update: multiple session

This commit is contained in:
tokumeikoi 2022-12-15 15:53:25 +08:00
parent d646a3b27f
commit 3d9416bf26
7 changed files with 39 additions and 16 deletions

View File

@ -2,7 +2,6 @@
namespace App\Console\Commands; namespace App\Console\Commands;
use App\Utils\Helper;
use Illuminate\Console\Command; use Illuminate\Console\Command;
class Test extends Command class Test extends Command

View File

@ -58,5 +58,7 @@ class V2boardUpdate extends Command
} }
} }
$this->info('更新完毕,请重新启动队列服务。'); $this->info('更新完毕,请重新启动队列服务。');
\Artisan::call('cache:clear');
\Artisan::call('config:cache');
} }
} }

View File

@ -17,7 +17,6 @@ use App\Utils\Helper;
use App\Utils\Dict; use App\Utils\Dict;
use App\Utils\CacheKey; use App\Utils\CacheKey;
use ReCaptcha\ReCaptcha; use ReCaptcha\ReCaptcha;
use Firebase\JWT\JWT;
class AuthController extends Controller class AuthController extends Controller
{ {
@ -181,7 +180,7 @@ class AuthController extends Controller
$authService = new AuthService($user); $authService = new AuthService($user);
return response()->json([ return response()->json([
'data' => $authService->generateAuthData('register') 'data' => $authService->generateAuthData($request)
]); ]);
} }
@ -220,7 +219,7 @@ class AuthController extends Controller
$authService = new AuthService($user); $authService = new AuthService($user);
return response([ return response([
'data' => $authService->generateAuthData('login') 'data' => $authService->generateAuthData($request)
]); ]);
} }
@ -252,7 +251,7 @@ class AuthController extends Controller
Cache::forget($key); Cache::forget($key);
$authService = new AuthService($user); $authService = new AuthService($user);
return response([ return response([
'data' => $authService->generateAuthData('token') 'data' => $authService->generateAuthData($request)
]); ]);
} }
} }

View File

@ -2,10 +2,13 @@
namespace App\Services; namespace App\Services;
use App\Utils\CacheKey;
use App\Utils\Helper;
use Firebase\JWT\JWT; use Firebase\JWT\JWT;
use Firebase\JWT\Key; use Firebase\JWT\Key;
use App\Models\User; use App\Models\User;
use Illuminate\Support\Facades\Cache; use Illuminate\Support\Facades\Cache;
use Illuminate\Http\Request;
class AuthService class AuthService
{ {
@ -16,26 +19,29 @@ class AuthService
$this->user = $user; $this->user = $user;
} }
public function generateAuthData($utm) public function generateAuthData(Request $request)
{ {
$guid = Helper::guid();
$authData = JWT::encode([
'id' => $this->user->id,
'session' => $guid,
], config('app.key'), 'HS256');
self::addSession($this->user->id, $guid, [
'ip' => $request->ip()
]);
return [ return [
'token' => $this->user->token, 'token' => $this->user->token,
'is_admin' => $this->user->is_admin, 'is_admin' => $this->user->is_admin,
'auth_data' => JWT::encode([ 'auth_data' => $authData
'expired_at' => time() + 3600,
'id' => $this->user->id,
'utm' => $utm,
], config('app.key'), 'HS256')
]; ];
} }
public static function decryptAuthData($jwt) public static function decryptAuthData($jwt)
{ {
try { try {
if (!Cache::has($jwt)) { if (!Cache::has($jwt)) {
$data = (array)JWT::decode($jwt, new Key(config('app.key'), 'HS256')); $data = (array)JWT::decode($jwt, new Key(config('app.key'), 'HS256'));
if ($data['expired_at'] < time()) return false; if (!self::checkSession($data['id'], $data['session'])) return false;
$user = User::select([ $user = User::select([
'id', 'id',
'email', 'email',
@ -51,4 +57,22 @@ class AuthService
return false; return false;
} }
} }
private static function checkSession($userId, $session)
{
$sessions = (array)Cache::get(CacheKey::get("USER_SESSIONS", $userId)) ?? [];
if (!in_array($session, array_keys($sessions))) return false;
return true;
}
private static function addSession($userId, $guid, $meta)
{
$cacheKey = CacheKey::get("USER_SESSIONS", $userId);
$sessions = (array)Cache::get($cacheKey, []);
$sessions[$guid] = $meta;
if (!Cache::put(
$cacheKey,
$sessions
)) return false;
}
} }

View File

@ -21,7 +21,8 @@ class CacheKey
'SCHEDULE_LAST_CHECK_AT' => '计划任务最后检查时间', 'SCHEDULE_LAST_CHECK_AT' => '计划任务最后检查时间',
'REGISTER_IP_RATE_LIMIT' => '注册频率限制', 'REGISTER_IP_RATE_LIMIT' => '注册频率限制',
'LAST_SEND_LOGIN_WITH_MAIL_LINK_TIMESTAMP' => '最后一次发送登入链接时间', 'LAST_SEND_LOGIN_WITH_MAIL_LINK_TIMESTAMP' => '最后一次发送登入链接时间',
'PASSWORD_ERROR_LIMIT' => '密码错误次数限制' 'PASSWORD_ERROR_LIMIT' => '密码错误次数限制',
'USER_SESSIONS' => '用户session'
]; ];
public static function get(string $key, $uniqueValue) public static function get(string $key, $uniqueValue)

View File

@ -5,7 +5,6 @@ rm -rf composer.lock composer.phar
wget https://github.com/composer/composer/releases/latest/download/composer.phar -O composer.phar wget https://github.com/composer/composer/releases/latest/download/composer.phar -O composer.phar
php composer.phar update -vvv php composer.phar update -vvv
php artisan v2board:update php artisan v2board:update
php artisan config:cache
if [ -f "/etc/init.d/bt" ]; then if [ -f "/etc/init.d/bt" ]; then
chown -R www $(pwd); chown -R www $(pwd);

View File

@ -6,7 +6,6 @@ rm -rf composer.lock composer.phar
wget https://github.com/composer/composer/releases/latest/download/composer.phar -O composer.phar wget https://github.com/composer/composer/releases/latest/download/composer.phar -O composer.phar
php composer.phar update -vvv php composer.phar update -vvv
php artisan v2board:update php artisan v2board:update
php artisan config:cache
if [ -f "/etc/init.d/bt" ]; then if [ -f "/etc/init.d/bt" ]; then
chown -R www $(pwd); chown -R www $(pwd);