/** * 验证token * @return bool true为合法,false为非法 */ protected function verifyToken() { $request = new Request(); $token = $request->getHeader('singou-token'); //如果token不为空则检查,为空放行 if (!empty($token)) { $model_token = new Token(); $dbToken = $model_token->findFirst(array('token' => $token)); $offset = time() - intval($dbToken->expire()); if ($offset < 0) { return false; } return true; } }
public function logout() { $token = parent::verifyToken(); if (false == $token) { return parent::tokenError(); } if (!empty($token->logout_time)) { return parent::tokenError(); } $dbToken = Token::findFirst("token='" . $token->token . "'"); if (false == $dbToken->delete()) { return parent::serverError(); } $this->session->destroy($token->token); // 删除缓存中的token return parent::success(); }
/** * @api {post} /token 登录获得token * @apiUse header * * @apiName logout * @apiGroup Token * @apiVersion 1.0.0 * * @apiSuccess {Array} empty_array 空数组,无实际意义 * * @apiUse errorExample */ public function logout() { $token = $this->session->get('token'); if (false == $token) { return parent::tokenError(); } if (!empty($token->logout_time)) { return parent::tokenError(); } $dbToken = Token::findFirst("token='" . $token->token . "'"); $dbToken->logout_time = time(); if (false == $dbToken->delete()) { return parent::serverError(); } $this->session->set('token', null); // 设置token为null return parent::success(); }
/** * 验证token * @return bool false为非法 否则返回储存在数据库的token值 */ public function verifyToken() { $request = new Request(); $token = $request->getHeader('token'); if (!empty($token)) { session_id($token); $cacheToken = $this->session->get('token'); //从session中取得token if (null == $cacheToken) { $tokenModel = new Token(); // 避免缓存失效,再去数据库里面拿 $cacheToken = $tokenModel->findFirst("token='" . $token . "'"); if (false == $cacheToken) { return false; } else { $this->session->set('token', $token); // 再次存进session中去 } } $offset = time() - intval($cacheToken->expire); if ($offset > 0) { // 过期 $this->session->set('token', null); return false; } if (!empty($cacheToken->logout_time)) { // 已经退出登录 $this->session->set('token', null); return false; } return $cacheToken; } // 为空,直接返回false return false; }