrlEncode($rawSignature);
- // Delimit with second period (.)
- $jwt = "$dataEncoded.$signatureEncoded";
- return $jwt;
- }
- private function decodeJWT(string $token) {
- $decode = explode('.', $token);
- $data = $this->base64UrlDecode($decode[1]);
- $decode = json_decode($data);
- return $decode;
- }
- private function verifyJWT(string $algo, string $jwt, string $secret): bool
- {
- list($headerEncoded, $payloadEncoded, $signatureEncoded) = explode('.', $jwt);
- $dataEncoded = "$headerEncoded.$payloadEncoded";
- $signature = $this->base64UrlDecode($signatureEncoded);
- $rawSignature = hash_hmac($algo, $dataEncoded, $secret, true);
- return hash_equals($rawSignature, $signature);
- }
- }
Add Comment
Please, Sign In to add comment