定制 antarctica/laravel-token-blacklist 二次开发

按需修改功能、优化性能、对接业务系统,提供一站式技术支持

邮箱:yvsm@zunyunkeji.com | QQ:316430983 | 微信:yvsm316

antarctica/laravel-token-blacklist

Composer 安装命令:

composer require antarctica/laravel-token-blacklist

包简介

Enables API tokens to be marked as invalid until natural expiry within Laravel.

README 文档

README

Enables API tokens to be marked as invalid until natural expiry within Laravel.

This package is designed not to depend on any particular auth token package (with the exception that tokens are strings). However, by default this package will rely on the antarctica/laravel-auth-token package to provide a working implementation out of the box.

This package is designed not to rely on any particular storage mechanism to record details of blacklisted tokens. However, by default this package will reply on an Eloquent model with an underlying blacklisted_token database. Again this is to provide a working implementation out of the box.

It is possible to provide your own implementation for token handling and for storing details of blacklisted tokens.

Installing

Require this package in your composer.json file:

{
	"require": {
		"antarctica/laravel-token-blacklist": "0.*"
	}
}

Run composer update.

Register the service provider in the providers array of your app/config/app.php file:

'providers' => array(

	'Antarctica\LaravelTokenBlacklist\LaravelTokenBlacklistServiceProvider',
	
)

Package dependency note

This package depends on the Indatus/dispatcher package - which replies on OS level support (enabling a cron job).

As per BASWEB-114 if using the antarctica/laravel Ansible role to provision the underlying infrastructure on which the app using this package is required, it is necessary to require this package in the app composer.json file.

i.e.

{
	"require": {
		"indatus/dispatcher": "1.4.*@dev"
	}
}

Composer will resolve the package requirements in exactly the same way, this change is only needed so Ansible is aware this package is used and that OS support should be provided for its use.

Usage

Basic usage

These steps assume the use of the default token implementation (provided by the antarctica/laravel-token-auth package) and storage implementation (using the bundled Eloquent model). To use alternatives see the custom usage section.

Create the required database table using the package migration:

php artisan migrate --package="antarctica/laravel-token-blacklist"

Finished.

Ongoing maintenance

The package will create a scheduled task ran, by default, every day at midnight. This task will automatically clear out any blacklisted tokens that have naturally expired and would be rejected anyway.

To run this maintenance command manually:

php artisan auth-tokens:delete-expired-blacklisted-tokens

Custom implementation

You can replace the default token and/or storage implementation as required.

Custom token implementation

Note: This currently isn't supported, but will be in future versions of the package [See BASWEB-118 for details].

Custom storage implementation

Custom storage implementations must implement the TokenBlacklistRepositoryInterface interface, which is commented and hopefully self descriptive. The TokenBlacklistRepositoryEloquent implementation can act as a working example.

Use a custom implementation first publish this package's configuration:

php artisan config:publish antarctica/laravel-token-blacklist

Then set the repository key to the custom implementation.

E.g.

'repository' => 'Antarctica\LaravelTokenBlacklist\Repository\TokenBlacklistRepositoryEloquent'

Contributing

This project welcomes contributions, see CONTRIBUTING for our general policy.

Developing

To aid development and keep your local computer clean, a VM (managed by Vagrant) is used to create an isolated environment with all necessary tools/libraries available.

Requirements

  • Mac OS X
  • Ansible brew install ansible
  • VMware Fusion
  • Vagrant brew cask install vmware-fusion vagrant
  • Host manager and Vagrant VMware plugins vagrant plugin install vagrant-hostmanager && vagrant plugin install vagrant-vmware-fusion
  • You have a private key id_rsa and public key id_rsa.pub in ~/.ssh/
  • You have an entry like [1] in your ~/.ssh/config

[1] SSH config entry

Host bslweb-*
    ForwardAgent yes
    User app
    IdentityFile ~/.ssh/id_rsa
    Port 22

Provisioning development VM

VMs are managed using Vagrant and configured by Ansible.

$ git clone ssh://git@stash.ceh.ac.uk:7999/basweb/laravel-token-blacklist.git
$ cp ~/.ssh/id_rsa.pub laravel-token-blacklist/provisioning/public_keys/
$ cd laravel-token-blacklist
$ ./armadillo_standin.sh

$ vagrant up

$ ssh bslweb-laravel-token-blacklist-dev-node1
$ cd /app

$ composer install

$ logout

Committing changes

The Git flow workflow is used to manage development of this package.

Discrete changes should be made within feature branches, created from and merged back into develop (where small one-line changes may be made directly).

When ready to release a set of features/changes create a release branch from develop, update documentation as required and merge into master with a tagged, semantic version (e.g. v1.2.3).

After releases the master branch should be merged with develop to restart the process. High impact bugs can be addressed in hotfix branches, created from and merged into master directly (and then into develop).

Issue tracking

Issues, bugs, improvements, questions, suggestions and other tasks related to this package are managed through the BAS Web & Applications Team Jira project (BASWEB).

Clean up

To remove the development VM:

vagrant halt
vagrant destroy

The laravel-token-blacklist directory can then be safely deleted as normal.

License

Copyright 2015 NERC BAS. Licensed under the MIT license, see LICENSE for details.

antarctica/laravel-token-blacklist 适用场景与选型建议

antarctica/laravel-token-blacklist 是一款 基于 PHP 开发的 Composer 扩展包,目前已累计 76 次下载、GitHub Stars 达 1, 最近一次更新时间为 2015 年 01 月 07 日, 在 PHP 生态内属于活跃度较高的组件。

我们在过去多个企业项目中使用过 antarctica/laravel-token-blacklist 或与其功能相近的方案,如果你在选型或落地过程中遇到问题,例如 版本兼容、二次改造、私有化封装、与内部系统对接、生产 BUG 排查,欢迎联系我们协助评估。

围绕 antarctica/laravel-token-blacklist 我们能提供哪些服务?
定制开发 / 二次开发

基于 antarctica/laravel-token-blacklist 在你已有业务上做功能扩展、字段裁剪、UI 适配、与内部账号 / 权限 / 日志系统的深度对接。

BUG 修复 & 性能优化

线上偶发问题、内存泄漏、慢查询、并发异常等排查修复;针对高流量场景做缓存、队列、索引层面的调优。

项目外包 & 长期维护

承接完整的项目从需求 → 设计 → 开发 → 上线 → 长期运维;也可按月提供技术保姆服务。

yvsm@zunyunkeji.com QQ:316430983 微信:yvsm316 西安尊云信息科技 · 专注 PHP / Go / 分布式系统研发

统计信息

  • 总下载量: 76
  • 月度下载量: 0
  • 日度下载量: 0
  • 收藏数: 1
  • 点击次数: 17
  • 依赖项目数: 1
  • 推荐数: 0

GitHub 信息

  • Stars: 1
  • Watchers: 2
  • Forks: 0
  • 开发语言: PHP

其他信息

  • 授权协议: MIT
  • 更新时间: 2015-01-07