Wallogit.com
2017 © Pedro Peláez
In order to share our authentication between multiple instance and whatever technology you use, using RWT will bring some simplicity to all that stuff. By using third part component (redis), we'll be able to check token in each microservice., (*1)
---------- ----------------
| redis | <-----| PHP worker |
---------- ----------------
^ ^
| | ---------------------
| ---------| Node instance 1 |
| ---------------------
|
| ---------------------
-------------| Node instance 2 |
---------------------
[
'scheme' => 'tcp',
'host' => 'localhost',
'port' => 6379,
'prefix' => 'sess:'
],
'custom' => [
'expire' => (60 * 60 * 4), // 4 hours
'verifyExtendsToken' => true
]
]);
// Authenticate
$token = $rwt->sign([
'username' => 'john',
'pasword' => 'doe123',
'age' => 21,
'date' => $dateToStr
], $secretKey, [
'expire' => 60 * 60 // 1 hour
]);
// Verifying token
$rwt->verify($token, $secretKey);
// Extend token
$rwt->extend($token, $secretKey);
// Destroy token
$rwt->destroy($token, $secretKey);
?>
When you require RWT, you should pass extra parameters to the function :, (*2)
| Parameter | Type | Details |
|---|---|---|
| expire | Integer | Set the token TTL in seconds |
| verifyExtendsToken | Boolean | Extend automatically the token life each time we check its validity |
Generate the redis token., (*3)
Parameters, (*4)
Check if hour token is alive an return the User object values we set at connection, if you edit user values during the session, those data may be outdated. You must call the sign method each time you update your user's values., (*5)
Parameters, (*6)
Reset the TTL of our token with default expire value in our configuration., (*7)
Parameters, (*8)
Destroy the token., (*9)
Parameters, (*10)
MIT
redis token
MIT
redis token