From 25fde420410de5718afedf1410fa64d6c695c4d2 Mon Sep 17 00:00:00 2001 From: vilson <545522390@qq.com> Date: Tue, 29 Jan 2019 21:31:30 +0800 Subject: [PATCH] =?UTF-8?q?=E6=8E=A5=E5=85=A5JWT?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: vilson <545522390@qq.com> --- application/index/controller/Index.php | 7 +++++-- application/project/middleware/Auth.php | 17 +++++++++-------- config/jwt.php | 2 +- extend/service/JwtService.php | 2 +- 4 files changed, 16 insertions(+), 12 deletions(-) diff --git a/application/index/controller/Index.php b/application/index/controller/Index.php index 2fbfbcf..8579ac6 100644 --- a/application/index/controller/Index.php +++ b/application/index/controller/Index.php @@ -196,7 +196,7 @@ class Index extends BasicApi } /** - *刷新token + * 刷新token */ public function refreshAccessToken() { @@ -205,7 +205,10 @@ class Index extends BasicApi if (isError($data)) { $this->error('token过期,请重新登录', 401); } - $this->success('', JwtService::getAccessToken(get_object_vars($data->data))); + $accessToken = JwtService::getAccessToken(get_object_vars($data->data)); + $accessTokenExp = JwtService::decodeToken($accessToken)->exp; + $tokenList['accessTokenExp'] = $accessTokenExp; + $this->success('', ['accessToken' => $accessToken, 'accessTokenExp' => $accessTokenExp]); } diff --git a/application/project/middleware/Auth.php b/application/project/middleware/Auth.php index 648f13a..012c0fa 100644 --- a/application/project/middleware/Auth.php +++ b/application/project/middleware/Auth.php @@ -30,21 +30,22 @@ class Auth if ($currentOrganizationCode) { setCurrentOrganizationCode($currentOrganizationCode); } - $authorization = $request->header('Authorization'); - $accessToken = ''; - if ($authorization) { - $accessToken = explode(' ', $authorization)[1]; - } - $data = JwtService::decodeToken($accessToken); // 登录状态检查 if (!empty($access['is_login'])) { + $authorization = $request->header('Authorization'); + $accessToken = ''; + if ($authorization) { + $accessToken = explode(' ', $authorization)[1]; + } + $data = JwtService::decodeToken($accessToken); $isError = isError($data); if ($isError) { + //TODO 启用refreshToken if ($data['errno'] == 3) { - $msg = ['code' => 4010, 'msg' => 'accessToken过期']; + $msg = ['code' => 401, 'msg' => 'accessToken过期']; return json($msg); } - $msg = ['code' => 401, 'msg' => 'token过期,请重新登录']; + $msg = ['code' => 402, 'msg' => 'token过期,请重新登录']; return json($msg); } setCurrentMember(get_object_vars($data->data)); diff --git a/config/jwt.php b/config/jwt.php index f0a6d6f..d805ee8 100644 --- a/config/jwt.php +++ b/config/jwt.php @@ -5,7 +5,7 @@ return [ 'key' => 'pearProject', 'alg' => 'HS256', //access_token有效时间 - 'accessTokenExp' => 20, + 'accessTokenExp' => 3600, //refresh_token有效时间 'refreshTokenExp' => 3600 * 24 * 7, //签发者 可选 diff --git a/extend/service/JwtService.php b/extend/service/JwtService.php index 2749962..8c3b9cc 100644 --- a/extend/service/JwtService.php +++ b/extend/service/JwtService.php @@ -100,7 +100,7 @@ class JwtService public static function decodeToken($token) { $jwtConfig = config('jwt.'); - JWT::$leeway = 60;//当前时间减去60,把时间留点余地 +// JWT::$leeway = 60; //当前时间减去60,把时间留点余地 try { $decoded = JWT::decode($token, $jwtConfig['key'], array($jwtConfig['alg']));//解密方式,这里要和签发的时候对应 } catch (\Firebase\JWT\SignatureInvalidException $e) { //签名不正确