mirror of
https://github.com/elyby/accounts.git
synced 2025-05-31 14:11:46 +05:30
Реорганизована выдача JWT токенов
Добавлен механизм сохранения сессий и refresh_token
This commit is contained in:
@@ -3,7 +3,6 @@ namespace common\models;
|
||||
|
||||
use common\components\UserPass;
|
||||
use common\validators\LanguageValidator;
|
||||
use damirka\JWT\UserTrait as UserJWTTrait;
|
||||
use Ely\Yii2\TempmailValidator;
|
||||
use Yii;
|
||||
use yii\base\InvalidConfigException;
|
||||
@@ -29,15 +28,14 @@ use yii\db\ActiveRecord;
|
||||
*
|
||||
* Отношения:
|
||||
* @property EmailActivation[] $emailActivations
|
||||
* @property OauthSession[] $sessions
|
||||
* @property OauthSession[] $oauthSessions
|
||||
* @property UsernameHistory[] $usernameHistory
|
||||
* @property AccountSession[] $sessions
|
||||
*
|
||||
* Поведения:
|
||||
* @mixin TimestampBehavior
|
||||
*/
|
||||
class Account extends ActiveRecord {
|
||||
use UserJWTTrait;
|
||||
|
||||
const STATUS_DELETED = -10;
|
||||
const STATUS_REGISTERED = 0;
|
||||
const STATUS_ACTIVE = 10;
|
||||
@@ -121,7 +119,7 @@ class Account extends ActiveRecord {
|
||||
return $this->hasMany(EmailActivation::class, ['account_id' => 'id']);
|
||||
}
|
||||
|
||||
public function getSessions() {
|
||||
public function getOauthSessions() {
|
||||
return $this->hasMany(OauthSession::class, ['owner_id' => 'id']);
|
||||
}
|
||||
|
||||
@@ -129,6 +127,10 @@ class Account extends ActiveRecord {
|
||||
return $this->hasMany(UsernameHistory::class, ['account_id' => 'id']);
|
||||
}
|
||||
|
||||
public function getSessions() {
|
||||
return $this->hasMany(AccountSession::class, ['account_id' => 'id']);
|
||||
}
|
||||
|
||||
/**
|
||||
* Метод проверяет, может ли текущий пользователь быть автоматически авторизован
|
||||
* для указанного клиента без запроса доступа к необходимому списку прав
|
||||
@@ -144,7 +146,7 @@ class Account extends ActiveRecord {
|
||||
}
|
||||
|
||||
/** @var OauthSession|null $session */
|
||||
$session = $this->getSessions()->andWhere(['client_id' => $client->id])->one();
|
||||
$session = $this->getOauthSessions()->andWhere(['client_id' => $client->id])->one();
|
||||
if ($session !== null) {
|
||||
$existScopes = $session->getScopes()->members();
|
||||
if (empty(array_diff(array_keys($scopes), $existScopes))) {
|
||||
|
54
common/models/AccountSession.php
Normal file
54
common/models/AccountSession.php
Normal file
@@ -0,0 +1,54 @@
|
||||
<?php
|
||||
namespace common\models;
|
||||
|
||||
use Yii;
|
||||
use yii\behaviors\TimestampBehavior;
|
||||
use yii\db\ActiveRecord;
|
||||
|
||||
/**
|
||||
* Поля модели:
|
||||
* @property integer $id
|
||||
* @property integer $account_id
|
||||
* @property string $refresh_token
|
||||
* @property integer $last_used_ip
|
||||
* @property integer $created_at
|
||||
* @property integer $last_refreshed
|
||||
*
|
||||
* Отношения:
|
||||
* @property Account $account
|
||||
*
|
||||
* Поведения:
|
||||
* @mixin TimestampBehavior
|
||||
*/
|
||||
class AccountSession extends ActiveRecord {
|
||||
|
||||
public static function tableName() {
|
||||
return '{{%accounts_sessions}}';
|
||||
}
|
||||
|
||||
public function behaviors() {
|
||||
return [
|
||||
[
|
||||
'class' => TimestampBehavior::class,
|
||||
'updatedAtAttribute' => 'last_refreshed_at',
|
||||
]
|
||||
];
|
||||
}
|
||||
|
||||
public function getAccount() {
|
||||
return $this->hasOne(Account::class, ['id' => 'account_id']);
|
||||
}
|
||||
|
||||
public function generateRefreshToken() {
|
||||
$this->refresh_token = Yii::$app->security->generateRandomString(96);
|
||||
}
|
||||
|
||||
public function setIp($ip) {
|
||||
$this->last_used_ip = ip2long($ip);
|
||||
}
|
||||
|
||||
public function getReadableIp() {
|
||||
return long2ip($this->last_used_ip);
|
||||
}
|
||||
|
||||
}
|
Reference in New Issue
Block a user