Add register endpoint to DbAuthMiddleware, fixes #732

mevdschee · mevdschee · commit 23d5b66d8703 · 2020-11-28T12:20:25.000+01:00
diff --git a/api.php b/api.php
@@ -7558,7 +7558,7 @@ public function process(ServerRequestInterface $request, RequestHandlerInterface
             }
             $path = RequestUtils::getPathSegment($request, 1);
             $method = $request->getMethod();
-            if ($method == 'POST' && $path == 'login') {
+            if ($method == 'POST' && in_array($path, ['login', 'register'])) {
                 $body = $request->getParsedBody();
                 $username = isset($body->username) ? $body->username : '';
                 $password = isset($body->password) ? $body->password : '';
@@ -7568,6 +7568,14 @@ public function process(ServerRequestInterface $request, RequestHandlerInterface
                 $usernameColumn = $table->getColumn($usernameColumnName);
                 $passwordColumnName = $this->getProperty('passwordColumn', 'password');
                 $passwordColumn = $table->getColumn($passwordColumnName);
+                $registerUser = $this->getProperty('registerUser', '');
+                if ($path == 'register' && $registerUser) {
+                    $data = json_decode($registerUser, true);
+                    $data = is_array($data) ? $data : [];
+                    $data[$usernameColumnName] = $username;
+                    $data[$passwordColumnName] = password_hash($password, PASSWORD_DEFAULT);
+                    $this->db->createSingle($table, $data);
+                }
                 $condition = new ColumnCondition($usernameColumn, 'eq', $username);
                 $returnedColumns = $this->getProperty('returnedColumns', '');
                 if (!$returnedColumns) {
diff --git a/src/Tqdev/PhpCrudApi/Middleware/DbAuthMiddleware.php b/src/Tqdev/PhpCrudApi/Middleware/DbAuthMiddleware.php
@@ -42,7 +42,7 @@ public function process(ServerRequestInterface $request, RequestHandlerInterface
         }
         $path = RequestUtils::getPathSegment($request, 1);
         $method = $request->getMethod();
-        if ($method == 'POST' && $path == 'login') {
+        if ($method == 'POST' && in_array($path, ['login', 'register'])) {
             $body = $request->getParsedBody();
             $username = isset($body->username) ? $body->username : '';
             $password = isset($body->password) ? $body->password : '';
@@ -52,6 +52,14 @@ public function process(ServerRequestInterface $request, RequestHandlerInterface
             $usernameColumn = $table->getColumn($usernameColumnName);
             $passwordColumnName = $this->getProperty('passwordColumn', 'password');
             $passwordColumn = $table->getColumn($passwordColumnName);
+            $registerUser = $this->getProperty('registerUser', '');
+            if ($path == 'register' && $registerUser) {
+                $data = json_decode($registerUser, true);
+                $data = is_array($data) ? $data : [];
+                $data[$usernameColumnName] = $username;
+                $data[$passwordColumnName] = password_hash($password, PASSWORD_DEFAULT);
+                $this->db->createSingle($table, $data);
+            }
             $condition = new ColumnCondition($usernameColumn, 'eq', $username);
             $returnedColumns = $this->getProperty('returnedColumns', '');
             if (!$returnedColumns) {
diff --git a/tests/config/base.php b/tests/config/base.php
@@ -7,6 +7,7 @@
     'middlewares' => 'sslRedirect,xml,cors,reconnect,dbAuth,jwtAuth,basicAuth,authorization,sanitation,validation,ipAddress,multiTenancy,pageLimits,joinLimits,customization',
     'dbAuth.mode' => 'optional',
     'dbAuth.returnedColumns' => 'id,username,password',
+    'dbAuth.registerUser' => '1',
     'jwtAuth.mode' => 'optional',
     'jwtAuth.time' => '1538207605',
     'jwtAuth.secrets' => 'axpIrCGNGqxzx2R9dtXLIPUSqPo778uhb8CA0F4Hx',
diff --git a/tests/functional/002_auth/003_db_auth.log b/tests/functional/002_auth/003_db_auth.log
@@ -76,3 +76,38 @@ Content-Type: application/json; charset=utf-8
 Content-Length: 49
 
 {"code":1011,"message":"Authentication required"}
+===
+POST /register
+Content-Type: application/json; charset=utf-8
+
+{"username":"user3","password":"pass3"}
+===
+200
+Content-Type: application/json; charset=utf-8
+Content-Length: 27
+
+{"id":3,"username":"user3"}
+===
+GET /me
+===
+200
+Content-Type: application/json; charset=utf-8
+Content-Length: 27
+
+{"id":3,"username":"user3"}
+===
+POST /logout
+===
+200
+Content-Type: application/json; charset=utf-8
+Content-Length: 27
+
+{"id":3,"username":"user3"}
+===
+DELETE /records/users/3
+===
+200
+Content-Type: application/json; charset=utf-8
+Content-Length: 1
+
+1
