Expose passthrough parameter in "easy" mode

orinoco · Mar 19, 2016 · 5cdaffb · 5cdaffb
1 parent 0fb9b1f
commit 5cdaffb
Show file tree

Hide file tree

Showing 3 changed files with 74 additions and 2 deletions.
diff --git a/README.md b/README.md
@@ -52,7 +52,7 @@ Validation errors are triggered when the token has been tampered with or the tok
 ## Optional parameters
 ### Path
 
-The optional `path` parameter allows you to specify the protected part of your website. It can be either a string or an array.
+The optional `path` parameter allows you to specify the protected part of your website. It can be either a string or an array. You do not need to specify each URL. Instead think of `path` setting as a folder. In the example below everything starting with `/api` will be authenticated.
 
 ``` php
 $app = new \Slim\App();
@@ -63,6 +63,21 @@ $app->add(new \Slim\Middleware\JwtAuthentication([
 ]));
 ```
 
+### Passthrough
+
+
+With optional `passthrough` parameter you can make exceptions to `path` parameter. In the example below everything starting with `/api` and `/admin`  will be authenticated with the exception of `/api/token` and `/admin/ping` which will not be authenticated.
+
+``` php
+$app = new \Slim\App();
+
+$app->add(new \Slim\Middleware\JwtAuthentication([
+    "path" => ["/api", "/admin"],
+    "passthrough" => ["/api/token", "/admin/ping"],
+    "secret" => "supersecretkeyyoushouldnotcommittogithub"
+]));
+```
+
 ### Logger
 
 The optional `logger` parameter allows you to pass in a PSR-3 compatible logger to help with debugging or other application logging needs.

diff --git a/src/JwtAuthentication.php b/src/JwtAuthentication.php
@@ -35,6 +35,7 @@ class JwtAuthentication
         "cookie" => "token",
         "attribute" => "token",
         "path" => null,
+        "passthrough" => null,
         "callback" => null,
         "error" => null
     ];
@@ -60,7 +61,8 @@ public function __construct(array $options = [])
         /* If path was given in easy mode add rule for it. */
         if (null !== ($this->options["path"])) {
             $this->addRule(new RequestPathRule([
-                "path" => $this->options["path"]
+                "path" => $this->options["path"],
+                "passthrough" => $this->options["passthrough"]
             ]));
         }
     }
@@ -261,6 +263,27 @@ public function setPath($path)
         return $this;
     }
 
+    /**
+     * Get path which middleware ignores
+     *
+     * @return string
+     */
+    public function getPassthrough()
+    {
+        return $this->options["passthrough"];
+    }
+
+    /**
+     * Set path which middleware ignores
+     *
+     * @return self
+     */
+    public function setPassthrough($passthrough)
+    {
+        $this->options["passthrough"] = $passthrough;
+        return $this;
+    }
+
     /**
      * Get the environment name where to search the token from
      *

diff --git a/tests/JwtAuthenticationTest.php b/tests/JwtAuthenticationTest.php
@@ -227,6 +227,33 @@ public function testShouldReturn200WithoutTokenWithPath()
         $this->assertEquals("Foo", $response->getBody());
     }
 
+    public function testShouldReturn200WithoutTokenWithPassthrough()
+    {
+        $uri = Uri::createFromString("https://example.com/api/ping");
+        $headers = new Headers();
+        $cookies = [];
+        $server = [];
+        $body = new Body(fopen("php://temp", "r+"));
+        $request = new Request("GET", $uri, $headers, $cookies, $server, $body);
+
+        $response = new Response();
+
+        $auth = new JwtAuthentication([
+            "path" => ["/api", "/foo"],
+            "passthrough" => ["/api/ping"],
+            "secret" => "supersecretkeyyoushouldnotcommittogithub"
+        ]);
+
+        $next = function (Request $request, Response $response) {
+            return $response->write("Foo");
+        };
+
+        $response = $auth($request, $response, $next);
+
+        $this->assertEquals(200, $response->getStatusCode());
+        $this->assertEquals("Foo", $response->getBody());
+    }
+
     public function testShouldNotAllowInsecure()
     {
         $this->setExpectedException("RuntimeException");
@@ -403,6 +430,13 @@ public function testShouldGetAndSetPath()
         $this->assertEquals("/admin", $auth->getPath());
     }
 
+    public function testShouldGetAndSetPassthrough()
+    {
+        $auth = new \Slim\Middleware\JwtAuthentication;
+        $auth->setPassthrough("/admin/ping");
+        $this->assertEquals("/admin/ping", $auth->getPassthrough());
+    }
+
     public function testShouldGetAndSetSecret()
     {
         $auth = new \Slim\Middleware\JwtAuthentication;