From 25fde420410de5718afedf1410fa64d6c695c4d2 Mon Sep 17 00:00:00 2001
From: vilson <545522390@qq.com>
Date: Tue, 29 Jan 2019 21:31:30 +0800
Subject: [PATCH] =?UTF-8?q?=E6=8E=A5=E5=85=A5JWT?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: vilson <545522390@qq.com>
---
 application/index/controller/Index.php  |  7 +++++--
 application/project/middleware/Auth.php | 17 +++++++++--------
 config/jwt.php                          |  2 +-
 extend/service/JwtService.php           |  2 +-
 4 files changed, 16 insertions(+), 12 deletions(-)

diff --git a/application/index/controller/Index.php b/application/index/controller/Index.php
index 2fbfbcf..8579ac6 100644
--- a/application/index/controller/Index.php
+++ b/application/index/controller/Index.php
@@ -196,7 +196,7 @@ class Index extends BasicApi
     }
 
     /**
-     *刷新token
+     * 刷新token
      */
     public function refreshAccessToken()
     {
@@ -205,7 +205,10 @@ class Index extends BasicApi
         if (isError($data)) {
             $this->error('token过期，请重新登录', 401);
         }
-        $this->success('', JwtService::getAccessToken(get_object_vars($data->data)));
+        $accessToken = JwtService::getAccessToken(get_object_vars($data->data));
+        $accessTokenExp = JwtService::decodeToken($accessToken)->exp;
+        $tokenList['accessTokenExp'] = $accessTokenExp;
+        $this->success('', ['accessToken' => $accessToken, 'accessTokenExp' => $accessTokenExp]);
 
     }
 
diff --git a/application/project/middleware/Auth.php b/application/project/middleware/Auth.php
index 648f13a..012c0fa 100644
--- a/application/project/middleware/Auth.php
+++ b/application/project/middleware/Auth.php
@@ -30,21 +30,22 @@ class Auth
         if ($currentOrganizationCode) {
             setCurrentOrganizationCode($currentOrganizationCode);
         }
-        $authorization = $request->header('Authorization');
-        $accessToken = '';
-        if ($authorization) {
-            $accessToken = explode(' ', $authorization)[1];
-        }
-        $data = JwtService::decodeToken($accessToken);
         // 登录状态检查
         if (!empty($access['is_login'])) {
+            $authorization = $request->header('Authorization');
+            $accessToken = '';
+            if ($authorization) {
+                $accessToken = explode(' ', $authorization)[1];
+            }
+            $data = JwtService::decodeToken($accessToken);
             $isError = isError($data);
             if ($isError) {
+                //TODO 启用refreshToken
                 if ($data['errno'] == 3) {
-                    $msg = ['code' => 4010, 'msg' => 'accessToken过期'];
+                    $msg = ['code' => 401, 'msg' => 'accessToken过期'];
                     return json($msg);
                 }
-                $msg = ['code' => 401, 'msg' => 'token过期，请重新登录'];
+                $msg = ['code' => 402, 'msg' => 'token过期，请重新登录'];
                 return json($msg);
             }
             setCurrentMember(get_object_vars($data->data));
diff --git a/config/jwt.php b/config/jwt.php
index f0a6d6f..d805ee8 100644
--- a/config/jwt.php
+++ b/config/jwt.php
@@ -5,7 +5,7 @@ return [
     'key' => 'pearProject',
     'alg' => 'HS256',
     //access_token有效时间
-    'accessTokenExp' => 20,
+    'accessTokenExp' => 3600,
     //refresh_token有效时间
     'refreshTokenExp' => 3600 * 24 * 7,
     //签发者 可选
diff --git a/extend/service/JwtService.php b/extend/service/JwtService.php
index 2749962..8c3b9cc 100644
--- a/extend/service/JwtService.php
+++ b/extend/service/JwtService.php
@@ -100,7 +100,7 @@ class JwtService
     public static function decodeToken($token)
     {
         $jwtConfig = config('jwt.');
-        JWT::$leeway = 60;//当前时间减去60，把时间留点余地
+//        JWT::$leeway = 60; //当前时间减去60，把时间留点余地
         try {
             $decoded = JWT::decode($token, $jwtConfig['key'], array($jwtConfig['alg']));//解密方式，这里要和签发的时候对应
         } catch (\Firebase\JWT\SignatureInvalidException $e) {  //签名不正确