Updating code style and handling of encoding algorithm

Author: technotenshi

config/config.php.dist

@@ -1,6 +1,9 @@
 <?php
 return array(
- 'jwtKey' => '', // Key for signing the JWT's, I suggest generate it with base64_encode(openssl_random_pseudo_bytes(64))
+ 'jwt' => array(
+ 'key' => '', // Key for signing the JWT's, I suggest generate it with base64_encode(openssl_random_pseudo_bytes(64))
+ 'algorithm' => 'HS512' // Algorithm used to sign the token, see https://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-40#section-3
+ ),
  'database' => array(
  'user' => '', // Database username
  'password' => '', // Database password

public/login.php

@@ -86,7 +86,12 @@
  * keep it secure! You'll need the exact key to verify the 
  * token later.
  */
- $secretKey = base64_decode($config->get('jwtKey'));
+ $secretKey = base64_decode($config->get('jwt')->get('key'));
+ 
+ /*
+ * Extract the algorithm from the config file too
+ */
+ $algorithm = $config->get('jwt')->get('algorithm');
 
  /*
  * Encode the array to a JWT string.
@@ -97,7 +102,7 @@
  $jwt = JWT::encode(
  $data, //Data to be encoded in the JWT
  $secretKey, // The signing key
- 'HS512'  // Algorithm used to sign the token, see https://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-40#section-3
+ $algorithm // Algorithm used to sign the token, see https://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-40#section-3
  );
 
  $unencodedArray = ['jwt' => $jwt];

public/resource.php

@@ -31,9 +31,9 @@
  /*
  * decode the jwt using the key from config
  */
- $secretKey = base64_decode($config->get('jwtKey'));
+ $secretKey = base64_decode($config->get('jwt')->get('key'));
 
- $token = JWT::decode($jwt, $secretKey, array('HS512'));
+ $token = JWT::decode($jwt, $secretKey, [$config->get('jwt')->get('algorithm')]);
 
  $asset = base64_encode(file_get_contents('http://lorempixel.com/200/300/cats/'));