gpt4 book ai didi

laravel - 护照,过期后刷新 token 的方法

转载 作者:行者123 更新时间:2023-12-02 02:39:45 25 4
gpt4 key购买 nike

我正在使用 laravel v5.8、VueJS 和 passport v7.4 进行身份验证。下面是我的登录函数:

  public function login(Request $request)
{
$validator = Validator::make($request->all(), [
'email' => 'required|string|email',
'password' => 'required|string',
]);

if ($validator->fails()) {
return response([
'status' => 0,
'message' => $validator->errors()->first()
]);
}

$credentials = request(['email', 'password']);

if (!Auth::attempt($credentials))
return response()->json([
'status' => 0,
'message' => 'Unauthorized'
], 401);


$user = $request->user();

$tokenResult = $user->createToken('authToken');
$token = $tokenResult->token;
$token->save();

$user_role = Auth::user()->user_type;
$user->assignRole($user_role);

return response()->json([
'status' => 1,
'access_token' => $tokenResult->accessToken,
'token_type' => 'Bearer',
'expires_at' => Carbon::parse(
$tokenResult->token->expires_at
)->toDateTimeString(),
]);
}

我的问题是我的 token 将在 10 秒后过期(这是为了测试目的)。因此,我使用 VueJS 中的以下函数检查 token 是否已过期:

 isValid(token) {
const payload = this.payload(token);
if (payload) {
const datetime = Math.floor(Date.now() / 1000);
return payload.exp >= datetime ? true : false;
}
return false;
}

所以这工作正常,但我应该怎么做才能刷新 token ?我们可以做一个中间件来自己处理吗?或者无论如何都可以检测用户是否正在积极使用该应用程序,例如在正常的基于 session 的身份验证中?

最佳答案

看起来您正在重新发明轮子,我建议向 passport/oauth/token 发出请求,然后返回 access_token 和刷新 token 。此外,为了摆脱构建身份验证控制层,我正在使用 nuxtjs。

下面的例子需要 guzzlehttp/guzzle 包。

<?php

namespace App\Http\Controllers\Api;

use App\Http\Controllers\Controller;
use App\Http\Resources\User;
use Illuminate\Http\Request;
use GuzzleHttp\Client;

class AuthController extends Controller
{

/**
* @param Request $request
* @return \Illuminate\Http\JsonResponse
*/
public function user(Request $request)
{
return response()->json(['user' => new User($request->user())]);
}

/**
* @param Request $request
* @return \Illuminate\Http\JsonResponse|\Psr\Http\Message\StreamInterface
*/
public function login (Request $request)
{

$http = new Client;

try {
$response = $http->post(config('app.url') . '/oauth/token', [
'form_params' => [
'grant_type' => 'password',
'client_id' => '2',
'client_secret' => 'ugjAn1BD4Cs8gAP63RqixyCOD3Z1dUrrNiEgxQtN',
'username' => $request->get('email'),
'password' => $request->get('password')
]
]);

return $response->getBody();
} catch (\GuzzleHttp\Exception\BadResponseException $e) {
if (400 === $e->getCode()) {
return response()->json(['message' => 'Invalid request. Please enter username and password'], $e->getCode());
} else if (401 === $e->getCode()) {
return response()->json([message' => 'Your credentials are incorrect. Please try again.'], $e->getCode());
}
}

return response()->json(['message' => 'Something went wrong please try again later. ' . $e->getMessage()], $e->getCode());
}

/**
* @param Request $request
* @return \Illuminate\Http\JsonResponse
*/
function logout (Request $request)
{
$request->user()->tokens->each(function ($token, $key) {
$token->delete();
});

return response()->json(['message' => 'Logged out successfully'], 200);
}
}

关于laravel - 护照,过期后刷新 token 的方法,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/60474886/

25 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com