· 7 years ago · Aug 07, 2018, 07:00 AM
1<?php
2defined('BASEPATH') OR exit('No direct script access allowed');
3require 'vendor/autoload.php';
4require_once APPPATH . '/libraries/REST_Controller.php';
5
6//uncomment di bawah ini atau gunakan autoload yang di config->config->composer_autoload default ada di composer_autoload
7//require_once FCPATH . 'vendor/autoload.php';
8
9use Restserver\Libraries\REST_Controller;
10
11class Restdata extends REST_Controller{
12
13 private $secretkey = 'ini rahasia untuk encode dan decode';
14
15 public function __construct(){
16 parent::__construct();
17
18 $this->load->library('form_validation');
19 }
20
21
22 //method untuk not found 404
23 public function notfound($pesan){
24
25 $this->response([
26 'status'=>FALSE,
27 'message'=>$pesan
28 ],REST_Controller::HTTP_NOT_FOUND);
29
30 }
31
32 //method untuk bad request 400
33 public function badreq($pesan){
34 $this->response([
35 'status'=>FALSE,
36 'message'=>$pesan
37 ],REST_Controller::HTTP_BAD_REQUEST);
38 }
39
40 //method untuk melihat token pada user
41 public function getToken_post(){
42
43
44 $this->load->model('model_login');
45
46 $date = new DateTime();
47
48 $username = $this->post('username',TRUE);
49 $pass = $this->post('password',TRUE);
50
51 $dataadmin = $this->model_login->is_valid($username);
52
53 if ($dataadmin) {
54
55 if (password_verify($pass,$dataadmin->password)) {
56
57 $resource = openssl_pkey_new([
58 'digest_alg' => 'sha512',
59 'private_key_bits' => 4096,
60 'private_key_type' => OPENSSL_KEYTYPE_RSA,
61 ]);
62
63 $privateKey = "rahasia";
64
65 openssl_pkey_export($resource, $privateKey);
66
67 $publicKey = openssl_pkey_get_details($resource)['key'];
68
69 /**
70 * Membuat token akses user.
71 */
72 $startTime = microtime(true);
73
74 $jwt = new \Lindelius\JWT\JWT('RS512');
75 $jwt->kd_pegawai = $dataadmin->kd_pegawai;
76 $jwt->username = $dataadmin->username;
77 $jwt->iat = $date->getTimestamp(); //waktu di buat
78 $jwt->exp = $date->getTimestamp() + 2629746; //satu bulan
79
80 $jwt->encode($privateKey);
81 $milliseconds = 1000 * (microtime(true) - $startTime);
82 // var_dump($output['id_token']);
83 $this->response([
84 'time' => (int) $milliseconds,
85 'payload' => $jwt->getPayload(),
86 'token' => $jwt->getHash(),
87 'key' => $publicKey,]);
88
89 }else {
90
91 $this->viewtokenfail($username,$pass);
92
93 }
94
95 }else {
96 $this->viewtokenfail($username,$pass);
97 }
98
99 }
100
101 //method untuk jika view token diatas fail
102 public function viewtokenfail($username,$pass){
103 $this->response([
104 'status'=>FALSE,
105 'username'=>$username,
106 'password'=>$pass,
107 'message'=>'USERNAME ATAU PASSWORD SALAH, SILAHKAN LOGIN KEMBALI'
108 ],HTTP_BAD_REQUEST);
109 }
110
111//method untuk mengecek token setiap melakukan post, put, etc
112 public function cektoken(){
113 $this->load->model('model_login');
114
115 $token = $this->input->get_request_header('token');
116 $key = $this->input->get_request_header('key');
117 // var_dump($key);
118
119 try {
120
121 $jwt = Lindelius\JWT\JWT::decode($token);
122 $jwt->verify($key);
123 // var_dump($jwt);
124 // $decode = JWT::decode($jwt,$this->secretkey,array('HS512'));
125 //melakukan pengecekan database, jika nama tersedia di database maka return true
126 if ($this->model_login->is_valid_num($jwt->username)>0) {
127 return true;
128 }
129
130 } catch (Exception $e) {
131 exit('TOKEN SALAH SILAHKAN MASUKKAN TOKEN DENGAN BENAR');
132 }
133
134
135 }
136
137
138
139
140}