Browse code

reuse JWT token

Bernd Wurst authored on 05/08/2023 11:33:04
Showing 2 changed files
... ...
@@ -39,7 +39,7 @@ if (isset($_SESSION['kundennr']) and $_SESSION['kundennr']) {
39 39
     $content .= '
40 40
         <form class="form" action="save.php" method="post">
41 41
         <input type="hidden" name="form" value="address">';
42
-    $content .= '<input name="fname" type="hidden" value="'.$_SESSION['fname'].'">
42
+    $content .= '<input name="fname" type="hidden" value="'.(isset($_SESSION['fname']) ? $_SESSION['fname'] : '').'">
43 43
            <input name="lname" type="hidden" value="'.$_SESSION['lname'].'">
44 44
           <div class="form-group form-group-lg">
45 45
             <div><input class="btn btn-primary btn-lg" type="submit" value="Weiter &gt;"></div>
... ...
@@ -1,36 +1,52 @@
1 1
 <?php
2 2
 
3 3
 require_once("config.php");
4
-
5
-$jwt_token = null;
6
-$jwt_refresh_token = null;
7
-
8
-# init API
9 4
 $base_url = $config['api_url'];
10
-$url = $base_url . 'login';
11
-$data = [
12
-    "username" => $config['api_username'],
13
-    "password" => $config['api_password']
5
+
6
+$TOKEN_FILE = '../jwt-token.json';
7
+$jwt = [
8
+    "token" => null,
9
+    "refresh_token" => null,
10
+    "exp" => time()
14 11
 ];
15
-$options = array(
16
-  'http' => array(
17
-    'method'  => 'POST',
18
-    'content' => json_encode( $data ),
19
-    'header'=>  "Content-Type: application/json\r\n" .
20
-                "Accept: application/json\r\n"
21
-    )
22
-);
23 12
 
24
-$context  = stream_context_create( $options );
25
-$result = file_get_contents( $url, false, $context );
26
-$response = json_decode( $result, true);
13
+if (file_exists($TOKEN_FILE)) {
14
+    $jwt = json_decode(file_get_contents($TOKEN_FILE), true);
15
+}
16
+
17
+if (!$jwt['token'] || $jwt['exp'] < time()+5) {
18
+    // get new token
19
+    # init API
20
+    $url = $base_url . 'login';
21
+    $data = [
22
+        "username" => $config['api_username'],
23
+        "password" => $config['api_password']
24
+    ];
25
+    $options = array(
26
+      'http' => array(
27
+        'method'  => 'POST',
28
+        'content' => json_encode( $data ),
29
+        'header'=>  "Content-Type: application/json\r\n" .
30
+                    "Accept: application/json\r\n"
31
+        )
32
+    );
33
+
34
+    $context  = stream_context_create( $options );
35
+    $result = file_get_contents( $url, false, $context );
36
+    $response = json_decode( $result, true);
37
+
38
+    $jwt['token'] = $response["token"];
39
+    $jwt['refresh_token'] = $response["refresh_token"];
40
+    $fields = explode('.', $jwt['token']);
41
+    $data = json_decode(base64_decode($fields[1]), true);
42
+    $jwt['exp'] = $data['exp'];
43
+}
27 44
 
28
-$jwt_token = $response["token"];
29
-$jwt_refresh_token = $response["refresh_token"];
45
+file_put_contents($TOKEN_FILE, json_encode($jwt));
30 46
 
31 47
 
32 48
 function api_call($method, $url, $content = []) {
33
-    global $jwt_token;
49
+    global $jwt;
34 50
     global $base_url;
35 51
     $url = $base_url . $url;
36 52
     $options = array(
... ...
@@ -39,7 +55,7 @@ function api_call($method, $url, $content = []) {
39 55
         'content' => json_encode( $content ),
40 56
         'header'=>  "Content-Type: application/json\r\n" .
41 57
                     "Accept: application/json\r\n" .
42
-                    "Authorization: Bearer ".$jwt_token."\r\n"
58
+                    "Authorization: Bearer ".$jwt['token']."\r\n"
43 59
         )
44 60
     );
45 61