mirror of
https://github.com/openvk/openvk
synced 2024-11-14 11:09:12 +03:00
feat(API): implement token re-use mechanism
This commit is contained in:
parent
939ea30262
commit
0b80c0a6a8
3 changed files with 53 additions and 6 deletions
|
@ -1,8 +1,11 @@
|
|||
<?php declare(strict_types=1);
|
||||
namespace openvk\ServiceAPI;
|
||||
|
||||
use openvk\Web\Models\Entities\APIToken;
|
||||
use openvk\Web\Models\Entities\User;
|
||||
use openvk\Web\Models\Repositories\APITokens;
|
||||
use openvk\Web\Models\Repositories\Applications;
|
||||
use WhichBrowser;
|
||||
|
||||
class Apps implements Handler
|
||||
{
|
||||
|
@ -89,4 +92,25 @@ class Apps implements Handler
|
|||
$app->withdrawCoins();
|
||||
$resolve($coins);
|
||||
}
|
||||
|
||||
function getRegularToken(string $clientName, bool $acceptsStale, callable $resolve, callable $reject): void
|
||||
{
|
||||
$token = NULL;
|
||||
$stale = true;
|
||||
if($acceptsStale)
|
||||
$token = (new APITokens)->getStaleByUser($this->user->getId(), $clientName);
|
||||
|
||||
if(is_null($token)) {
|
||||
$stale = false;
|
||||
$token = new APIToken;
|
||||
$token->setUser($this->user);
|
||||
$token->setPlatform($clientName ?? (new WhichBrowser\Parser(getallheaders()))->toString());
|
||||
$token->save();
|
||||
}
|
||||
|
||||
$resolve([
|
||||
'is_stale' => $stale,
|
||||
'token' => $token->getFormattedToken(),
|
||||
]);
|
||||
}
|
||||
}
|
|
@ -23,4 +23,13 @@ class APITokens extends Repository
|
|||
|
||||
return $token;
|
||||
}
|
||||
|
||||
function getStaleByUser(int $userId, string $platform, bool $withRevoked = false): ?APIToken
|
||||
{
|
||||
return $this->toEntity($this->table->where([
|
||||
'user' => $userId,
|
||||
'platform' => $platform,
|
||||
'deleted' => $withRevoked,
|
||||
])->fetch());
|
||||
}
|
||||
}
|
||||
|
|
|
@ -286,17 +286,31 @@ final class VKAPIPresenter extends OpenVKPresenter
|
|||
$this->fail(28, "Invalid 2FA code", "internal", "acquireToken");
|
||||
}
|
||||
|
||||
$token = NULL;
|
||||
$tokenIsStale = true;
|
||||
$platform = $this->requestParam("client_name");
|
||||
$acceptsStale = $this->requestParam("accepts_stale");
|
||||
if($acceptsStale == "1") {
|
||||
if(is_null($platform))
|
||||
$this->fail(101, "accepts_stale can only be used with explicitly set client_name", "internal", "acquireToken");
|
||||
|
||||
$token = (new APITokens)->getStaleByUser($uId, $platform);
|
||||
}
|
||||
|
||||
if(is_null($token)) {
|
||||
$tokenIsStale = false;
|
||||
|
||||
$token = new APIToken;
|
||||
$token->setUser($user);
|
||||
$token->setPlatform($platform ?? (new WhichBrowser\Parser(getallheaders()))->toString());
|
||||
$token->save();
|
||||
}
|
||||
|
||||
$payload = json_encode([
|
||||
"access_token" => $token->getFormattedToken(),
|
||||
"expires_in" => 0,
|
||||
"user_id" => $uId,
|
||||
"is_stale" => $tokenIsStale,
|
||||
]);
|
||||
|
||||
$size = strlen($payload);
|
||||
|
|
Loading…
Reference in a new issue