fastadmin加密生成token
安装git
sudo yum install git在项目中安装 firebase/php-jwt
composer require firebase/php-jwt注意:PHP7.4以上,安装fileinfo
如果还有问题在PHP配置里禁止:
;disable_functions = passthru,exec,system,putenv,chroot,chgrp,chown,shell_exec,popen,proc_open,pcntl_exec,ini_alter,ini_restore,dl,openlog,syslog,readlink,symlink,popepassthru,pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,imap_open,apache_setenv
后端代码生成token
$payload = array(
"openId" => $openid,
"iat" => time(), // 签发时间
"exp" => time() + (60 * 60) // 过期时间,这里设置为1小时
);
$token = JWT::encode($payload, $sessionKey, 'HS256');
echo $token;但这里有问题是,非32位的token
于是有了以下的token生成,两个方法:
$token = JWT::encode($payload, $sessionKey, 'HS256');
$token = substr(hash('sha256', uniqid(rand(), true)), 0, 32);
最后使用思路逻辑是:
生成一个随机32位token,同时存储创建时间和过期时间,
===在登陆时,拿缓存中的token对比是否过期,如果过期就重新登陆
===重新登陆,用session_key新生成openid,因为openid是不变的,用它找到对应的user_id然后就可以去更新其用户信息和token表的信息,是直接更新,不是重新创建
后端代码:(没有缓存token时,直接用注册信息验证,更新token登陆)
/*
* 注册/登陆用户信息
* 如果有$token就登陆如果没有$token就注册用户信息
*/
public function getUserInfo(){
// 获取得到avatarUrl、nickName、openId,进行存储
$data = $this -> app -> encryptor->decryptData($this -> post['session_key'], $this -> post['iv'], $this -> post['encryptedData']);
$userModel = new HcdrspUser();
$result = $userModel->where('openid', $data['openId'])->find();
if(!$result){
$userModel->openid = $data['openId'];
$userModel->avatarUrl = $data['avatarUrl'];
$userModel->name = $data['nickName'];
$userModel->status = 'normal';
// 创建时间
$userModel->createtime = time();
$userModel->save();
}
// 对user_token表处理
$user_id = $result['id'];
$token = bin2hex(random_bytes(16));
$expireTime = time() + (60 * 60 * 12); // 12小时过期时间
$createtime = time();
$userToken = new UserToken();
$token_result = $userToken->where('user_id', $user_id)->find();
if($token_result){
$userToken -> where('user_id', $user_id) -> update(['token' => $token, 'expiretime' => $expireTime]);
$this->success('登陆成功', ['token' => $token,'userinfo' => $result]);
}else{
$userToken -> token = $token;
$userToken -> expiretime = $expireTime;
$userToken -> user_id = $user_id;
$userToken -> createtime = $createtime;
$userToken -> save();
$this->success('欢迎新用户', ['token' => $token,'userinfo' => $result]);
}
}后端代码:(有缓存token时,验证token并更新token登陆)
/*
* 登陆验证
* 验证token
*/
public function login(){
$token = $this ->request ->post('token');
if ($token){
$token_result = UserToken::where('token', $token)->find();
if($token_result){
if ($token_result['expiretime'] < time()){
$this->error('登陆过期', $token);
}elseif ($token_result['expiretime'] > time()){
$user_id = $token_result['user_id'];
$token = bin2hex(random_bytes(16));
$expireTime = time() + (60 * 60 * 12); // 12小时过期时间
$userToken = new UserToken();
$userToken -> where('user_id', $user_id) -> update(['token' => $token, 'expiretime' => $expireTime]);
$userModel = new HcdrspUser();
$result = $userModel->where('id', $user_id)->find();
$this->success('登陆成功', $result);
}
}else{
$this->error('登陆失败', $token);
}
}else{
$this->error('请先登陆', $token);
}
}