tourze / access-token-bundle
Token管理
Installs: 840
Dependents: 1
Suggesters: 0
Security: 0
Stars: 0
Watchers: 1
Forks: 0
Open Issues: 0
Type:symfony-bundle
Requires
- php: ^8.1
- doctrine/dbal: ^4.0
- doctrine/doctrine-bundle: ^2.13
- doctrine/orm: ^3.0
- doctrine/persistence: ^3.1 || ^4
- symfony/config: ^6.4
- symfony/console: ^6.4
- symfony/dependency-injection: ^6.4
- symfony/doctrine-bridge: ^6.4
- symfony/framework-bundle: ^6.4
- symfony/http-foundation: ^6.4
- symfony/http-kernel: ^6.4
- symfony/routing: ^6.4
- symfony/security-core: ^6.4
- symfony/security-http: ^6.4
- symfony/yaml: ^6.4 || ^7.1
- tourze/symfony-routing-auto-loader-bundle: 0.0.*
Requires (Dev)
- phpstan/phpstan: ^2.1
- phpunit/phpunit: ^10.0
This package is auto-updated.
Last update: 2025-05-26 10:18:16 UTC
README
Token Management
Installation
composer require tourze/access-token-bundle
Usage
Basic Usage
- Create access token
use AccessTokenBundle\Service\AccessTokenService; // Inject service $accessTokenService = $container->get(AccessTokenService::class); // Create token for user $token = $accessTokenService->createToken($user, 3600, 'iOS App'); echo $token->getToken(); // Output token value
- Validate access token
// Validate and extend token $validToken = $accessTokenService->validateAndExtendToken($tokenValue, 3600); if ($validToken) { // Token is valid $user = $validToken->getUser(); }
- Revoke token
$accessTokenService->revokeToken($token);
Command Line Tools
- Create access token
php bin/console app:create-access-token username --expires=3600 --device="Mobile App"
- Cleanup expired tokens
php bin/console app:cleanup-access-tokens
php bin/console app:cleanup-access-tokens --dry-run # View only, don't delete
API Endpoints
The bundle provides the following API endpoints:
GET /api/user
- Get current user informationGET /api/tokens
- Get all tokens for current userPOST /api/token/revoke/{id}
- Revoke specified tokenGET /api/test
- Test API access
Configuration
Environment Variables
Configure the following environment variables in your .env
file:
# Access token renewal time (seconds), default 3600 seconds (1 hour) ACCESS_TOKEN_RENEWAL_TIME=3600 # Prevent multiple login, default true (prevent multiple login) # true: Creating new token will automatically revoke all existing tokens for the user # false: Allow user to have multiple valid tokens simultaneously ACCESS_TOKEN_PREVENT_MULTIPLE_LOGIN=true
Security Configuration
Configure access token authentication in config/packages/security.yaml
:
security: firewalls: api: pattern: ^/api stateless: true access_token: token_handler: AccessTokenBundle\Service\AccessTokenHandler
Database Configuration
Make sure to run database migrations to create the access token table:
php bin/console doctrine:migrations:migrate
Examples
Complete Login Flow Example
use AccessTokenBundle\Service\AccessTokenService; use Symfony\Component\HttpFoundation\JsonResponse; class AuthController extends AbstractController { public function login( Request $request, UserPasswordHasherInterface $passwordHasher, AccessTokenService $accessTokenService ): JsonResponse { $username = $request->request->get('username'); $password = $request->request->get('password'); // Validate user credentials $user = $this->userRepository->findOneBy(['username' => $username]); if (!$user || !$passwordHasher->isPasswordValid($user, $password)) { return $this->json(['error' => 'Invalid username or password'], 401); } // Create access token $deviceInfo = $request->headers->get('User-Agent'); $token = $accessTokenService->createToken($user, 86400, $deviceInfo); return $this->json([ 'access_token' => $token->getToken(), 'expires_at' => $token->getExpiresAt()->format('Y-m-d H:i:s'), 'user' => [ 'id' => $user->getId(), 'username' => $user->getUsername(), ] ]); } }
Using Access Token to Call API
# Use Bearer Token authentication curl -H "Authorization: Bearer your_access_token_here" \ http://localhost/api/user
Prevent Multiple Login Example
When ACCESS_TOKEN_PREVENT_MULTIPLE_LOGIN=true
:
// User first login $token1 = $accessTokenService->createToken($user, 3600, 'Web Browser'); // User login on another device, previous token will be automatically revoked $token2 = $accessTokenService->createToken($user, 3600, 'Mobile App'); // Now $token1 is invalid, only $token2 is valid
When ACCESS_TOKEN_PREVENT_MULTIPLE_LOGIN=false
:
// User can have multiple valid tokens simultaneously $token1 = $accessTokenService->createToken($user, 3600, 'Web Browser'); $token2 = $accessTokenService->createToken($user, 3600, 'Mobile App'); // Both $token1 and $token2 remain valid