89 lines
2.2 KiB
PHP
89 lines
2.2 KiB
PHP
<?php
|
|
|
|
declare(strict_types=1);
|
|
|
|
namespace App\Services\Auth;
|
|
|
|
use App\Models\AuthToken;
|
|
use App\Models\Client;
|
|
use Illuminate\Support\Facades\Redis;
|
|
use Illuminate\Support\Str;
|
|
|
|
class TokenService
|
|
{
|
|
private const ACCESS_TOKEN_PREFIX = 'access_token:';
|
|
private const ACCESS_TOKEN_TTL = 3600; // 1 hour in seconds
|
|
|
|
public function generateAuthToken(Client $client, ?int $expiresInDays = null): AuthToken
|
|
{
|
|
$token = AuthToken::create([
|
|
'client_id' => $client->id,
|
|
'token' => Str::random(64),
|
|
'expires_at' => $expiresInDays ? now()->addDays($expiresInDays) : null,
|
|
]);
|
|
|
|
return $token;
|
|
}
|
|
|
|
public function generateAccessToken(AuthToken $authToken): array
|
|
{
|
|
$accessToken = Str::random(64);
|
|
$expiresAt = now()->addSeconds(self::ACCESS_TOKEN_TTL);
|
|
|
|
$tokenData = [
|
|
'client_id' => $authToken->client_id,
|
|
'expires_at' => $expiresAt->toIso8601String(),
|
|
];
|
|
|
|
Redis::setex(
|
|
self::ACCESS_TOKEN_PREFIX . $accessToken,
|
|
self::ACCESS_TOKEN_TTL,
|
|
json_encode($tokenData)
|
|
);
|
|
|
|
return [
|
|
'access_token' => $accessToken,
|
|
'expires_in' => self::ACCESS_TOKEN_TTL,
|
|
];
|
|
}
|
|
|
|
public function validateAuthToken(string $token): ?AuthToken
|
|
{
|
|
$authToken = AuthToken::where('token', $token)->first();
|
|
|
|
if (!$authToken || !$authToken->isValid()) {
|
|
return null;
|
|
}
|
|
|
|
return $authToken;
|
|
}
|
|
|
|
public function validateAccessToken(string $token): ?array
|
|
{
|
|
$tokenData = Redis::get(self::ACCESS_TOKEN_PREFIX . $token);
|
|
|
|
if (!$tokenData) {
|
|
return null;
|
|
}
|
|
|
|
$data = json_decode($tokenData, true);
|
|
$expiresAt = \DateTime::createFromFormat(\DateTime::ISO8601, $data['expires_at']);
|
|
|
|
if ($expiresAt < now()) {
|
|
$this->revokeAccessToken($token);
|
|
return null;
|
|
}
|
|
|
|
return $data;
|
|
}
|
|
|
|
public function revokeAccessToken(string $token): void
|
|
{
|
|
Redis::del(self::ACCESS_TOKEN_PREFIX . $token);
|
|
}
|
|
|
|
public function revokeAuthToken(AuthToken $authToken): void
|
|
{
|
|
$authToken->delete();
|
|
}
|
|
}
|