skrd/unified-restaurant-original
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Planificacion y avances de backend

Browse Source
This commit is contained in:
Daniel Cortés
2021-04-29 01:59:08 -04:00
parent 6e4076cf15
commit b6ea4a7ce2
21 changed files with 486 additions and 156 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
backend/app/Http/Controllers/Controller.php
View File

@@ -2,9 +2,12 @@
namespace App\Http\Controllers;
use Illuminate\Http\Request;
use Laravel\Lumen\Routing\Controller as BaseController;
class Controller extends BaseController
{
//
protected function buildFailedValidationResponse(Request $request, array $errors) {
return ["error" => "validation_error", "message" => $errors];
}
}

18
backend/app/Http/Controllers/ExampleController.php
View File

@@ -1,18 +0,0 @@
<?php
namespace App\Http\Controllers;
class ExampleController extends Controller
{
/**
* Create a new controller instance.
*
* @return void
*/
public function __construct()
{
//
}
//
}

110
backend/app/Http/Controllers/UsuariosController.php Normal file
View File

@@ -0,0 +1,110 @@
<?php
namespace App\Http\Controllers;
use App\Models\Usuario;
use App\Services\Auth0Service;
use Illuminate\Http\JsonResponse;
use Illuminate\Http\Request;
use Illuminate\Validation\Rule;
use Illuminate\Validation\ValidationException;
use Ramsey\Uuid\Uuid;
class UsuariosController extends Controller {
/**
* @return JsonResponse
*/
public function all() {
$usuarios = Usuario::all();
return response()->json(['usuarios' => $usuarios]);
}
/**
* @param $id
* @return JsonResponse
*/
public function get($id) {
if (!Uuid::isValid($id)) {
return response()->json([
'error' => 'invalid_id',
'message' => 'El id debe ser un UUID valido'
]);
}
$usuario = Usuario::find($id);
if (!$usuario) {
return response()->json([
'error' => 'not_found',
'message' => 'El usuario con id ' . $id . ' no existe'
], 404);
}
return response()->json(['usuario' => $usuario]);
}
/**
* @throws ValidationException
*/
public function create(Request $request) {
$this->validate($request, [
'nombre' => 'required',
'email' => 'required|email',
'username' => 'required',
'password' => 'required',
'type' => 'required|array',
'type.*' => ['required', Rule::in(['admin', 'mesero', 'recaudador', 'productor'])],
'restaurant' => 'required|exists:restaurantes,id',
]);
$restaurant = $request->input('restaurant');
// solo un global admin puede crear usuarios en cualquier restaurant
if (!in_array('global_admin', $request->user->roles)) {
// si el usuario no es administrador no puede crear usuarios
if (!in_array('admin', $request->user->roles)) {
return response()->json([
'error' => 'not_allowed',
'message' => 'El usuario no puede tiene permisos para crear usuarios'
]);
}
// los administradores solo pueden crear restaurantes en su propio restaurant
if (!$request->user->restaurantes->contains($restaurant)) {
return response()->json([
'error' => 'not_allowed',
'message' => 'El usuario no puede crear un usuario en un restaurant al que no pertenece'
]);
}
}
$auth0 = app(Auth0Service::class);
$auth0User = $auth0->createUser(
email: $request->input('email'),
username: $request->input('username'),
password: $request->input('password'),
metadata: [
'roles' => $request->input('type'),
'restaurantes' => [$restaurant],
]
);
if (array_key_exists('error', $auth0User)) {
return response()->json([
'error' => $auth0User['errorCode'],
'message' => $auth0User['message'],
], $auth0User['statusCode']);
}
$usuario = new Usuario();
$usuario->id = Uuid::uuid4();
$usuario->auth0_id = $auth0User['identities'][0]['provider'] . '|' . $auth0User['identities'][0]['user_id'];
$usuario->nombre = $request->input('nombre');
$usuario->save();
$usuario->restaurantes()->attach($restaurant);
return response()->json($usuario);
}
}

19
backend/app/Http/Middleware/Auth0Middleware.php
View File

@@ -3,26 +3,37 @@
namespace App\Http\Middleware;
use Closure;
use App\Models\Usuario;
use Auth0\SDK\Exception\InvalidTokenException;
use Auth0\SDK\Helpers\JWKFetcher;
use Auth0\SDK\Helpers\Tokens\AsymmetricVerifier;
use Auth0\SDK\Helpers\Tokens\TokenVerifier;
use Illuminate\Support\Facades\Log;
class Auth0Middleware {
/**
* @throws InvalidTokenException
*/
public function handle($request, Closure $next) {
$token = $request->bearerToken();
if (!$token) {
return response()->json('No token provided', 401);
return response()->json(['error' => 'no_token', 'message' => 'No se envío el token'], 401);
}
$this->validateToken($token);
$validated = $this->validateToken($token);
$user = Usuario::where('auth0_id', $validated['sub'])->first();
$request = $request->merge(['user' => $user]);
return $next($request);
}
/**
* @throws InvalidTokenException
*/
public function validateToken($token) {
try {
$jwksUri = env('AUTH0_DOMAIN') . '.well-known/jwks.json';
@@ -30,9 +41,9 @@ class Auth0Middleware {
$signatureVerifier = new AsymmetricVerifier($jwksFetcher);
$tokenVerifier = new TokenVerifier(env('AUTH0_DOMAIN'), env('AUTH0_AUD'), $signatureVerifier);
$decoded = $tokenVerifier->verify($token);
return $tokenVerifier->verify($token);
} catch (InvalidTokenException $e) {
throw $e;
};
}
}
}

3
backend/app/Models/Restaurante.php
View File

@@ -6,6 +6,9 @@ use App\Traits\UuidPrimaryKey;
use Illuminate\Database\Eloquent\Model;
use Illuminate\Database\Eloquent\SoftDeletes;
/**
* @method static find(mixed $restaurant)
*/
class Restaurante extends Model {
use UuidPrimaryKey, SoftDeletes;

37
backend/app/Models/Usuario.php
View File

@@ -2,16 +2,53 @@
namespace App\Models;
use App\Services\Auth0Service;
use App\Traits\UuidPrimaryKey;
use Illuminate\Database\Eloquent\Model;
use Illuminate\Database\Eloquent\SoftDeletes;
/**
* Class Usuario
*
* @property $id
* @property $auth0_id
* @property $nombre
*
* @method static find($id)
* @method static where(string $string, $sub)
*
* @package App\Models
*
*/
class Usuario extends Model {
use UuidPrimaryKey, SoftDeletes;
protected $table = 'usuarios';
protected $appends = ['roles'];
public function restaurantes() {
return $this->belongsToMany(Restaurante::class, 'usuarios_restaurantes', 'usuario_id', 'restaurante_id');
}
public function administrador() {
return $this->hasOne(Administrador::class);
}
public function recaudador() {
return $this->hasOne(Recaudador::class);
}
public function mesero() {
return $this->hasOne(Mesero::class);
}
public function productor() {
return $this->hasOne(Productor::class);
}
public function getRolesAttribute() {
$auth0Service = app(Auth0Service::class);
$auth0User = $auth0Service->getUser($this->auth0_id);
return $this->attributes['roles'] = array_key_exists('app_metadata', $auth0User) ? $auth0User['app_metadata']['roles'] : [];
}
}

5
backend/app/Providers/AppServiceProvider.php
View File

@@ -2,6 +2,7 @@
namespace App\Providers;
use App\Services\Auth0Service;
use Illuminate\Support\ServiceProvider;
class AppServiceProvider extends ServiceProvider
@@ -13,6 +14,8 @@ class AppServiceProvider extends ServiceProvider
*/
public function register()
{
//
$this->app->singleton(Auth0Service::class, function($app) {
return new Auth0Service($app);
});
}
}

73
backend/app/Services/Auth0Service.php Normal file
View File

@@ -0,0 +1,73 @@
<?php
namespace App\Services;
use Illuminate\Support\Facades\Http;
use Illuminate\Support\Facades\Redis;
use Illuminate\Support\ServiceProvider;
class Auth0Service extends ServiceProvider {
public function getToken() {
$token = Redis::get('auth0_token');
if (empty($token)) {
$auth0Token = $this->queryAuth0ForToken();
if ($auth0Token == null)
return null;
Redis::set(
'auth0_token', $auth0Token['access_token'],
'EX', $auth0Token['expires_in']
);
$token = $auth0Token['access_token'];
}
return $token;
}
private function queryAuth0ForToken() {
$endpoint = env('AUTH0_DOMAIN') . 'oauth/token';
$payload = [
"client_id" => env('AUTH0_CLIENT_ID'),
"client_secret" => env('AUTH0_CLIENT_SECRET'),
"audience" => env('AUTH0_API_AUD'),
"grant_type" => "client_credentials"
];
$response = Http::post($endpoint, $payload);
$json = $response->json();
if (array_key_exists('error', $json)) {
return null;
} else {
return $json;
}
}
public function getUser($id) {
$endpoint = env('AUTH0_DOMAIN') . 'api/v2/users/' . $id;
return Http::withToken($this->getToken())
->get($endpoint)
->json();
}
public function createUser(
$email,
$username,
$password,
$metadata,
) {
$endpoint = env('AUTH0_DOMAIN') . 'api/v2/users';
$payload = [
"email" => $email,
"username" => $username,
"password" => $password,
"app_metadata" => $metadata,
"connection" => env('AUTH0_CONNECTION'),
"verify_email" => env('AUTH0_VERIFY_MAIL'),
];
return Http::withToken($this->getToken())
->post($endpoint, $payload)
->json();
}
}