Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

获取方式建议 #19

Open
abigsoft opened this issue Jan 7, 2024 · 6 comments
Open

获取方式建议 #19

abigsoft opened this issue Jan 7, 2024 · 6 comments
Labels
good first issue Good for newcomers help wanted Extra attention is needed

Comments

@abigsoft
Copy link

abigsoft commented Jan 7, 2024

1、建议增加GET的获取方式,有的项目并不是从header里放。
2、建议增加验证方法,入参是token和uid,判断两个是否相同
@abigsoft
Copy link
Author

abigsoft commented Jan 7, 2024

我的项目有个场景:
连接websocket,连接的时候有个get参数取到token,要根据这个参数获取到uid进行绑定client_id
希望能得到升级支持

@Tinywan Tinywan added help wanted Extra attention is needed good first issue Good for newcomers labels Jan 7, 2024
@Tinywan
Copy link
Owner

Tinywan commented Jan 7, 2024

第二个:2、建议增加验证方法,入参是token和uid,判断两个是否相同 。没太理解什么意思?

@abigsoft
Copy link
Author

abigsoft commented Jan 8, 2024

我目前是用:
$uid = \Tinywan\Jwt\JwtToken::verify(1,$data['get']['token'])['extend']['id'];
解出来的uid跟socket绑定的uid进行比较,验证这个token与socket绑定的uid是否相同,不相同则关闭socket连接,希望能有个内置方法直接判断

@Tinywan
Copy link
Owner

Tinywan commented Jan 8, 2024
edited
Loading

JWT不是你这么使用的,你只负责获取就行了,不需要自己验证令牌。

$userId = \Tinywan\Jwt\JwtToken::getCurrentId();
if (0 === $request->userId) {
    throw new ForbiddenHttpException();
}
...
继续下一步

你可以在连接websocket的回调事件里面加上这个判断,例如,如果获取不到uid则抛出异常或者关闭当前客户端。

@abigsoft
Copy link
Author

abigsoft commented Jan 8, 2024

因为第一条,token是放在get里的,所以没法用getCurrentId取到

Tinywan added a commit that referenced this issue Jan 9, 2024
@Tinywan
feat: #19 增加GET方式获取令牌,有的项目并不是从header里
b5d9dc1
@Tinywan
Copy link
Owner

Tinywan commented Jan 9, 2024

最新版本已支持。https://github.com/Tinywan/webman-jwt/releases/tag/v1.9.0

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
good first issue Good for newcomers help wanted Extra attention is needed
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@Tinywan @abigsoft