Merge pull request #4 from BinarCode/dev-sanctum

binaryk · web-flow · commit 0df81a5773ab · 2021-01-05T14:27:14.000+02:00
dev sanctum
diff --git a/README.md b/README.md
@@ -218,6 +218,41 @@ $timing->stopAllUnfinishedEvents();
 $timing->getDuration();
 ```
 
+
+## Sanctum dev auth
+
+Each `api` has authentication, and testing it via HTTP Client (ie postman) we spend a lot of time to login users and copy the token, put in the next request and so on. Well now Laravel Developer provides an easy way to authenticate users in `local` env using `testing` token:
+
+```php
+// app/Http/Kernel.php
+
+'api' => [
+    //...
+    \Binarcode\LaravelDeveloper\Middleware\DevSanctumAuthMiddleware::class,
+]
+```
+
+And send the request with the `Authorization` header value `testing`. 
+
+Note: Make sure the `DevSanctumAuthMiddleware` is placed before the `api` middleware.
+
+### Customize resolved user
+
+By default, the first entry (usually user) from your config model `app.providers.users.model` will be used, however, you can customize that.
+
+In any of yours service providers, or in the same place you inject the `DevSanctumAuthMiddleware` you can provide a callback which resolves the user instance:
+
+```php
+use App\Models\User;
+use Binarcode\LaravelDeveloper\Middleware\DevSanctumAuthMiddleware;
+
+'middleware' => [
+    DevSanctumAuthMiddleware::resolveUserUsing(function() {
+        return User::first();
+    });
+    'api',
+],
+```
 ## Testing
 
 ``` bash
diff --git a/composer.json b/composer.json
@@ -22,6 +22,7 @@
         "laravel/slack-notification-channel": "^2.3"
     },
     "require-dev": {
+        "laravel/sanctum": "^2.8",
         "orchestra/testbench": "^6.0",
         "phpunit/phpunit": "^9.3",
         "symfony/stopwatch": "^4.4|^5.0",
diff --git a/src/Middleware/DevSanctumAuthMiddleware.php b/src/Middleware/DevSanctumAuthMiddleware.php
@@ -0,0 +1,68 @@
+<?php
+
+namespace Binarcode\LaravelDeveloper\Middleware;
+
+use Closure;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\App;
+
+class DevSanctumAuthMiddleware
+{
+    /**
+     * @var Closure
+     */
+    public static $resolveUser;
+
+    /**
+     * Handle an incoming request.
+     *
+     * @param \Illuminate\Http\Request $request
+     * @param \Closure $next
+     * @return mixed
+     */
+    public function handle(Request $request, Closure $next)
+    {
+        if (! App::environment('local')) {
+            return $next($request);
+        }
+
+        if ($request->header('Authorization') !== 'Bearer testing') {
+            return $next($request);
+        }
+
+        if (is_callable(static::$resolveUser)) {
+            $user = call_user_func(static::$resolveUser, $request);
+        } else {
+            /** * @var string $class */
+            $class = config('app.providers.users.model');
+
+            $user = $class::query()->first();
+        }
+
+
+        if (is_null($user)) {
+            return $next($request);
+        }
+
+        if (! in_array(\Laravel\Sanctum\HasApiTokens::class, class_uses_recursive($user))) {
+            return $next($request);
+        }
+
+        $token = $user->createToken('login')->plainTextToken;
+
+        $bag = $request->headers;
+
+        $bag->add([
+            'Authorization' => "Bearer {$token}",
+        ]);
+
+        return $next($request);
+    }
+
+    public static function resolveUserUsing(Closure $resolveUser): string
+    {
+        static::$resolveUser = $resolveUser;
+
+        return static::class;
+    }
+}
diff --git a/tests/Fixtures/User.php b/tests/Fixtures/User.php
@@ -0,0 +1,17 @@
+<?php
+
+namespace Binarcode\LaravelDeveloper\Tests\Fixtures;
+
+use Laravel\Sanctum\PersonalAccessToken;
+
+class User
+{
+    use \Laravel\Sanctum\HasApiTokens;
+
+    public function createToken(string $name, array $abilities = ['*'])
+    {
+        return tap(new PersonalAccessToken(), function (PersonalAccessToken $token) {
+            $token->plainTextToken = 'foo';
+        });
+    }
+}
diff --git a/tests/Middleware/DevSanctumAuthMiddlewareTest.php b/tests/Middleware/DevSanctumAuthMiddlewareTest.php
@@ -0,0 +1,44 @@
+<?php
+
+namespace Binarcode\LaravelDeveloper\Tests\Middleware;
+
+use Binarcode\LaravelDeveloper\Middleware\DevSanctumAuthMiddleware;
+use Binarcode\LaravelDeveloper\Tests\Fixtures\User;
+use Binarcode\LaravelDeveloper\Tests\TestCase;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\App;
+use Symfony\Component\HttpFoundation\HeaderBag;
+
+class DevSanctumAuthMiddlewareTest extends TestCase
+{
+    public function test_can_authenticate_using_testing()
+    {
+        DevSanctumAuthMiddleware::resolveUserUsing(function () {
+            return new User();
+        });
+
+        $middleware = new DevSanctumAuthMiddleware();
+
+        $request = tap(new Request(), function (Request $request) {
+            /** * @var HeaderBag $bag */
+            $bag = $request->headers;
+
+            $bag->add([
+                'Authorization' => "Bearer testing",
+            ]);
+        });
+
+        $next = function ($request) {
+            return $request;
+        };
+
+        App::partialMock()
+            ->expects('environment')
+            ->andReturnTrue();
+
+        $middleware->handle($request, $next);
+
+        $this->assertTrue($request->hasHeader('Authorization'));
+        $this->assertSame($request->header('Authorization'), 'Bearer foo');
+    }
+}
