ElyBy-Mirror/accounts
1
0
Fork 0
mirror of https://github.com/elyby/accounts.git synced 2025-05-31 14:11:46 +05:30
Code Issues Packages Projects Releases Wiki Activity

Реорганизована выдача JWT токенов

Browse Source 
Добавлен механизм сохранения сессий и refresh_token
This commit is contained in:
ErickSkrauch
2016-05-30 02:44:17 +03:00
parent 98c01625d1
commit bdc96d82c1
34 changed files with 676 additions and 73 deletions
Download Patch File Download Diff File Expand all files Collapse all files

102
api/components/User/Component.php Normal file
View File

@@ -0,0 +1,102 @@
<?php
namespace api\components\User;
use common\models\AccountSession;
use Emarref\Jwt\Algorithm\Hs256;
use Emarref\Jwt\Claim;
use Emarref\Jwt\Encryption\Factory as EncryptionFactory;
use Emarref\Jwt\Jwt;
use Emarref\Jwt\Token;
use Yii;
use yii\base\ErrorException;
use yii\base\InvalidConfigException;
use yii\web\IdentityInterface;
use yii\web\User as YiiUserComponent;
class Component extends YiiUserComponent {
public $secret;
public $expirationTimeout = 3600; // 1h
public function init() {
parent::init();
if (!$this->secret) {
throw new InvalidConfigException('secret must be specified');
}
}
/**
* @param IdentityInterface $identity
* @param bool $rememberMe
*
* @return LoginResult|bool
* @throws ErrorException
*/
public function login(IdentityInterface $identity, $rememberMe = false) {
if (!$this->beforeLogin($identity, false, $rememberMe)) {
return false;
}
$this->switchIdentity($identity, 0);
$id = $identity->getId();
$ip = Yii::$app->request->userIP;
$jwt = $this->getJWT($identity);
if ($rememberMe) {
$session = new AccountSession();
$session->account_id = $id;
$session->setIp($ip);
$session->generateRefreshToken();
if (!$session->save()) {
throw new ErrorException('Cannot save account session model');
}
} else {
$session = null;
}
Yii::info("User '{$id}' logged in from {$ip}.", __METHOD__);
$result = new LoginResult($identity, $jwt, $session);
$this->afterLogin($identity, false, $rememberMe);
return $result;
}
public function getJWT(IdentityInterface $identity) {
$jwt = new Jwt();
$token = new Token();
foreach($this->getClaims($identity) as $claim) {
$token->addClaim($claim);
}
return $jwt->serialize($token, EncryptionFactory::create($this->getAlgorithm()));
}
/**
* @return Hs256
*/
public function getAlgorithm() {
return new Hs256($this->secret);
}
/**
* @param IdentityInterface $identity
*
* @return Claim\AbstractClaim[]
*/
protected function getClaims(IdentityInterface $identity) {
$currentTime = time();
$hostInfo = Yii::$app->request->hostInfo;
return [
new Claim\Audience($hostInfo),
new Claim\Issuer($hostInfo),
new Claim\IssuedAt($currentTime),
new Claim\Expiration($currentTime + $this->expirationTimeout),
new Claim\JwtId($identity->getId()),
];
}
}

61
api/components/User/LoginResult.php Normal file
View File

@@ -0,0 +1,61 @@
<?php
namespace api\components\User;
use common\models\AccountSession;
use Yii;
use yii\web\IdentityInterface;
class LoginResult {
/**
* @var IdentityInterface
*/
private $identity;
/**
* @var string
*/
private $jwt;
/**
* @var AccountSession|null
*/
private $session;
public function __construct(IdentityInterface $identity, string $jwt, AccountSession $session = null) {
$this->identity = $identity;
$this->jwt = $jwt;
$this->session = $session;
}
public function getIdentity() : IdentityInterface {
return $this->identity;
}
public function getJwt() : string {
return $this->jwt;
}
/**
* @return AccountSession|null
*/
public function getSession() {
return $this->session;
}
public function getAsResponse() {
/** @var Component $component */
$component = Yii::$app->user;
$response = [
'access_token' => $this->getJwt(),
'expires_in' => $component->expirationTimeout,
];
$session = $this->getSession();
if ($session !== null) {
$response['refresh_token'] = $session->refresh_token;
}
return $response;
}
}