StarMC/Astral-nook
StarMC/Astral-nook
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Change login handling to automatically redirect a user if their session will need renewal.

Browse source
This commit is contained in:
Dane Everitt 2018-06-16 14:05:39 -07:00
parent 24bb8da43d
commit e7faf979a1
No known key found for this signature in database
GPG key ID: EEA66103B3D71F53
8 changed files with 126 additions and 23 deletions
Download patch file Download diff file Expand all files Collapse all files

10
app/Http/Middleware/Api/AuthenticateKey.php
View file

@ -98,13 +98,17 @@ class AuthenticateKey
}
// Run through the token validation and throw an exception if the token is not valid.
//
// The issued_at time is used for verification in order to allow rapid changing of session
// length on the Panel without having to wait on existing tokens to first expire.
$now = Chronos::now('utc');
if (
$token->getClaim('nbf') > Chronos::now()->getTimestamp()
Chronos::createFromTimestampUTC($token->getClaim('nbf'))->gt($now)
|| $token->getClaim('iss') !== 'Pterodactyl Panel'
|| $token->getClaim('aud') !== config('app.url')
|| $token->getClaim('exp') <= Chronos::now()->getTimestamp()
|| Chronos::createFromTimestampUTC($token->getClaim('iat'))->addMinutes(config('jwt.lifetime'))->lte($now)
) {
throw new AccessDeniedHttpException;
throw new AccessDeniedHttpException('The authentication parameters provided are not valid for accessing this resource.');
}
return (new ApiKey)->forceFill([