mirror of
https://github.com/v2board/v2board.git
synced 2025-10-31 09:21:46 +08:00
update: multiple session
This commit is contained in:
tokumeikoi
@@ -2,7 +2,6 @@
|
||||
|
||||
namespace App\Console\Commands;
|
||||
|
||||
use App\Utils\Helper;
|
||||
use Illuminate\Console\Command;
|
||||
|
||||
class Test extends Command
|
||||
|
||||
@@ -58,5 +58,7 @@ class V2boardUpdate extends Command
|
||||
}
|
||||
}
|
||||
$this->info('更新完毕,请重新启动队列服务。');
|
||||
\Artisan::call('cache:clear');
|
||||
\Artisan::call('config:cache');
|
||||
}
|
||||
}
|
||||
|
||||
@@ -17,7 +17,6 @@ use App\Utils\Helper;
|
||||
use App\Utils\Dict;
|
||||
use App\Utils\CacheKey;
|
||||
use ReCaptcha\ReCaptcha;
|
||||
use Firebase\JWT\JWT;
|
||||
|
||||
class AuthController extends Controller
|
||||
{
|
||||
@@ -181,7 +180,7 @@ class AuthController extends Controller
|
||||
$authService = new AuthService($user);
|
||||
|
||||
return response()->json([
|
||||
'data' => $authService->generateAuthData('register')
|
||||
'data' => $authService->generateAuthData($request)
|
||||
]);
|
||||
}
|
||||
|
||||
@@ -220,7 +219,7 @@ class AuthController extends Controller
|
||||
|
||||
$authService = new AuthService($user);
|
||||
return response([
|
||||
'data' => $authService->generateAuthData('login')
|
||||
'data' => $authService->generateAuthData($request)
|
||||
]);
|
||||
}
|
||||
|
||||
@@ -252,7 +251,7 @@ class AuthController extends Controller
|
||||
Cache::forget($key);
|
||||
$authService = new AuthService($user);
|
||||
return response([
|
||||
'data' => $authService->generateAuthData('token')
|
||||
'data' => $authService->generateAuthData($request)
|
||||
]);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -2,10 +2,13 @@
|
||||
|
||||
namespace App\Services;
|
||||
|
||||
use App\Utils\CacheKey;
|
||||
use App\Utils\Helper;
|
||||
use Firebase\JWT\JWT;
|
||||
use Firebase\JWT\Key;
|
||||
use App\Models\User;
|
||||
use Illuminate\Support\Facades\Cache;
|
||||
use Illuminate\Http\Request;
|
||||
|
||||
class AuthService
|
||||
{
|
||||
@@ -16,26 +19,29 @@ class AuthService
|
||||
$this->user = $user;
|
||||
}
|
||||
|
||||
public function generateAuthData($utm)
|
||||
public function generateAuthData(Request $request)
|
||||
{
|
||||
$guid = Helper::guid();
|
||||
$authData = JWT::encode([
|
||||
'id' => $this->user->id,
|
||||
'session' => $guid,
|
||||
], config('app.key'), 'HS256');
|
||||
self::addSession($this->user->id, $guid, [
|
||||
'ip' => $request->ip()
|
||||
]);
|
||||
return [
|
||||
'token' => $this->user->token,
|
||||
'is_admin' => $this->user->is_admin,
|
||||
'auth_data' => JWT::encode([
|
||||
'expired_at' => time() + 3600,
|
||||
'id' => $this->user->id,
|
||||
'utm' => $utm,
|
||||
], config('app.key'), 'HS256')
|
||||
'auth_data' => $authData
|
||||
];
|
||||
}
|
||||
|
||||
|
||||
public static function decryptAuthData($jwt)
|
||||
{
|
||||
try {
|
||||
if (!Cache::has($jwt)) {
|
||||
$data = (array)JWT::decode($jwt, new Key(config('app.key'), 'HS256'));
|
||||
if ($data['expired_at'] < time()) return false;
|
||||
if (!self::checkSession($data['id'], $data['session'])) return false;
|
||||
$user = User::select([
|
||||
'id',
|
||||
'email',
|
||||
@@ -51,4 +57,22 @@ class AuthService
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
private static function checkSession($userId, $session)
|
||||
{
|
||||
$sessions = (array)Cache::get(CacheKey::get("USER_SESSIONS", $userId)) ?? [];
|
||||
if (!in_array($session, array_keys($sessions))) return false;
|
||||
return true;
|
||||
}
|
||||
|
||||
private static function addSession($userId, $guid, $meta)
|
||||
{
|
||||
$cacheKey = CacheKey::get("USER_SESSIONS", $userId);
|
||||
$sessions = (array)Cache::get($cacheKey, []);
|
||||
$sessions[$guid] = $meta;
|
||||
if (!Cache::put(
|
||||
$cacheKey,
|
||||
$sessions
|
||||
)) return false;
|
||||
}
|
||||
}
|
||||
|
||||
@@ -21,7 +21,8 @@ class CacheKey
|
||||
'SCHEDULE_LAST_CHECK_AT' => '计划任务最后检查时间',
|
||||
'REGISTER_IP_RATE_LIMIT' => '注册频率限制',
|
||||
'LAST_SEND_LOGIN_WITH_MAIL_LINK_TIMESTAMP' => '最后一次发送登入链接时间',
|
||||
'PASSWORD_ERROR_LIMIT' => '密码错误次数限制'
|
||||
'PASSWORD_ERROR_LIMIT' => '密码错误次数限制',
|
||||
'USER_SESSIONS' => '用户session'
|
||||
];
|
||||
|
||||
public static function get(string $key, $uniqueValue)
|
||||
|
||||
@@ -5,7 +5,6 @@ rm -rf composer.lock composer.phar
|
||||
wget https://github.com/composer/composer/releases/latest/download/composer.phar -O composer.phar
|
||||
php composer.phar update -vvv
|
||||
php artisan v2board:update
|
||||
php artisan config:cache
|
||||
|
||||
if [ -f "/etc/init.d/bt" ]; then
|
||||
chown -R www $(pwd);
|
||||
|
||||
@@ -6,7 +6,6 @@ rm -rf composer.lock composer.phar
|
||||
wget https://github.com/composer/composer/releases/latest/download/composer.phar -O composer.phar
|
||||
php composer.phar update -vvv
|
||||
php artisan v2board:update
|
||||
php artisan config:cache
|
||||
|
||||
if [ -f "/etc/init.d/bt" ]; then
|
||||
chown -R www $(pwd);
|
||||
|
||||
Reference in New Issue
Block a user