From b3d709385f27efc579973064f2e8e2602e22f177 Mon Sep 17 00:00:00 2001
From: B_W_B <b.w.bommerson@365werk.nl>
Date: Wed, 23 Feb 2022 09:30:49 +0100
Subject: [PATCH] Adds option to disable storing roles in the DB

This option defaults to 'true', which was the default behaviour before this change. When set to 'false', an empty array is stored instead of the actual roles.
---
 config/jwtauthroles.php |  3 +++
 src/JwtAuthRoles.php    | 20 ++++++++++++++++----
 2 files changed, 19 insertions(+), 4 deletions(-)

diff --git a/config/jwtauthroles.php b/config/jwtauthroles.php
index 307f9d7..6eb37bd 100644
--- a/config/jwtauthroles.php
+++ b/config/jwtauthroles.php
@@ -6,6 +6,9 @@
     // If enabled, stores every user in the database
     'useDB' => env('FA_USE_DB', false),
 
+    // If enabled, stores the user's roles in the database
+    'storeRoles' => env('FA_STORE_ROLES', true),
+
     // Only if useDB = true
     // Column name in the users table where uuid should be stored.'
     'userId' => env('FA_USR_ID', 'uuid'),
diff --git a/src/JwtAuthRoles.php b/src/JwtAuthRoles.php
index 40f5926..c07d1df 100644
--- a/src/JwtAuthRoles.php
+++ b/src/JwtAuthRoles.php
@@ -151,22 +151,34 @@ public static function authUser(object $request)
             if (config('jwtauthroles.autoCreateUser')) {
                 $user = JwtUser::firstOrNew([config('jwtauthroles.userId') => $claims->sub]);
                 $user[config('jwtauthroles.userId')] = $claims->sub;
-                $user->roles = json_encode($claims->roles);
+                if (config('jwtauthroles.storeRoles')){
+                    $user->roles = json_encode($claims->roles);
+                } else {
+                    $user->roles = json_encode(array());
+                }
                 $user->claims = json_encode($claims);
                 $user->save();
             } else {
                 $user = JwtUser::where(config('jwtauthroles.userId'), '=', $claims->sub)->firstOrFail();
-                $user->roles = json_encode($claims->roles);
+                if (config('jwtauthroles.storeRoles')){
+                    $user->roles = json_encode($claims->roles);
+                } else {
+                    $user->roles = json_encode(array());
+                }
                 $user->claims = json_encode($claims);
                 $user->save();
             }
         } else {
             $user = new JwtUser;
             $user->uuid = $claims->sub;
-            $user->roles = $claims->roles;
+            if (config('jwtauthroles.storeRoles')){
+                $user->roles = $claims->roles;
+            } else {
+                $user->roles = json_encode(array());
+            }
             $user->claims = $claims;
         }
 
         return $user;
     }
-}
+}
\ No newline at end of file