Acasă Explorează Ajutor
Autentificare
kucoin-test
/
kefu
2
0
Bifurcare 0
Fisiere Probleme 0 Trageți solicitările 0 Wiki
Ramură: mgbx
Ramuri Etichete
kefu
/
app
/
admin
/
service
/
JwtService.php

JwtService.php 4.7 KB
Permalink Istoric Crud

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151 
  1. <?php
    2. 

  2. 

  3. namespace app\admin\service;
    4. 

  4. 

  5. use app\admin\model\User;
    6. 

  6. use think\facade\Cache;
    7. 

  7. use think\facade\Config;
    8. 

  8. use think\exception\RuntimeException;
    9. 

  9. use thans\jwt\exception\JWTException;
    10. 

  10. use thans\jwt\facade\JWT;
    11. 

  11. 

  12. class JwtService
    13. 

  13. {
    14. 

  14.     /**
    15. 

  15.      * Token 过期时间(秒),优先读取 jwt 配置文件
    16. 

  16.      * @var int
    17. 

  17.      */
    18. 

  18.     private $exp;
    19. 

  19. 

  20.     public function __construct()
    21. 

  21.     {
    22. 

  22.         // 从 thans/jwt 配置文件读取过期时间(config/jwt.php)
    23. 

  23.         $this->exp = Config::get('jwt.ttl', 7200);
    24. 

  24.     }
    25. 

  25. 

  26.     /**
    27. 

  27.      * 生成 JWT Token(适配 thans/jwt)
    28. 

  28.      * @param User $user 用户模型实例
    29. 

  29.      * @return string
    30. 

  30.      * @throws RuntimeException
    31. 

  31.      */
    32. 

  32.     public function generateToken(User $user): string
    33. 

  33.     {
    34. 

  34.         // 严格校验参数类型
    35. 

  35.         if (!$user instanceof User) {
    36. 

  36.             throw new RuntimeException('生成Token失败:必须传入 User 模型实例');
    37. 

  37.         }
    38. 

  38. 

  39.         try {
    40. 

  40.             // 构建 JWT 载荷(thans/jwt 支持数组格式)
    41. 

  41.             $payload = [
    42. 

  42.                 'sub'      => $user->id,       // 主题(用户ID)
    43. 

  43.                 'user_id'  => $user->id,       // 自定义字段:用户ID
    44. 

  44.                 'iat'      => time(),          // 签发时间
    45. 

  45.                 'exp'      => time() + $this->exp, // 过期时间
    46. 

  46.                 'iss'      => Config::get('app.app_name', 'admin_system'), // 签发者
    47. 

  47.             ];
    48. 

  48. 

  49.             // 生成 Token(thans/jwt 核心方法)
    50. 

  50.             $token = JWT::builder($payload);
    51. 

  51. 

  52.             // 缓存 Token(区分普通用户/商家)
    53. 

  53.             $cacheKey = $user->is_store == 0
    54. 

  54.                 ? "user_{$user->id}_jwt"
    55. 

  55.                 : "store_{$user->id}_jwt";
    56. 

  56.             // TP 缓存:set 方法存储,过期时间与 Token 一致
    57. 

  57.             Cache::set($cacheKey, $token, $this->exp);
    58. 

  58. 

  59.             return $token;
    60. 

  60.         } catch (JWTException $e) {
    61. 

  61.             throw new RuntimeException('生成JWT Token失败:'.$e->getMessage());
    62. 

  62.         }
    63. 

  63.     }
    64. 

  64. 

  65.     /**
    66. 

  66.      * 验证 JWT Token 有效性(适配 thans/jwt)
    67. 

  67.      * @param string $token JWT Token 字符串(支持带/不带 Bearer 前缀)
    68. 

  68.      * @return array|null 解码后的载荷数组(无效返回null)
    69. 

  69.      */
    70. 

  70.     public function validateToken(string $token): ?array
    71. 

  71.     {
    72. 

  72.         // 预处理 Token:移除 Bearer 前缀
    73. 

  73.         $token = trim(str_replace('Bearer ', '', $token));
    74. 

  74. 

  75.         if (empty($token)) {
    76. 

  76.             return null;
    77. 

  77.         }
    78. 

  78. 

  79.         try {
    80. 

  80.             // 验证并解码 Token(thans/jwt 核心方法)
    81. 

  81.             $payload = JWT::verify($token);
    82. 

  82. 

  83.             // 额外校验:缓存中的 Token 是否一致(防止注销/伪造)
    84. 

  84.             if (isset($payload['user_id'])) {
    85. 

  85.                 $user = User::find($payload['user_id']);
    86. 

  86.                 if ($user) {
    87. 

  87.                     $cacheKey = $user->is_store == 0
    88. 

  88.                         ? "user_{$user->id}_jwt"
    89. 

  89.                         : "store_{$user->id}_jwt";
    90. 

  90.                     $cacheToken = Cache::get($cacheKey);
    91. 

  91.                     // 缓存无 Token 或不一致,视为无效
    92. 

  92.                     if ($cacheToken !== $token) {
    93. 

  93.                         return null;
    94. 

  94.                     }
    95. 

  95.                 }
    96. 

  96.             }
    97. 

  97. 

  98.             return (array)$payload;
    99. 

  99.         } catch (JWTException $e) {
    100. 

  100.             // 捕获 thans/jwt 专属异常(过期、签名错误、格式错误等)
    101. 

  101.             return null;
    102. 

  102.         }
    103. 

  103.     }
    104. 

  104. 

  105.     /**
    106. 

  106.      * 注销 Token(清除缓存)
    107. 

  107.      * @param User $user 用户模型实例
    108. 

  108.      * @return bool
    109. 

  109.      */
    110. 

  110.     public function invalidateToken(User $user): bool
    111. 

  111.     {
    112. 

  112.         $cacheKey = $user->is_store == 0
    113. 

  113.             ? "user_{$user->id}_jwt"
    114. 

  114.             : "store_{$user->id}_jwt";
    115. 

  115.         return Cache::delete($cacheKey);
    116. 

  116.     }
    117. 

  117. 

  118.     /**
    119. 

  119.      * 刷新 Token(续期,thans/jwt 内置支持)
    120. 

  120.      * @param string $oldToken 旧 Token
    121. 

  121.      * @return string|null 新 Token(无效返回null)
    122. 

  122.      */
    123. 

  123.     public function refreshToken(string $oldToken): ?string
    124. 

  124.     {
    125. 

  125.         $oldToken = trim(str_replace('Bearer ', '', $oldToken));
    126. 

  126.         if (empty($oldToken)) {
    127. 

  127.             return null;
    128. 

  128.         }
    129. 

  129. 

  130.         try {
    131. 

  131.             // 验证旧 Token 并生成新 Token(自动续期)
    132. 

  132.             $newToken = JWT::refresh($oldToken);
    133. 

  133. 

  134.             // 更新缓存中的 Token
    135. 

  135.             $payload = JWT::verify($oldToken);
    136. 

  136.             if (isset($payload['user_id'])) {
    137. 

  137.                 $user = User::find($payload['user_id']);
    138. 

  138.                 if ($user) {
    139. 

  139.                     $cacheKey = $user->is_store == 0
    140. 

  140.                         ? "user_{$user->id}_jwt"
    141. 

  141.                         : "store_{$user->id}_jwt";
    142. 

  142.                     Cache::set($cacheKey, $newToken, $this->exp);
    143. 

  143.                 }
    144. 

  144.             }
    145. 

  145. 

  146.             return $newToken;
    147. 

  147.         } catch (JWTException $e) {
    148. 

  148.             return null;
    149. 

  149.         }
    150. 

  150.     }
    151. 

  151. }
    152.