php Laravel Passport 令牌生命周期
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/42609436/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Laravel Passport token lifetime
提问by Terion
I don't get what I'm doing wrong. I can't set token expiration time.
我不明白我做错了什么。我无法设置令牌过期时间。
<?php
namespace App\Providers;
class AuthServiceProvider extends ServiceProvider
{
public function boot()
{
$this->registerPolicies();
Passport::tokensExpireIn(Carbon::now()->addDays(1));
Passport::refreshTokensExpireIn(Carbon::now()->addDays(30));
}
}
BUT when I call $user->createToken(), for example like this:
但是当我打电话时$user->createToken(),例如这样:
<?php
// as a demo
namespace App\Http\Middleware;
class ParseSpecialToken
{
public function handle($request, Closure $next)
{
$user = User::find(1);
$accessToken = $user->createToken('Some token')->accessToken;
$request->headers->add(['Authorization' => 'Bearer '. $accessToken]);
return $next($request);
}
}
Token expiration is still 1 year, not 1 day. Why? How to change exp time?
令牌到期仍然是 1 年,而不是 1 天。为什么?如何更改exp时间?
回答by vivek takrani
Here are the methods used to update expiration time for all the grant types :
以下是用于更新所有授权类型的到期时间的方法:
Personal access token:
个人访问令牌:
public function boot(){
$this->registerPolicies();
Passport::routes();
Passport::personalAccessTokensExpireIn(Carbon::now()->addHours(24));
Passport::refreshTokensExpireIn(Carbon::now()->addDays(30));
}
Rest all
休息一下
public function boot(){
$this->registerPolicies();
Passport::routes();
Passport::tokensExpireIn(Carbon::now()->addHours(24));
Passport::refreshTokensExpireIn(Carbon::now()->addDays(30));
}
Just update the above code in the boot method of AuthServiceProvider.
只需在AuthServiceProvider的boot方法中更新上面的代码即可。
回答by Sumit Anantwar
The Passport docs seem to answer this question
护照文档似乎回答了这个问题
https://laravel.com/docs/5.6/passport#token-lifetimes
https://laravel.com/docs/5.6/passport#token-lifetimes
In the bootmethod of AuthServiceProvidercall Passport::tokenExpiresIn()
在调用boot方法中AuthServiceProviderPassport::tokenExpiresIn()
public function boot()
{
$this->registerPolicies();
Passport::routes();
Passport::tokensExpireIn(now()->addDays(15));
Passport::refreshTokensExpireIn(now()->addDays(30));
}
回答by patricus
The createToken()method creates a Personal Access Token. By default, these tokens expire after 1 year (or 100 years, if created by laravel/passport <= 1.0.11). The expiration time for this type of token is not modified by the Passport::tokensExpireIn()or Passport::refreshTokensExpireIn()methods.
该createToken()方法创建个人访问令牌。默认情况下,这些令牌会在 1 年(或 100 年,如果由 laravel/passport <= 1.0.11 创建)后过期。Passport::tokensExpireIn()或Passport::refreshTokensExpireIn()方法不会修改此类令牌的到期时间。
laravel/passport >= 7.0.4
laravel/护照 >= 7.0.4
Passport version 7.0.4 added a new method Passport::personalAccessTokensExpireIn()that allows you to update the expiration time for personal access tokens. If you are on this version or later, you can add this method call to your AuthServiceProvider::boot()method.
Passport 7.0.4 版添加了一种新方法Passport::personalAccessTokensExpireIn(),允许您更新个人访问令牌的到期时间。如果您使用的是此版本或更高版本,则可以将此方法调用添加到您的AuthServiceProvider::boot()方法中。
Passport::personalAccessTokensExpireIn(Carbon::now()->addDays(1));
laravel/passport < 7.0.4
laravel/护照 < 7.0.4
If you are not yet on passport version 7.0.4, you can still modify the personal access token expiration time, but it is more manual. You will need to enable a new instance of the personal access grant with your desired expiration time. This can also be done in your AuthServiceProvider::boot()method.
如果您还没有使用 Passport 7.0.4 版本,您仍然可以修改个人访问令牌过期时间,但它更手动。您将需要启用具有所需到期时间的个人访问授权的新实例。这也可以在您的AuthServiceProvider::boot()方法中完成。
$server = $this->app->make(\League\OAuth2\Server\AuthorizationServer::class);
$server->enableGrantType(new \Laravel\Passport\Bridge\PersonalAccessGrant(), new \DateInterval('P100Y'));
Note
笔记
Modifying the expires_atfield in the database will not do anything. The real expiration date is stored inside the token itself. Also, attempting to modify the expclaim inside the JWT token will not work, since the token is signed and any modification to it will invalidate it. So, all your existing tokens will have their original expiration times, and there is no way to change that. If needed, you will need to regenerate new tokens.
修改expires_at数据库中的字段不会做任何事情。真正的到期日期存储在令牌本身内。此外,尝试修改expJWT 令牌内的声明将不起作用,因为令牌已签名并且对其进行任何修改都会使其无效。因此,您现有的所有令牌都将具有其原始到期时间,并且无法更改。如果需要,您将需要重新生成新令牌。
回答by vitsen
Please see this implementation, and herehow to replace PassportServiceProvider by your's. It worked for me with Laravel 5.5
请参阅此实现,并在这里如何通过你的更换PassportServiceProvider。它对我有用 Laravel 5.5
回答by Carlos Rodríguez
if you do
如果你这样做
$token->expires_at =
Carbon::now()->addDays(env('PERSONAL_ACCESS_TOKEN_EXPIRY__DAYS'));
then the expiration date is not checked at any request, so I think it's not a valid option for personal tokens.
然后不会根据任何请求检查到期日期,所以我认为这不是个人令牌的有效选项。
回答by Terion
Ah, figured out the personal tokens are always long-lived and this cannot be configured :(
啊,发现个人令牌总是长寿命的并且无法配置:(
回答by Andrew Servi
I was able to extend the lifetime of the Personal access token by creating a PassportServiceProvider in my project that extends the PassportServiceProvider from the laravel-passport package. Then I just added this method to override the one from the PassportServiceProvider.
我能够通过在我的项目中创建一个 PassportServiceProvider 来延长 Personal 访问令牌的生命周期,它扩展了 laravel-passport 包中的 PassportServiceProvider。然后我只是添加了这个方法来覆盖 PassportServiceProvider 中的方法。
/**
* Register the authorization server.
*
* @return void
*/
protected function registerAuthorizationServer()
{
$this->app->singleton(AuthorizationServer::class, function () {
return tap($this->makeAuthorizationServer(), function ($server) {
$server->enableGrantType(
$this->makeAuthCodeGrant(), Passport::tokensExpireIn()
);
$server->enableGrantType(
$this->makeRefreshTokenGrant(), Passport::tokensExpireIn()
);
$server->enableGrantType(
$this->makePasswordGrant(), Passport::tokensExpireIn()
);
$server->enableGrantType(
new PersonalAccessGrant(), Passport::tokensExpireIn() // this is the line that was updated from the original method
);
$server->enableGrantType(
new ClientCredentialsGrant(), Passport::tokensExpireIn()
);
if (Passport::$implicitGrantEnabled) {
$server->enableGrantType(
$this->makeImplicitGrant(), Passport::tokensExpireIn()
);
}
});
});
}
Then I just updated the provider in the app.php config file to use the one from my project.
然后我只是更新了 app.php 配置文件中的提供者以使用我项目中的提供者。
回答by maturecheese
you can do this:
你可以这样做:
$tokenResult = $user->createToken('Personal Access Token');
$token = $tokenResult->token;
$token->expires_at =
Carbon::now()->addDays(env('PERSONAL_ACCESS_TOKEN_EXPIRY__DAYS'));
$token->save();
回答by GuruAmmu
File: AuthServiceProvider.php
文件:AuthServiceProvider.php
Add these lines
添加这些行
use Laravel\Passport\Bridge\PersonalAccessGrant;
use League\OAuth2\Server\AuthorizationServer;
Add the following code in boot function
在boot函数中添加以下代码
public function boot() {
Passport::routes();
$lifetime = new \DateInterval('PT24H'); // For 24hours
$this->app->get(AuthorizationServer::class)->enableGrantType(new PersonalAccessGrant(), $lifetime);
}
回答by Kapil Pal
Yes, I just wasted one day to find this problem in VERSION = '5.8'.
是的,我只是浪费了一天在 VERSION = '5.8' 中发现了这个问题。
For now, maybe we need modifyyour-project/vendor/laravel/passport/src/Passport.php.
现在,也许我们需要修改your-project/vendor/laravel/passport/src/Passport.php。
Change this -----> new DateInterval('P1Y') . it is php function Represents a date interval.
更改此 -----> new DateInterval('P1Y') 。它是 php 函数 代表一个日期间隔。
D---> means Day Y---> means year M---> means Month
D---> 表示日 Y ---> 表示年 M ---> 表示月
three types of token in passport
护照中的三种令牌
1.tokensExpireIn in 303 line.
1.tokensExpireIn 在 303 行。
personalAccessTokensExpireIn in 341 line .
refreshTokensExpireIn in 322 line.
341 行中的personalAccessTokensExpireIn。
refreshTokensExpireIn 在 322 行。
