API tools faq
paste
Advertisement
Guest User

jwt

a guest
Aug 2nd, 2017
68
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Perl 1.88 KB | None | 0 0
raw download clone embed print report
  1. #!/usr/bin/env perl
  2.  
  3. use Mojolicious::Lite;
  4. use Mojo::JWT;
  5.  
  6. use 5.20.0;
  7. use strict;
  8. use warnings;
  9. use experimental 'signatures';
  10.  
  11. my $name = 'encodes and decodes JWTs';
  12. my $payload = {id => 1, api_key => '1a2b3c4d5e6f7a8b9c'};
  13.  
  14. # helpers
  15. helper 'jwt_encode' => sub ( $c, $payload = {} ) {
  16.   return Mojo::JWT->new(claims => $payload, secret => 's3cr3t')->encode;
  17. };
  18.  
  19. helper 'jwt_decode' => sub ($c, $jwt) {
  20.   return Mojo::JWT->new(secret => 's3cr3t')->decode($jwt);
  21. };
  22.  
  23. helper 'authenticated' => sub ($c) {
  24.   my $jwt = $c->param('jwt');
  25.   $jwt = $c->jwt_decode($jwt);
  26.   return $jwt->{api_key} eq $payload->{api_key} ? 1 : 0;
  27. };
  28.  
  29. # POST /v1/login
  30. # Testing: curl -XPOST http://localhost:3000/v1/login -d 'email=test@test.com&password=test'
  31. post '/v1/login' => sub ($c) {
  32.   my $email = $c->param('email');
  33.   my $password = $c->param('password');
  34.  
  35.   # error
  36.   unless($email eq 'test@test.com' && $password eq 'test') {
  37.     return $c->render(
  38.       json => {error => 'invalid_username_or_password'},
  39.       status => 400
  40.     )
  41.   }
  42.  
  43.   return $c->render(
  44.     json => {api_token => $c->jwt_encode($payload)},
  45.     status => 200
  46.   )
  47. };
  48.  
  49. under sub($c) {
  50.     my $jwt = $c->param('api_token') || '';
  51.     $jwt = eval { $c->jwt_decode($jwt) };
  52.     return 1 if $jwt && $jwt->{api_key} eq $payload->{api_key};
  53.  
  54.     # Not authenticated
  55.     $c->render(
  56.         json => { error => 'unauthenticated' },
  57.         status => 401
  58.     );
  59.  
  60.     return undef;
  61. };
  62.  
  63. # GET /v1/dashboard
  64. # Testing: curl -XGET http://localhost:3000/v1/dashboard -d 'api_token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhcGlfa2V5IjoiMWEyYjNjNGQ1ZTZmN2E4YjljIiwiaWQiOjF9.LWjXWE0yptTp7xGwxS0YMAMUWfRXzSlpslDIaskaFBE'
  65. get '/v1/dashboard' => sub ($c) {
  66.   my $jwt = $c->param('api_token');
  67.   return $c->render(
  68.     json => { current_user => $c->jwt_decode($c->param('api_token')) },
  69.     status => 200
  70.   )
  71. };
  72.  
  73. app->start
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!