jwt多个看守器认证及获取用户信息

Author: cyd622

src/Auth/LoginActionTrait.php

@@ -14,6 +14,7 @@
 use Illuminate\Support\Facades\Cache;
 use Cyd622\LaravelApi\Jobs\SaveUserTokenJob;
 use Tymon\JWTAuth\Exceptions\TokenExpiredException;
+use Tymon\JWTAuth\Facades\JWTAuth;
 
 trait LoginActionTrait
 {
@@ -51,11 +52,14 @@ protected function credentials(Request $request)
     /**
      * Get user last token
      * @param \Illuminate\Database\Eloquent\Model|\Illuminate\Contracts\Auth\Authenticatable $user
-     * @return mixed
+     * @param $guard
+     * @return string|null
      */
-    protected function getUserLastToken($user)
+    protected function getUserLastToken($user, $guard)
     {
-        $key = "User.{$user->id}:LastToken";
+        $uid = $user->getKey();
+        // User.api.1:LastToken
+        $key = sprintf("User.%s-%s:LastToken", $guard, $uid);
         return Cache::get($key);
     }
 
@@ -75,27 +79,29 @@ public function login(Request $request)
      */
     protected function authenticateClient(Request $request)
     {
-        $presentGuard = Auth::getDefaultDriver();
+        $presentGuard = $request->get('guard', Auth::getDefaultDriver());
 
         $credentials = $this->credentials($request);
 
         // add guard sign to payload.
-        $token = Auth::claims(['guard' => $presentGuard])->attempt($credentials);
+        $token = Auth::guard($presentGuard)->claims(['guard' => $presentGuard])->attempt($credentials);
 
         if ($token) {
-            $user = Auth::user();
-            $lastToken = $this->getUserLastToken($user);
+
+            $user = Auth::guard($presentGuard)->user();
+
+            $lastToken = $this->getUserLastToken($user, $presentGuard);
 
             if ($lastToken) {
                 try {
-                    Auth::setToken($lastToken)->invalidate();
+                    JWTAuth::setToken($lastToken)->invalidate();
                 } catch (TokenExpiredException $e) {
                     // Because an exception will be thrown if an expired token is
                     // invalidated again, we catch the exception without any processing.
                 }
             }
 
-            SaveUserTokenJob::dispatch($user, $token);
+            SaveUserTokenJob::dispatch($user, $token, $presentGuard);
             return $this->success($user, ['token_type' => 'Bearer', 'access_token' => $token,]);
         }
 

src/Jobs/SaveUserTokenJob.php

@@ -11,26 +11,42 @@
 
 use Illuminate\Bus\Queueable;
 use Illuminate\Contracts\Queue\ShouldQueue;
+use Illuminate\Database\Eloquent\Model;
 use Illuminate\Foundation\Bus\Dispatchable;
 use Illuminate\Queue\InteractsWithQueue;
 use Illuminate\Support\Facades\Cache;
 
 class SaveUserTokenJob implements ShouldQueue
 {
     use Dispatchable, InteractsWithQueue, Queueable;
+
+    /**
+     * @var Model
+     */
     protected $user;
+
+    /**
+     * @var string
+     */
     protected $token;
 
+    /**
+     * @var string
+     */
+    protected $guard;
+
     /**
      * Create a new job instance.
      *
      * @param $user
      * @param $token
+     * @param $guard
      */
-    public function __construct($user, $token)
+    public function __construct($user, $token, $guard)
     {
         $this->user = $user;
         $this->token = $token;
+        $this->guard = $guard;
     }
 
     /**
@@ -40,7 +56,9 @@ public function __construct($user, $token)
      */
     public function handle()
     {
-        $key = "User.{$this->user->id}:LastToken";
+        $uid = $this->user->getKey();
+        // User.api.1:LastToken
+        $key = sprintf("User.%s-%s:LastToken", $this->guard, $uid);
         Cache::forever($key, $this->token);
     }
 }

src/Middleware/RefreshTokenMiddleware.php

@@ -24,30 +24,29 @@ class RefreshTokenMiddleware extends BaseMiddleware
      * Handle an incoming request.
      * @param $request
      * @param Closure $next
+     * @param null $guard
      * @return \Illuminate\Http\JsonResponse|\Illuminate\Http\Response|mixed
-     * @throws JWTException
-     * @throws TokenInvalidException
      */
-    public function handle($request, Closure $next)
+    public function handle($request, Closure $next, $guard = null)
     {
         // Check token and throws exception
         $this->checkForToken($request);
 
         // Get default guard
-        $presentGuard = Auth::getDefaultDriver();
+        $presentGuard = $guard ?? Auth::getDefaultDriver();
 
-        $token = Auth::getToken();
+        $token = $this->auth->getToken()->get();
 
-        // Get guard from payload by token
-        $payload = Auth::manager()->getJWTProvider()->decode($token->get());
+        $authGuard = $this->auth->getClaim('guard');
 
-        if (empty($payload['guard']) || $payload['guard'] != $presentGuard) {
-            throw new TokenInvalidException();
+        if (!$authGuard || $authGuard != $presentGuard) {
+            throw new TokenInvalidException('auth guard invalid');
         }
 
         try {
 
-            if ($this->auth->parseToken()->authenticate()) {
+            if ($user = auth($authGuard)->authenticate()) {
+                $request->guard = $authGuard;
                 return $next($request);
             }
 
@@ -59,11 +58,11 @@ public function handle($request, Closure $next)
 
                 $token = $this->auth->refresh();
                 // Use once login to ensure the success of this request
-                Auth::onceUsingId($this->auth->manager()->getPayloadFactory()->buildClaimsCollection()->toPlainArray()['sub']);
+                Auth::guard($authGuard)->onceUsingId($this->auth->getClaim('sub'));
 
                 // Save user token in job
-                $user = Auth::user();
-                SaveUserTokenJob::dispatch($user, $token);
+                $user = Auth::guard($authGuard)->user();
+                SaveUserTokenJob::dispatch($user, $token, $authGuard);
 
             } catch (JWTException $exception) {
                 // All token not used. need re-login