Initial commit

Author: coffezilla

.DS_Store

@@ -0,0 +1,2 @@
+# Auto detect text files and perform LF normalization
+* text=auto

.gitattributes

@@ -0,0 +1,72 @@
+# react-bhx-auth
+
+Authentication is one of the most time-consuming things to do when you have to deal with web projects. This projects is a ReactJS authentication using [JWT (json web token)](https://jwt.io/) with REST calls to a server. 
+
+There's a backend folder inside the project with PHP pages (Apache server) for login.
+
+The token is saved locally using [local storage](https://developer.mozilla.org/pt-BR/docs/Web/API/Window/localStorage).
+
+## Feat
+
+- ReactJS with create-react-app
+- Typescript
+- JWT - Token
+- PHP backend
+- REST
+- [Axios](https://www.npmjs.com/package/axios)
+
+## How to use
+
+In order to use this project get the component's folder (components/Auth) and the helper's folder. In components, the component Auth has two main functions:
+
+- serverLoginUser: to send a post request to login
+- getAuth: get the current status of the user.
+
+## Login form
+
+In the example inside this project you can test one form login but you can pretty much use the form validator you like.
+
+## Local storage
+
+When the user loggin successfully, the component save a json inside the local storage.
+
+```json
+{
+  "auth": {
+    "token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJiaHhzaXRlcyIsImVtYWlsIjoiZm9vQG1haWwuY29tIn0.Sk0VtWo_UNSaW-TfGjvMGpiOwxx4cz9SEDkjx70MZvE",
+    "email": "foo@mail.com",
+    "timestamp": "2020-09-02 21:14:13"
+  }
+}
+```
+
+## Backend
+
+Even though is not the main purpose, inside this project you will find a backend folder with PHP files.
+
+You can put this folder inside your [localhost](http://localhost) and change the endpoint inside the components folder. The default value for this is pointing to some BHX Sites path with the same file but you can do this locally or even try use NodeJS instead of PHP (Apache).
+
+### Fake data inside PHP
+
+For testing purposes you will need to put **foo@mail.com** as e-mail and **123** as password.
+
+Inside the PHP (login.php) page you will find the a simple checker to check if the login is correct.
+
+```php
+// fake database return
+$DATABASE_PASSWORD = md5('123');
+$DATABASE_EMAIL = 'foo@mail.com';
+```
+
+### JWT serverKey
+
+In order to use JWT you have to define a key (string). Set this inside the PHP page (auth.php)
+
+```php
+// JWT config
+$JWTServerkey = '123123';
+```
+
+## Example
+
+![login.gif](react-bhx-auth%209006df9d7f2a492388f768486923f721/login.gif)

README.md

@@ -0,0 +1,41 @@
+<?php 
+
+header('Content-Type: application/json; charset=UTF-8');
+
+// JWT auth
+include "connect/auth.php";
+
+$dataResponse = array();
+$dataResponse['status'] = 1;
+$dataResponse['message'] = '';
+$errors = array();
+
+$currentTimestamp = Date('Y-m-d H:i:s');
+$userEmail = addslashes(trim($_GET['email']));
+
+$isAuth = verifyAuth($clientToken, $JWTServerkey);
+
+
+if($isAuth) {
+
+	  $emailValidation = createJWTAuth($userEmail, $JWTServerkey);
+    
+    if('Bearer '.$emailValidation === $clientToken) {
+			$dataResponse['timestamp'] = $currentTimestamp;
+			$dataResponse['status'] = 1;
+			$dataResponse['email'] = $userEmail;
+			$dataResponse['token'] = $emailValidation;
+			$dataResponse['message'] = 'Valid Token and valid Email';
+    } else {
+			$dataResponse['timestamp'] = $currentTimestamp;
+			$dataResponse['status'] = 3;
+			$dataResponse['message'] = 'Valid Token but invalid email';
+    }
+} else {
+	$dataResponse['timestamp'] = $currentTimestamp;
+	$dataResponse['status'] = 2;
+	$dataResponse['message'] = 'Invalid Token';
+}
+
+$resultadosJson = json_encode($dataResponse);
+echo $resultadosJson;

backend/.DS_Store

@@ -0,0 +1,123 @@
+<?php
+// access
+header('Access-Control-Allow-Origin: *');
+header('Access-Control-Allow-Credentials: true');
+header('Access-Control-Allow-Methods: GET,HEAD,OPTIONS,POST,PUT');
+header('Access-Control-Allow-Headers: Authorization, Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers');
+
+//conecta ao banco
+error_reporting(0);
+date_default_timezone_set('America/Sao_Paulo');
+
+// JWT config
+$JWTServerkey = '123123';
+
+// JWT key data
+$httpHeaderData = apache_request_headers();
+if(isset($httpHeaderData['authorization']) || isset($httpHeaderData['Authorization'])) {
+    $clientToken = isset($httpHeaderData['authorization']) ? $httpHeaderData['authorization'] : $httpHeaderData['Authorization'];
+}
+
+//
+function createJWTAuth($email, $key) {
+
+    $header = [
+        'alg' => 'HS256',
+        'typ' => 'JWT'
+    ];
+    $header = json_encode($header);
+    $header = base64UrlEncode($header);
+    
+    $payload = [
+        'iss' => 'bhxsites',
+        'email' => $email
+    ];
+    $payload = json_encode($payload);
+    $payload = base64UrlEncode($payload);
+    
+    $signature = hash_hmac('sha256', $header . "." . $payload , $key , true );
+    $signature = base64UrlEncode($signature);
+   
+
+    return $header.".".$payload.".".$signature;
+}
+
+//
+function verifyAuth($headerToken, $key) {
+
+
+            
+    $bearer = explode (' ', $headerToken);
+    $isValidAuth = 0;
+
+    $token = explode('.', $bearer[1]);
+    $header = $token[0];
+    $payload = $token[1];
+    $sign = $token[2];
+
+    $valid = hash_hmac('sha256', $header . "." . $payload , $key , true);
+    $valid = base64UrlEncode($valid);
+
+
+    if ($sign == $valid) {
+        return true;
+    } else {
+        return false;
+    }
+}
+
+
+//
+function base64UrlEncode ($value) {
+    $b64 = base64_encode($value);
+    if ($b64 === false) {
+        return false;
+    }
+    $url = strtr($b64, '+/', '-_');
+    return rtrim($url, '=');
+}
+
+
+// 
+function getAuthorizatedUserData($connection, $userEmail, $JWTServerkey, $clientToken) {
+
+    $responseData = array(
+        'status' => '0',
+        'id' => '0',
+        'email' => '0'
+    );
+    $emailValidation = createJWTAuth($userEmail, $JWTServerkey);
+
+    // check if email is correct
+    if('Bearer '.$emailValidation === $clientToken) {
+
+        // find user id
+        $queryUsers = mysqli_query($connection, "SELECT 
+        usr_id,
+        usr_email
+        FROM users
+        WHERE usr_email = '{$userEmail}' AND usr_status = 1
+        ORDER BY usr_id
+        DESC
+        LIMIT 1") or die ("User Not Found");
+
+        // check if user was found
+        if (mysqli_num_rows ($queryUsers) > 0) {
+            $dataUser = mysqli_fetch_assoc($queryUsers);
+            $responseData['status'] = 1;
+            $responseData['id'] = $dataUser['usr_id'];
+            $responseData['email'] = $dataUser['usr_email'];
+        } else {
+
+            // no user
+            $responseData['status'] = 2;
+        }
+
+    } else {
+        
+        // not auth
+        $responseData['status'] = 2;
+    }
+
+    return $responseData;
+}

backend/check.php

@@ -0,0 +1,61 @@
+<?php 
+
+header('Content-Type: application/json; charset=UTF-8');
+
+// JWT auth
+include "connect/auth.php";
+
+$dataResponse = array();
+$dataResponse['status'] = 0;
+$dataResponse['message'] = '';
+$errors = array();
+
+// var
+$userEmail = addslashes(trim($_POST['email']));
+$userEmail = str_replace(" ", "", $userEmail);
+
+$userPassword = addslashes(trim($_POST['password']));
+$userPassword = str_replace(" ", "", $userPassword);
+$userPasswordMd5 = md5($userPassword);
+$currentTimestamp = Date('Y-m-d H:i:s');
+
+// creating new token JWT
+$token = createJWTAuth($userEmail, $JWTServerkey);
+
+// verify
+$validInputs = false;
+
+// check input
+if( $userEmail != '' && strlen($userEmail) >= 3 && $userPassword != '' && strlen($userPassword) >= 3 ) {
+    $validInputs = true;
+} else {
+    $dataResponse['message'] = 'Empty field not allowed';
+    $dataResponse['status'] = 2;
+}
+
+if($validInputs) {
+
+    // fake database return
+    $DATABASE_PASSWORD = md5('123');
+    $DATABASE_EMAIL = 'foo@mail.com';
+
+    if( $DATABASE_EMAIL == $userEmail && $DATABASE_PASSWORD == $userPasswordMd5) {
+
+        $dataResponse['token'] = $token;
+        $dataResponse['timestamp'] = $currentTimestamp;
+
+        $dataResponse['user'] = array(
+            'id' => 1,
+            'email' => $userEmail,
+        );
+        $dataResponse['status'] = 1;    
+        $dataResponse['message'] = 'Logged';
+
+    } else {
+        $dataResponse['message'] = 'Invalid E-mail or Password';
+        $dataResponse['status'] = 3;
+    }
+}
+
+$resultadosJson = json_encode($dataResponse);
+echo $resultadosJson;

backend/connect/auth.php

@@ -0,0 +1,23 @@
+# See https://help.github.com/articles/ignoring-files/ for more about ignoring files.
+
+# dependencies
+/node_modules
+/.pnp
+.pnp.js
+
+# testing
+/coverage
+
+# production
+/build
+
+# misc
+.DS_Store
+.env.local
+.env.development.local
+.env.test.local
+.env.production.local
+
+npm-debug.log*
+yarn-debug.log*
+yarn-error.log*

backend/login.php

@@ -0,0 +1,46 @@
+# Getting Started with Create React App
+
+This project was bootstrapped with [Create React App](https://github.com/facebook/create-react-app).
+
+## Available Scripts
+
+In the project directory, you can run:
+
+### `npm start`
+
+Runs the app in the development mode.\
+Open [http://localhost:3000](http://localhost:3000) to view it in the browser.
+
+The page will reload if you make edits.\
+You will also see any lint errors in the console.
+
+### `npm test`
+
+Launches the test runner in the interactive watch mode.\
+See the section about [running tests](https://facebook.github.io/create-react-app/docs/running-tests) for more information.
+
+### `npm run build`
+
+Builds the app for production to the `build` folder.\
+It correctly bundles React in production mode and optimizes the build for the best performance.
+
+The build is minified and the filenames include the hashes.\
+Your app is ready to be deployed!
+
+See the section about [deployment](https://facebook.github.io/create-react-app/docs/deployment) for more information.
+
+### `npm run eject`
+
+**Note: this is a one-way operation. Once you `eject`, you can’t go back!**
+
+If you aren’t satisfied with the build tool and configuration choices, you can `eject` at any time. This command will remove the single build dependency from your project.
+
+Instead, it will copy all the configuration files and the transitive dependencies (webpack, Babel, ESLint, etc) right into your project so you have full control over them. All of the commands except `eject` will still work, but they will point to the copied scripts so you can tweak them. At this point you’re on your own.
+
+You don’t have to ever use `eject`. The curated feature set is suitable for small and middle deployments, and you shouldn’t feel obligated to use this feature. However we understand that this tool wouldn’t be useful if you couldn’t customize it when you are ready for it.
+
+## Learn More
+
+You can learn more in the [Create React App documentation](https://facebook.github.io/create-react-app/docs/getting-started).
+
+To learn React, check out the [React documentation](https://reactjs.org/).