mirror of
https://github.com/elyby/accounts.git
synced 2024-10-30 15:33:21 +05:30
45c2ed601d
Refactor all JWT-related components Replace RS256 with ES256 as a preferred JWT algorithm
32 lines
864 B
PHP
32 lines
864 B
PHP
<?php
|
|
declare(strict_types=1);
|
|
|
|
namespace api\components\Tokens;
|
|
|
|
use common\models\Account;
|
|
use common\models\AccountSession;
|
|
use Lcobucci\JWT\Token;
|
|
use Yii;
|
|
|
|
class TokensFactory {
|
|
|
|
public const SUB_ACCOUNT_PREFIX = 'ely|';
|
|
|
|
public static function createForAccount(Account $account, AccountSession $session = null): Token {
|
|
$payloads = [
|
|
'ely-scopes' => 'accounts_web_user',
|
|
'sub' => self::SUB_ACCOUNT_PREFIX . $account->id,
|
|
];
|
|
if ($session === null) {
|
|
// If we don't remember a session, the token should live longer
|
|
// so that the session doesn't end while working with the account
|
|
$payloads['exp'] = time() + 60 * 60 * 24 * 7; // 7d
|
|
} else {
|
|
$payloads['jti'] = $session->id;
|
|
}
|
|
|
|
return Yii::$app->tokens->create($payloads);
|
|
}
|
|
|
|
}
|