diff --git a/app/Console/Commands/Test.php b/app/Console/Commands/Test.php index eb7c2903..667e616c 100644 --- a/app/Console/Commands/Test.php +++ b/app/Console/Commands/Test.php @@ -2,7 +2,6 @@ namespace App\Console\Commands; -use App\Utils\Helper; use Illuminate\Console\Command; class Test extends Command diff --git a/app/Console/Commands/V2boardUpdate.php b/app/Console/Commands/V2boardUpdate.php index 662d7778..c24f4bff 100644 --- a/app/Console/Commands/V2boardUpdate.php +++ b/app/Console/Commands/V2boardUpdate.php @@ -58,5 +58,7 @@ class V2boardUpdate extends Command } } $this->info('更新完毕,请重新启动队列服务。'); + \Artisan::call('cache:clear'); + \Artisan::call('config:cache'); } } diff --git a/app/Http/Controllers/Passport/AuthController.php b/app/Http/Controllers/Passport/AuthController.php index 2d57f92b..99cddb09 100644 --- a/app/Http/Controllers/Passport/AuthController.php +++ b/app/Http/Controllers/Passport/AuthController.php @@ -17,7 +17,6 @@ use App\Utils\Helper; use App\Utils\Dict; use App\Utils\CacheKey; use ReCaptcha\ReCaptcha; -use Firebase\JWT\JWT; class AuthController extends Controller { @@ -181,7 +180,7 @@ class AuthController extends Controller $authService = new AuthService($user); return response()->json([ - 'data' => $authService->generateAuthData('register') + 'data' => $authService->generateAuthData($request) ]); } @@ -220,7 +219,7 @@ class AuthController extends Controller $authService = new AuthService($user); return response([ - 'data' => $authService->generateAuthData('login') + 'data' => $authService->generateAuthData($request) ]); } @@ -252,7 +251,7 @@ class AuthController extends Controller Cache::forget($key); $authService = new AuthService($user); return response([ - 'data' => $authService->generateAuthData('token') + 'data' => $authService->generateAuthData($request) ]); } } diff --git a/app/Services/AuthService.php b/app/Services/AuthService.php index 0d972f07..1e28ed13 100644 --- a/app/Services/AuthService.php +++ b/app/Services/AuthService.php @@ -2,10 +2,13 @@ namespace App\Services; +use App\Utils\CacheKey; +use App\Utils\Helper; use Firebase\JWT\JWT; use Firebase\JWT\Key; use App\Models\User; use Illuminate\Support\Facades\Cache; +use Illuminate\Http\Request; class AuthService { @@ -16,26 +19,29 @@ class AuthService $this->user = $user; } - public function generateAuthData($utm) + public function generateAuthData(Request $request) { + $guid = Helper::guid(); + $authData = JWT::encode([ + 'id' => $this->user->id, + 'session' => $guid, + ], config('app.key'), 'HS256'); + self::addSession($this->user->id, $guid, [ + 'ip' => $request->ip() + ]); return [ 'token' => $this->user->token, 'is_admin' => $this->user->is_admin, - 'auth_data' => JWT::encode([ - 'expired_at' => time() + 3600, - 'id' => $this->user->id, - 'utm' => $utm, - ], config('app.key'), 'HS256') + 'auth_data' => $authData ]; } - public static function decryptAuthData($jwt) { try { if (!Cache::has($jwt)) { $data = (array)JWT::decode($jwt, new Key(config('app.key'), 'HS256')); - if ($data['expired_at'] < time()) return false; + if (!self::checkSession($data['id'], $data['session'])) return false; $user = User::select([ 'id', 'email', @@ -51,4 +57,22 @@ class AuthService return false; } } + + private static function checkSession($userId, $session) + { + $sessions = (array)Cache::get(CacheKey::get("USER_SESSIONS", $userId)) ?? []; + if (!in_array($session, array_keys($sessions))) return false; + return true; + } + + private static function addSession($userId, $guid, $meta) + { + $cacheKey = CacheKey::get("USER_SESSIONS", $userId); + $sessions = (array)Cache::get($cacheKey, []); + $sessions[$guid] = $meta; + if (!Cache::put( + $cacheKey, + $sessions + )) return false; + } } diff --git a/app/Utils/CacheKey.php b/app/Utils/CacheKey.php index 98f33ca3..c7a775c9 100644 --- a/app/Utils/CacheKey.php +++ b/app/Utils/CacheKey.php @@ -21,7 +21,8 @@ class CacheKey 'SCHEDULE_LAST_CHECK_AT' => '计划任务最后检查时间', 'REGISTER_IP_RATE_LIMIT' => '注册频率限制', 'LAST_SEND_LOGIN_WITH_MAIL_LINK_TIMESTAMP' => '最后一次发送登入链接时间', - 'PASSWORD_ERROR_LIMIT' => '密码错误次数限制' + 'PASSWORD_ERROR_LIMIT' => '密码错误次数限制', + 'USER_SESSIONS' => '用户session' ]; public static function get(string $key, $uniqueValue) diff --git a/update.sh b/update.sh index d443ee92..7c9d45b8 100755 --- a/update.sh +++ b/update.sh @@ -5,7 +5,6 @@ rm -rf composer.lock composer.phar wget https://github.com/composer/composer/releases/latest/download/composer.phar -O composer.phar php composer.phar update -vvv php artisan v2board:update -php artisan config:cache if [ -f "/etc/init.d/bt" ]; then chown -R www $(pwd); diff --git a/update_dev.sh b/update_dev.sh index 893699f4..857f2e6b 100755 --- a/update_dev.sh +++ b/update_dev.sh @@ -6,7 +6,6 @@ rm -rf composer.lock composer.phar wget https://github.com/composer/composer/releases/latest/download/composer.phar -O composer.phar php composer.phar update -vvv php artisan v2board:update -php artisan config:cache if [ -f "/etc/init.d/bt" ]; then chown -R www $(pwd);