From c67c1f3da325faba91d8ef9b8888a9b4c1eae54f Mon Sep 17 00:00:00 2001 From: Hossein Azizabadi Farahani Date: Sun, 8 Dec 2024 13:38:54 +0330 Subject: [PATCH] Add refresh token service for company and put company data to user login section, And check company_id in token and cache is same --- data/user.global.php.dist | 11 +++++++++++ src/Middleware/AuthenticationMiddleware.php | 3 ++- src/Service/AccountService.php | 15 +++++++++------ src/Service/TokenService.php | 2 ++ 4 files changed, 24 insertions(+), 7 deletions(-) diff --git a/data/user.global.php.dist b/data/user.global.php.dist index 5dd7736..a65322d 100644 --- a/data/user.global.php.dist +++ b/data/user.global.php.dist @@ -54,6 +54,17 @@ return [ 'private_key' => '', // PATH_TO_FILE 'iss' => $baseUrl, 'aud' => $baseUrl, + 'additional' => [ + 'company_id', + 'company_title', + 'identity', + 'email', + 'name', + 'first_name', + 'last_name', + 'avatar', + 'roles', + ], ], 'account' => [ 'otp_email' => [ diff --git a/src/Middleware/AuthenticationMiddleware.php b/src/Middleware/AuthenticationMiddleware.php index 7c883ac..c507018 100644 --- a/src/Middleware/AuthenticationMiddleware.php +++ b/src/Middleware/AuthenticationMiddleware.php @@ -104,7 +104,7 @@ public function process(ServerRequestInterface $request, RequestHandlerInterface $type = 'access'; if ( isset($routeParams['module']) - && $routeParams['module'] == 'user' + && in_array($routeParams['module'], ['user', 'company']) && isset($routeParams['handler']) && $routeParams['handler'] == 'refresh' ) { @@ -179,6 +179,7 @@ public function process(ServerRequestInterface $request, RequestHandlerInterface $request = $request->withAttribute('account', $user['account']); $request = $request->withAttribute('roles', $user['roles']); $request = $request->withAttribute('token_id', $tokenParsed['id']); + $request = $request->withAttribute('token_data', $tokenParsed['data']); $request = $request->withAttribute('current_token', $token); return $handler->handle($request); } diff --git a/src/Service/AccountService.php b/src/Service/AccountService.php index 60fcd6d..a691687 100644 --- a/src/Service/AccountService.php +++ b/src/Service/AccountService.php @@ -307,6 +307,10 @@ public function postLoginSuccess($account, $params): array $account['roles'] = $this->roleService->getRoleAccount((int)$account['id']); $account['roles_full'] = $this->roleService->canonizeAccountRole($account['roles']); + // Set company to account if exist + $account['company_id'] = $user['authorization']['company_id'] ?? 0; + $account['company_title'] = $user['authorization']['company']['title'] ?? ''; + // Generate access token $accessToken = $this->tokenService->encryptToken( [ @@ -1854,20 +1858,19 @@ public function deleteUserByAdmin($params, array $operator = []): array * * @return array */ - public function refreshToken($params): array + public function refreshToken($account, $tokenOldId): array { + // Generate new token $accessToken = $this->tokenService->encryptToken( [ - 'user_id' => $params['user_id'], + 'account' => $account, 'type' => 'access', - 'roles' => [ - 'member', - ], ] ); // Update cache - $this->cacheService->setUserItem($params['user_id'], 'access_keys', $accessToken['key']); + $this->cacheService->setUserItem($account['id'], 'access_keys', $accessToken['key']); + $this->cacheService->deleteUserItem($account['id'], 'access_keys', $tokenOldId); // Set result array return [ diff --git a/src/Service/TokenService.php b/src/Service/TokenService.php index de5e05c..d79851b 100644 --- a/src/Service/TokenService.php +++ b/src/Service/TokenService.php @@ -77,6 +77,7 @@ public function decryptToken($token): array 'id' => $decoded->id, 'user_id' => $decoded->uid, 'type' => $decoded->type, + 'data' => (array)$decoded, ]; } elseif ( !empty($decoded) @@ -89,6 +90,7 @@ public function decryptToken($token): array 'id' => $decoded->id, 'user_id' => $decoded->uid, 'type' => $decoded->type, + 'data' => (array)$decoded, ]; } else { return [