update: multiple session

This commit is contained in:
tokumeikoi 2022-12-15 15:53:25 +08:00
parent d646a3b27f
commit 3d9416bf26
7 changed files with 39 additions and 16 deletions

View File

@ -2,7 +2,6 @@
namespace App\Console\Commands;
use App\Utils\Helper;
use Illuminate\Console\Command;
class Test extends Command

View File

@ -58,5 +58,7 @@ class V2boardUpdate extends Command
}
}
$this->info('更新完毕,请重新启动队列服务。');
\Artisan::call('cache:clear');
\Artisan::call('config:cache');
}
}

View File

@ -17,7 +17,6 @@ use App\Utils\Helper;
use App\Utils\Dict;
use App\Utils\CacheKey;
use ReCaptcha\ReCaptcha;
use Firebase\JWT\JWT;
class AuthController extends Controller
{
@ -181,7 +180,7 @@ class AuthController extends Controller
$authService = new AuthService($user);
return response()->json([
'data' => $authService->generateAuthData('register')
'data' => $authService->generateAuthData($request)
]);
}
@ -220,7 +219,7 @@ class AuthController extends Controller
$authService = new AuthService($user);
return response([
'data' => $authService->generateAuthData('login')
'data' => $authService->generateAuthData($request)
]);
}
@ -252,7 +251,7 @@ class AuthController extends Controller
Cache::forget($key);
$authService = new AuthService($user);
return response([
'data' => $authService->generateAuthData('token')
'data' => $authService->generateAuthData($request)
]);
}
}

View File

@ -2,10 +2,13 @@
namespace App\Services;
use App\Utils\CacheKey;
use App\Utils\Helper;
use Firebase\JWT\JWT;
use Firebase\JWT\Key;
use App\Models\User;
use Illuminate\Support\Facades\Cache;
use Illuminate\Http\Request;
class AuthService
{
@ -16,26 +19,29 @@ class AuthService
$this->user = $user;
}
public function generateAuthData($utm)
public function generateAuthData(Request $request)
{
$guid = Helper::guid();
$authData = JWT::encode([
'id' => $this->user->id,
'session' => $guid,
], config('app.key'), 'HS256');
self::addSession($this->user->id, $guid, [
'ip' => $request->ip()
]);
return [
'token' => $this->user->token,
'is_admin' => $this->user->is_admin,
'auth_data' => JWT::encode([
'expired_at' => time() + 3600,
'id' => $this->user->id,
'utm' => $utm,
], config('app.key'), 'HS256')
'auth_data' => $authData
];
}
public static function decryptAuthData($jwt)
{
try {
if (!Cache::has($jwt)) {
$data = (array)JWT::decode($jwt, new Key(config('app.key'), 'HS256'));
if ($data['expired_at'] < time()) return false;
if (!self::checkSession($data['id'], $data['session'])) return false;
$user = User::select([
'id',
'email',
@ -51,4 +57,22 @@ class AuthService
return false;
}
}
private static function checkSession($userId, $session)
{
$sessions = (array)Cache::get(CacheKey::get("USER_SESSIONS", $userId)) ?? [];
if (!in_array($session, array_keys($sessions))) return false;
return true;
}
private static function addSession($userId, $guid, $meta)
{
$cacheKey = CacheKey::get("USER_SESSIONS", $userId);
$sessions = (array)Cache::get($cacheKey, []);
$sessions[$guid] = $meta;
if (!Cache::put(
$cacheKey,
$sessions
)) return false;
}
}

View File

@ -21,7 +21,8 @@ class CacheKey
'SCHEDULE_LAST_CHECK_AT' => '计划任务最后检查时间',
'REGISTER_IP_RATE_LIMIT' => '注册频率限制',
'LAST_SEND_LOGIN_WITH_MAIL_LINK_TIMESTAMP' => '最后一次发送登入链接时间',
'PASSWORD_ERROR_LIMIT' => '密码错误次数限制'
'PASSWORD_ERROR_LIMIT' => '密码错误次数限制',
'USER_SESSIONS' => '用户session'
];
public static function get(string $key, $uniqueValue)

View File

@ -5,7 +5,6 @@ rm -rf composer.lock composer.phar
wget https://github.com/composer/composer/releases/latest/download/composer.phar -O composer.phar
php composer.phar update -vvv
php artisan v2board:update
php artisan config:cache
if [ -f "/etc/init.d/bt" ]; then
chown -R www $(pwd);

View File

@ -6,7 +6,6 @@ rm -rf composer.lock composer.phar
wget https://github.com/composer/composer/releases/latest/download/composer.phar -O composer.phar
php composer.phar update -vvv
php artisan v2board:update
php artisan config:cache
if [ -f "/etc/init.d/bt" ]; then
chown -R www $(pwd);