We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
bug反馈:当把jwt的ttl设置为1分钟后,无痛刷新token存在bug,希望作者核实一下。
操作过程:
1.设置jwt的ttl为1分钟。
2.创建刷新token的middleware,以下是刷新token的中间件代码:
The text was updated successfully, but these errors were encountered:
No branches or pull requests
bug反馈:当把jwt的ttl设置为1分钟后,无痛刷新token存在bug,希望作者核实一下。
操作过程:
1.设置jwt的ttl为1分钟。
2.创建刷新token的middleware,以下是刷新token的中间件代码:
checkForToken($request); //如果格式通过,验证是否是专属于这个的token //获取当前守护的名称 $current_guard = Auth::getDefaultDriver(); //获取当前token $token = Auth::getToken(); //即使过期了,也能获取到token里的载荷信息。 $payload = Auth::manager()->getJWTProvider()->decode($token->get()); //如果不包含guard字段或者guard所对应的值与当前的guard守护值不相同,证明是不属于当前guard守护的token if(empty($payload['guard']) || $payload['guard'] != $current_guard){ throw new TokenInvalidException(); } try{ //检测用户的登录状态,如果正常则通过 if($this->auth->parseToken()->authenticate()){ return $next($request); } throw new UnauthorizedHttpException('jwt-auth','未登录'); }catch(TokenExpiredException $exception){ try{ //刷新用户的token $token = $this->auth->refresh(); //使用一次性登录以保证此次请求的成功 Auth::onceUsingId($this->auth->manager()->getPayloadFactory()->buildClaimsCollection()->toPlainArray()['sub']); //将token存入数据库 $user = Auth::user(); SaveLastTokenJob::dispatch($user,$token); }catch(JWTException $exception) { //如果捕获到此异常,即代表refresh_token也过期了,用户无法刷新令牌,需要重新登录。 throw new UnauthorizedHttpException('jwt-auth', $exception->getMessage()); } } //在响应头中返回新的token return $this->setAuthenticationHeader($next($request), $token); } } 存在的bug: 当token过期后,这行代码$this->auth->parseToken()->authenticate()始终抛出的是UnauthorizedHttpException的exception,导致该中间件无法捕获TokenExpiredException 期望结果: token过期,应该抛出的是TokenExpiredExceptionThe text was updated successfully, but these errors were encountered: