user = $user; } public function generateAuthData(Request $request) { $guid = Helper::guid(); $authData = JWT::encode([ 'id' => $this->user->id, 'session' => $guid, ], config('app.key'), 'HS256'); self::addSession($this->user->id, $guid, [ 'ip' => $request->ip() ]); return [ 'token' => $this->user->token, 'is_admin' => $this->user->is_admin, 'auth_data' => $authData ]; } public static function decryptAuthData($jwt) { try { if (!Cache::has($jwt)) { $data = (array)JWT::decode($jwt, new Key(config('app.key'), 'HS256')); if (!self::checkSession($data['id'], $data['session'])) return false; $user = User::select([ 'id', 'email', 'is_admin', 'is_staff' ]) ->find($data['id']); if (!$user) return false; Cache::put($jwt, $user->toArray(), 3600); } return Cache::get($jwt); } catch (\Exception $e) { return false; } } private static function checkSession($userId, $session) { $sessions = (array)Cache::get(CacheKey::get("USER_SESSIONS", $userId)) ?? []; if (!in_array($session, array_keys($sessions))) return false; return true; } private static function addSession($userId, $guid, $meta) { $cacheKey = CacheKey::get("USER_SESSIONS", $userId); $sessions = (array)Cache::get($cacheKey, []); $sessions[$guid] = $meta; if (!Cache::put( $cacheKey, $sessions )) return false; } }