Passport，过期后刷新令牌的方法

Question

我正在使用 laravel v5.8、VueJS 和 passport v7.4 进行身份验证。 下面是我的登录功能：

  public function login(Request $request)
    {
        $validator = Validator::make($request->all(), [
            'email' => 'required|string|email',
            'password' => 'required|string',
        ]);

        if ($validator->fails()) {
            return response([
                'status' => 0,
                'message' => $validator->errors()->first()
            ]);
        }

        $credentials = request(['email', 'password']);

        if (!Auth::attempt($credentials))
            return response()->json([
                'status' => 0,
                'message' => 'Unauthorized'
            ], 401);


        $user = $request->user();

        $tokenResult = $user->createToken('authToken');
        $token = $tokenResult->token;
        $token->save();

        $user_role = Auth::user()->user_type;
        $user->assignRole($user_role);

        return response()->json([
            'status' => 1,
            'access_token' => $tokenResult->accessToken,
            'token_type' => 'Bearer',
            'expires_at' => Carbon::parse(
                $tokenResult->token->expires_at
            )->toDateTimeString(),
        ]);
    }

我的问题是我的令牌在 10 秒后过期（这是为了测试目的）。因此，如果令牌过期，我会使用 VueJS 中的以下函数检查每条路由：

 isValid(token) {
        const payload = this.payload(token);
        if (payload) {
            const datetime = Math.floor(Date.now() / 1000);
            return payload.exp >= datetime ? true : false;
        }
        return false;
    }

所以这很好，但我应该怎么做才能刷新令牌？ 我们可以制作一个中间件来自己处理吗？ 或者是否有任何方法可以检测用户是否正在积极使用应用程序，例如 在基于正常会话的身份验证中？

Answer 1

看起来你正在重新发明轮子，我建议向护照 /oauth/token 发出请求，然后返回 access_token 和刷新令牌。为了摆脱构建身份验证控制层，我正在使用 nuxtjs。

以下示例需要 guzzlehttp/guzzle 包。

<?php

namespace App\Http\Controllers\Api;

use App\Http\Controllers\Controller;
use App\Http\Resources\User;
use Illuminate\Http\Request;
use GuzzleHttp\Client;

class AuthController extends Controller
{

    /**
     * @param Request $request
     * @return \Illuminate\Http\JsonResponse
     */
    public function user(Request $request)
    {
        return response()->json(['user' => new User($request->user())]);
    }

    /**
     * @param Request $request
     * @return \Illuminate\Http\JsonResponse|\Psr\Http\Message\StreamInterface
     */
    public function login (Request $request)
    {

        $http = new Client;

        try {
            $response = $http->post(config('app.url') . '/oauth/token', [
                'form_params' => [
                    'grant_type'    => 'password',
                    'client_id'     => '2',
                    'client_secret' => 'ugjAn1BD4Cs8gAP63RqixyCOD3Z1dUrrNiEgxQtN',
                    'username'      => $request->get('email'),
                    'password'      => $request->get('password')
                ]
            ]);

            return $response->getBody();
        } catch (\GuzzleHttp\Exception\BadResponseException $e) {
            if (400 === $e->getCode()) {
                return response()->json(['message' => 'Invalid request. Please enter username and password'], $e->getCode());
            } else if (401 === $e->getCode()) {
                return response()->json([message' => 'Your credentials are incorrect. Please try again.'], $e->getCode());
            }
        }

        return response()->json(['message' => 'Something went wrong please try again later. ' . $e->getMessage()], $e->getCode());
    }

    /**
     * @param Request $request
     * @return \Illuminate\Http\JsonResponse
     */
    function logout (Request $request)
    {
        $request->user()->tokens->each(function ($token, $key) {
            $token->delete();
        });

        return response()->json(['message' => 'Logged out successfully'], 200);
    }
}