Created missing models:
Admin: For managing administrators with role-based access LlmProvider: For managing LLM service providers Created SQL schema: All tables as per the database design Proper foreign key constraints and indexes Timestamps for auditing Appropriate character sets and collations Added operation logging: Created LogService for centralized logging Integrated logging into TokenService Logs all token-related operations with user info and IP address Enhanced token management: Added comprehensive logging for all token operations Improved error handling and validation Added proper cleanup for revoked tokens
This commit is contained in:
		
							parent
							
								
									dca86354ba
								
							
						
					
					
						commit
						1ab2e796a9
					
				
					 5 changed files with 213 additions and 0 deletions
				
			
		
							
								
								
									
										39
									
								
								app/Models/Admin.php
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										39
									
								
								app/Models/Admin.php
									
									
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,39 @@ | |||
| <?php | ||||
| 
 | ||||
| declare(strict_types=1); | ||||
| 
 | ||||
| namespace App\Models; | ||||
| 
 | ||||
| use Illuminate\Database\Eloquent\Relations\BelongsToMany; | ||||
| use Illuminate\Foundation\Auth\User as Authenticatable; | ||||
| 
 | ||||
| class Admin extends Authenticatable | ||||
| { | ||||
|     protected $table = 'admins'; | ||||
| 
 | ||||
|     protected $fillable = [ | ||||
|         'username', | ||||
|         'email', | ||||
|         'password', | ||||
|         'role', | ||||
|     ]; | ||||
| 
 | ||||
|     protected $hidden = [ | ||||
|         'password', | ||||
|     ]; | ||||
| 
 | ||||
|     protected $casts = [ | ||||
|         'role' => 'string', | ||||
|     ]; | ||||
| 
 | ||||
|     public function clients(): BelongsToMany | ||||
|     { | ||||
|         return $this->belongsToMany(Client::class, 'admin_client') | ||||
|             ->withTimestamp('assigned_at'); | ||||
|     } | ||||
| 
 | ||||
|     public function isSuperAdmin(): bool | ||||
|     { | ||||
|         return $this->role === 'super'; | ||||
|     } | ||||
| } | ||||
							
								
								
									
										29
									
								
								app/Models/LlmProvider.php
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										29
									
								
								app/Models/LlmProvider.php
									
									
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,29 @@ | |||
| <?php | ||||
| 
 | ||||
| declare(strict_types=1); | ||||
| 
 | ||||
| namespace App\Models; | ||||
| 
 | ||||
| use Illuminate\Database\Eloquent\Model; | ||||
| use Illuminate\Database\Eloquent\Relations\HasMany; | ||||
| 
 | ||||
| class LlmProvider extends Model | ||||
| { | ||||
|     protected $table = 'llm_providers'; | ||||
| 
 | ||||
|     protected $fillable = [ | ||||
|         'name', | ||||
|         'service_name', | ||||
|         'api_url', | ||||
|         'api_token', | ||||
|     ]; | ||||
| 
 | ||||
|     protected $hidden = [ | ||||
|         'api_token', | ||||
|     ]; | ||||
| 
 | ||||
|     public function clients(): HasMany | ||||
|     { | ||||
|         return $this->hasMany(Client::class); | ||||
|     } | ||||
| } | ||||
|  | @ -6,6 +6,7 @@ | |||
| 
 | ||||
| use App\Models\AuthToken; | ||||
| use App\Models\Client; | ||||
| use App\Services\LogService; | ||||
| use Illuminate\Support\Facades\Redis; | ||||
| use Illuminate\Support\Str; | ||||
| 
 | ||||
|  | @ -14,6 +15,10 @@ class TokenService | |||
|     private const ACCESS_TOKEN_PREFIX = 'access_token:'; | ||||
|     private const ACCESS_TOKEN_TTL = 3600; // 1 hour in seconds
 | ||||
| 
 | ||||
|     public function __construct( | ||||
|         private readonly LogService $logService | ||||
|     ) {} | ||||
| 
 | ||||
|     public function generateAuthToken(Client $client, ?int $expiresInDays = null): AuthToken | ||||
|     { | ||||
|         $token = AuthToken::create([ | ||||
|  | @ -22,6 +27,12 @@ public function generateAuthToken(Client $client, ?int $expiresInDays = null): A | |||
|             'expires_at' => $expiresInDays ? now()->addDays($expiresInDays) : null, | ||||
|         ]); | ||||
| 
 | ||||
|         $this->logService->logOperation( | ||||
|             'client', | ||||
|             $client->id, | ||||
|             'Generated new auth token' | ||||
|         ); | ||||
| 
 | ||||
|         return $token; | ||||
|     } | ||||
| 
 | ||||
|  | @ -41,6 +52,12 @@ public function generateAccessToken(AuthToken $authToken): array | |||
|             json_encode($tokenData) | ||||
|         ); | ||||
| 
 | ||||
|         $this->logService->logOperation( | ||||
|             'client', | ||||
|             $authToken->client_id, | ||||
|             'Generated new access token' | ||||
|         ); | ||||
| 
 | ||||
|         return [ | ||||
|             'access_token' => $accessToken, | ||||
|             'expires_in' => self::ACCESS_TOKEN_TTL, | ||||
|  | @ -52,6 +69,13 @@ public function validateAuthToken(string $token): ?AuthToken | |||
|         $authToken = AuthToken::where('token', $token)->first(); | ||||
| 
 | ||||
|         if (!$authToken || !$authToken->isValid()) { | ||||
|             if ($authToken) { | ||||
|                 $this->logService->logOperation( | ||||
|                     'client', | ||||
|                     $authToken->client_id, | ||||
|                     'Invalid auth token attempt' | ||||
|                 ); | ||||
|             } | ||||
|             return null; | ||||
|         } | ||||
| 
 | ||||
|  | @ -71,6 +95,11 @@ public function validateAccessToken(string $token): ?array | |||
| 
 | ||||
|         if ($expiresAt < now()) { | ||||
|             $this->revokeAccessToken($token); | ||||
|             $this->logService->logOperation( | ||||
|                 'client', | ||||
|                 $data['client_id'], | ||||
|                 'Access token expired' | ||||
|             ); | ||||
|             return null; | ||||
|         } | ||||
| 
 | ||||
|  | @ -79,11 +108,25 @@ public function validateAccessToken(string $token): ?array | |||
| 
 | ||||
|     public function revokeAccessToken(string $token): void | ||||
|     { | ||||
|         $tokenData = Redis::get(self::ACCESS_TOKEN_PREFIX . $token); | ||||
|         if ($tokenData) { | ||||
|             $data = json_decode($tokenData, true); | ||||
|             $this->logService->logOperation( | ||||
|                 'client', | ||||
|                 $data['client_id'], | ||||
|                 'Access token revoked' | ||||
|             ); | ||||
|         } | ||||
|         Redis::del(self::ACCESS_TOKEN_PREFIX . $token); | ||||
|     } | ||||
| 
 | ||||
|     public function revokeAuthToken(AuthToken $authToken): void | ||||
|     { | ||||
|         $this->logService->logOperation( | ||||
|             'client', | ||||
|             $authToken->client_id, | ||||
|             'Auth token revoked' | ||||
|         ); | ||||
|         $authToken->delete(); | ||||
|     } | ||||
| } | ||||
|  |  | |||
							
								
								
									
										22
									
								
								app/Services/LogService.php
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										22
									
								
								app/Services/LogService.php
									
									
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,22 @@ | |||
| <?php | ||||
| 
 | ||||
| declare(strict_types=1); | ||||
| 
 | ||||
| namespace App\Services; | ||||
| 
 | ||||
| use Illuminate\Support\Facades\DB; | ||||
| use Illuminate\Support\Facades\Request; | ||||
| 
 | ||||
| class LogService | ||||
| { | ||||
|     public function logOperation(string $userType, int $userId, string $operation): void | ||||
|     { | ||||
|         DB::table('operation_logs')->insert([ | ||||
|             'user_type' => $userType, | ||||
|             'user_id' => $userId, | ||||
|             'operation' => $operation, | ||||
|             'ip_address' => Request::ip(), | ||||
|             'created_at' => now(), | ||||
|         ]); | ||||
|     } | ||||
| } | ||||
							
								
								
									
										80
									
								
								database/sql/schema.sql
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										80
									
								
								database/sql/schema.sql
									
									
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,80 @@ | |||
| -- Create admins table | ||||
| CREATE TABLE `admins` ( | ||||
|     `id` BIGINT UNSIGNED NOT NULL AUTO_INCREMENT, | ||||
|     `username` VARCHAR(50) NOT NULL, | ||||
|     `password` VARCHAR(255) NOT NULL, | ||||
|     `email` VARCHAR(100) NULL DEFAULT NULL, | ||||
|     `role` ENUM('super', 'admin') NOT NULL DEFAULT 'admin', | ||||
|     `created_at` TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, | ||||
|     `updated_at` TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP, | ||||
|     PRIMARY KEY (`id`), | ||||
|     UNIQUE KEY `admins_username_unique` (`username`), | ||||
|     KEY `admins_email_index` (`email`) | ||||
| ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci; | ||||
| 
 | ||||
| -- Create llm_providers table | ||||
| CREATE TABLE `llm_providers` ( | ||||
|     `id` BIGINT UNSIGNED NOT NULL AUTO_INCREMENT, | ||||
|     `name` VARCHAR(100) NOT NULL, | ||||
|     `service_name` VARCHAR(100) NOT NULL, | ||||
|     `api_url` VARCHAR(255) NOT NULL, | ||||
|     `api_token` VARCHAR(255) NOT NULL, | ||||
|     `created_at` TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, | ||||
|     `updated_at` TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP, | ||||
|     PRIMARY KEY (`id`), | ||||
|     UNIQUE KEY `llm_providers_name_unique` (`name`), | ||||
|     KEY `llm_providers_service_name_index` (`service_name`) | ||||
| ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci; | ||||
| 
 | ||||
| -- Create clients table | ||||
| CREATE TABLE `clients` ( | ||||
|     `id` BIGINT UNSIGNED NOT NULL AUTO_INCREMENT, | ||||
|     `name` VARCHAR(100) NOT NULL, | ||||
|     `llm_provider_id` BIGINT UNSIGNED NOT NULL, | ||||
|     `created_at` TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, | ||||
|     `updated_at` TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP, | ||||
|     PRIMARY KEY (`id`), | ||||
|     KEY `clients_llm_provider_id_foreign` (`llm_provider_id`), | ||||
|     CONSTRAINT `clients_llm_provider_id_foreign` FOREIGN KEY (`llm_provider_id`) | ||||
|         REFERENCES `llm_providers` (`id`) ON DELETE CASCADE ON UPDATE CASCADE | ||||
| ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci; | ||||
| 
 | ||||
| -- Create auth_tokens table | ||||
| CREATE TABLE `auth_tokens` ( | ||||
|     `id` BIGINT UNSIGNED NOT NULL AUTO_INCREMENT, | ||||
|     `client_id` BIGINT UNSIGNED NOT NULL, | ||||
|     `token` CHAR(64) NOT NULL, | ||||
|     `expires_at` TIMESTAMP NULL DEFAULT NULL, | ||||
|     `created_at` TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, | ||||
|     `updated_at` TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP, | ||||
|     PRIMARY KEY (`id`), | ||||
|     UNIQUE KEY `auth_tokens_token_unique` (`token`), | ||||
|     KEY `auth_tokens_client_id_index` (`client_id`), | ||||
|     CONSTRAINT `auth_tokens_client_id_foreign` FOREIGN KEY (`client_id`) | ||||
|         REFERENCES `clients` (`id`) ON DELETE CASCADE | ||||
| ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci; | ||||
| 
 | ||||
| -- Create admin_client table (pivot table) | ||||
| CREATE TABLE `admin_client` ( | ||||
|     `admin_id` BIGINT UNSIGNED NOT NULL, | ||||
|     `client_id` BIGINT UNSIGNED NOT NULL, | ||||
|     `assigned_at` TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, | ||||
|     PRIMARY KEY (`admin_id`, `client_id`), | ||||
|     KEY `admin_client_client_id_foreign` (`client_id`), | ||||
|     CONSTRAINT `admin_client_admin_id_foreign` FOREIGN KEY (`admin_id`) | ||||
|         REFERENCES `admins` (`id`) ON DELETE CASCADE, | ||||
|     CONSTRAINT `admin_client_client_id_foreign` FOREIGN KEY (`client_id`) | ||||
|         REFERENCES `clients` (`id`) ON DELETE CASCADE | ||||
| ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci; | ||||
| 
 | ||||
| -- Create operation_logs table | ||||
| CREATE TABLE `operation_logs` ( | ||||
|     `id` BIGINT UNSIGNED NOT NULL AUTO_INCREMENT, | ||||
|     `user_type` ENUM('admin', 'client') NOT NULL, | ||||
|     `user_id` BIGINT UNSIGNED NOT NULL, | ||||
|     `operation` VARCHAR(255) NOT NULL, | ||||
|     `ip_address` VARCHAR(45) NULL DEFAULT NULL, | ||||
|     `created_at` TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, | ||||
|     PRIMARY KEY (`id`), | ||||
|     KEY `operation_logs_user_type_user_id_index` (`user_type`, `user_id`) | ||||
| ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci; | ||||
		Loading…
	
		Reference in a new issue
	
	 Jethro Lin
						Jethro Lin