Thinkphp5 framework API token authentication function example

Time:2019-10-18

An example of this paper describes the API token authentication function of thinkp5 framework. To share with you for your reference, as follows:

Instructions for use: when logging in, generate token and refresh token, return to the client, the client receives and saves the local local storage, etc., each time the access interface takes token, the back-end verifies that the token exists and is consistent, and then the next action can be performed. If it does not exist, the return token expires. The client calls the refresh interface to pass token and refresh’token, and the server performs verification. Verify that by regenerating the new token to save the database and returning it to the client to refresh the local token access, the database token, expiration time and other information can be cleared when the refresh_token verification fails.

Simple token generation function (common function file)


function create_token($id,$out_time){
  return substr(md5($id.$out_time),5,26);
}

Verify login method (model)

public function checkLogin($username,$passwd){
    $driver = self::field('driver_id,passwd')->where('zhanghao',$username)->whereOr('phone',$username)->find();
    if (empty($driver)){
      $this - > error = 'account does not exist';
      return false;
    }
    if ($driver['passwd'] != md5($passwd)){
      $this - > error = "incorrect password";
      return false;
    }
    //$out_time = strtotime('+ 1 days');
    $out_time = strtotime('+ 1 minutes');
    $token = create_token($driver['driver_id'],$out_time);
    if(false===self::save(['token'=>$token,'time_out'=>$out_time],['driver_id'=>$driver['driver_id']])){
      $this - > error = 'login failed';
      return false;
    }
    $refresh_token_out_time = strtotime('+ 5 days');
    $refresh_token = create_token($driver['driver_id'],$refresh_token_out_time);
    Cache::set("token",$token,60);
    Cache:: set ("driver? ID", $driver ['driver? ID '], $refresh? Token? Out? Time); // set the expiration time of ID and the token time of update token to get user information when updating.
    Cache::set('refresh_token',$refresh_token,$refresh_token_out_time);
    return ['token'=>$token,'refresh_token'=>$refresh_token,'in_expire'=>$out_time];
}

Token refresh method (model)

public function refreshToken($refresh_token,$token){
    if (!isset(Cache::get('refresh_token')) or Cache::get('refresh_token')!=$refresh_token){
      $this - > error = 'failed to refresh token';
      return false;
    }
    $cache_driver_id = Cache::get('driver_id');
    $driver = self::field('driver_id,passwd')->where('driver_id',$cache_driver_id)->where('token',$token)->find();
    if (empty($driver)){
      $this - > error = 'parameter error';
      return false;
    }
    $out u time = strtotime ('+ 1 days'); // new expiration time
    $token = create_token ($driver ['driver_id '], $out_time); // update token
    if(false===self::save(['token'=>$token,'time_out'=>$out_time],['driver_id'=>$driver['driver_id']])){
      Cache::clear($token);
      $this - > error = 'refresh failed';
      return false;
    }
    Cache::set("token",$token,864000);
    return ['token'=>$token,'in_expire'=>$out_time];
}

Exit method (model)


public function logout($token,$refresh_token=''){
    $driver = self::field('driver_id,passwd')->where('token',$token)->find();
    self::save(['token'=>'','time_out'=>''],['token'=>$token]);
    Cache::clear('token');
    Cache::clear('refresh_token');
}

For more information about ThinkPHP, readers who are interested in it can see the following topics: introduction to ThinkPHP, summary of operation skills of ThinkPHP template, summary of common methods of ThinkPHP, introduction to CodeIgniter, advanced tutorial of CI (CodeIgniter) framework, introduction to Zend framework and technical summary of PHP template.

I hope that this article will be helpful for you to design your PHP program based on the think PHP framework.