Get users session
Closed this issue ยท 5 comments
According to #3 i implemented a middleware.
This worked so far. ๐
But now i want to get the logged in Users session to return the Users data.
I tried using $GLOBALS['TSFE']->fe_user->user
but its empty.
But when i change /oauth/identity
to e.g. /guf/oauth/identity
and call the URL i get the users session
How do i get the currently logged in users details?
I need at least the users uid.
Middleware
...
public function process(ServerRequestInterface $request, RequestHandlerInterface $handler): ResponseInterface
{
if ($request->getUri()->getPath() === '/oauth/identity') {
if(!isset($GLOBALS['TSFE']->fe_user->user['uid'])) {
return new JsonResponse(['message' => 'User is not available', 'status' => 404], 404);
}
$userService = new UserService();
$user = $userService->getUser($GLOBALS['TSFE']->fe_user->user);
return new JsonResponse($user);
}
// Keep processing next middleware
return $handler->handle($request);
}
...
RequestMiddlewares.php
return [
'frontend' => [
'gugelfuss/oauth/identity' => [
'target' => \Zeroseven\GugelfussOauth\Middleware\GufOAuth2Identity::class,
'after' => [
'fgtclb/typo3-oauth-server/identity',
],
'before' => [
'fgtclb/typo3-oauth-server/token',
],
],
],
];
You could use the Context API to retrieve the user UID and then do a DB query to retrieve just the data you actually need.
@mbrodala used the Context API as suggested, but it always returns null
. ๐ค
<?php
declare(strict_types = 1);
namespace Zeroseven\GugelfussOauth\Middleware;
use Psr\Http\Message\ResponseInterface;
use Psr\Http\Message\ServerRequestInterface;
use Psr\Http\Server\MiddlewareInterface;
use Psr\Http\Server\RequestHandlerInterface;
use TYPO3\CMS\Core\Context\Context;
use TYPO3\CMS\Core\Http\JsonResponse;
use TYPO3\CMS\Core\Utility\GeneralUtility;
use Zeroseven\GugelfussOauth\Service\UserService;
final class GufOAuth2Identity implements MiddlewareInterface
{
public function process(ServerRequestInterface $request, RequestHandlerInterface $handler): ResponseInterface
{
// Return identity '/guf/identity'
if ($request->getUri()->getPath() === '/oauth/identity') {
$context = GeneralUtility::makeInstance(Context::class);
$userId = $context->getPropertyFromAspect('frontend.user', 'id');
if(!isset($userId)) {
return new JsonResponse(['message' => 'User is not available', 'status' => 404], 404);
}
$userService = new UserService();
$user = $userService->getUser($userId);
return new JsonResponse($user);
}
// Keep processing next middleware
return $handler->handle($request);
}
}
@mbrodala i came up with the following solution:
if ($request->getUri()->getPath() === '/oauth/identity') {
// Get jwt/bearer token and extract data
$authorization = $request->getHeader('authorization')[0];
$bearer = preg_split('/^Bearer\s/', $authorization)[1];
$jwtData = json_decode(base64_decode(str_replace('_', '/', str_replace('-','+',explode('.', $bearer)[1]))));
$userId = (int)$jwtData->sub;
if(!isset($userId)) {
return new JsonResponse(['message' => 'User is not available', 'status' => 404], 404);
}
$userService = new UserService();
$user = $userService->getUser($userId);
return new JsonResponse($user);
}
If you have a better solution, i'm happy to hear about it. :-)
Thansk for your support.
@ochorocho the user ID is already part of the token passed to your middleware. So you can just use $request->getAttribute('oauth_user_id')
Thanks, i prefer your easy/correct way :-)
Now its working as expected.