ElyBy-Mirror/accounts
1
0
Fork 0
mirror of https://github.com/elyby/accounts.git synced 2025-05-31 14:11:46 +05:30
Code Issues Packages Projects Releases Wiki Activity

Отрефакторен компонент User\Component

Browse Source 
Добавлен метод getActiveSession
Добавлена логика для функции "Разлогинить всех" в форме смены пароля
This commit is contained in:
ErickSkrauch
2016-06-05 17:01:35 +03:00
parent e18f6a08b0
commit 113b9f98d8
9 changed files with 301 additions and 89 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
api/models/AccountIdentity.php
View File

@@ -2,10 +2,9 @@
namespace api\models;
use common\models\Account;
use Emarref\Jwt\Encryption\Factory;
use Emarref\Jwt\Claim\JwtId;
use Emarref\Jwt\Exception\VerificationException;
use Emarref\Jwt\Jwt;
use Emarref\Jwt\Verification\Context as VerificationContext;
use Emarref\Jwt\Token;
use Yii;
use yii\base\NotSupportedException;
use yii\helpers\StringHelper;
@@ -13,22 +12,14 @@ use yii\web\IdentityInterface;
use yii\web\UnauthorizedHttpException;
class AccountIdentity extends Account implements IdentityInterface {
/**
* @inheritdoc
*/
public static function findIdentityByAccessToken($token, $type = null) {
$jwt = new Jwt();
$token = $jwt->deserialize($token);
/** @var \api\components\User\Component $component */
$component = Yii::$app->user;
$hostInfo = Yii::$app->request->hostInfo;
$context = new VerificationContext(Factory::create($component->getAlgorithm()));
$context->setAudience($hostInfo);
$context->setIssuer($hostInfo);
try {
$jwt->verify($token, $context);
$token = $component->parseToken($token);
} catch (VerificationException $e) {
if (StringHelper::startsWith($e->getMessage(), 'Token expired at')) {
$message = 'Token expired';
@@ -40,8 +31,8 @@ class AccountIdentity extends Account implements IdentityInterface {
}
// Если исключение выше не случилось, то значит всё оке
/** @var \Emarref\Jwt\Claim\JwtId $jti */
$jti = $token->getPayload()->findClaimByName('jti');
/** @var JwtId $jti */
$jti = $token->getPayload()->findClaimByName(JwtId::NAME);
$account = static::findOne($jti->getValue());
if ($account === null) {
throw new UnauthorizedHttpException('Invalid token');

36
api/models/profile/ChangePasswordForm.php
View File

@@ -5,6 +5,7 @@ use api\models\base\PasswordProtectedForm;
use common\models\Account;
use common\validators\PasswordValidate;
use Yii;
use yii\base\ErrorException;
use yii\helpers\ArrayHelper;
class ChangePasswordForm extends PasswordProtectedForm {
@@ -20,6 +21,11 @@ class ChangePasswordForm extends PasswordProtectedForm {
*/
private $_account;
public function __construct(Account $account, array $config = []) {
$this->_account = $account;
parent::__construct($config);
}
/**
* @inheritdoc
*/
@@ -41,34 +47,40 @@ class ChangePasswordForm extends PasswordProtectedForm {
}
/**
* @return boolean if password was changed.
* @return boolean
*/
public function changePassword() {
if (!$this->validate()) {
return false;
}
$transaction = Yii::$app->db->beginTransaction();
$account = $this->_account;
$account->setPassword($this->newPassword);
if ($this->logoutAll) {
// TODO: реализовать процесс разлогинивания всех авторизованных устройств и дописать под это всё тесты
/** @var \api\components\User\Component $userComponent */
$userComponent = Yii::$app->user;
$sessions = $account->sessions;
$activeSession = $userComponent->getActiveSession();
foreach ($sessions as $session) {
if (!$activeSession || $activeSession->id !== $session->id) {
$session->delete();
}
}
}
return $account->save();
if (!$account->save()) {
throw new ErrorException('Cannot save user model');
}
$transaction->commit();
return true;
}
protected function getAccount() {
return $this->_account;
}
/**
* @param Account $account
* @param array $config
*/
public function __construct(Account $account, array $config = []) {
$this->_account = $account;
parent::__construct($config);
}
}