我正在Lumen开发微服务。该微服务将使用Auth Microservice生成API Key或ClientID/Secret(JWT TOKEN)。
每当具有有效Token或API Key的客户发送API调用时,我都想使用Auth Microservice进行验证。
出于验证目的,我创建了
/api/oauth/verify - with encrypted TOKEN in header in Auth Microservice
此端点将在验证后返回id个用户。
这是我在微服务中间件上执行的用于发送令牌进行验证的代码
$newEncrypter = new \Illuminate\Encryption\Encrypter( config('app.key'), Config::get( 'app.cipher' ) );
$encryptedBearerToken = $newEncrypter->encrypt( $request->bearerToken() );
//dd($bearerToken);
$client = new Client(
[
'headers' => [
'Accept' => 'application/json',
'Authorization' => 'Bearer ' . $request->bearerToken()
],
'verify' => false
]);
$response = $client->post($url, ['json' => ['token' => $encryptedBearerToken]])->getBody()->getContents();
$response = json_decode($response);
$request->user = $response;
Auth微服务中间件代码
$bearerToken = $request->bearerToken();
$encryptedToken = $request->token;
if(!empty($encryptedToken))
{
$newEncrypter = new \Illuminate\Encryption\Encrypter( config('app.message_key'), Config::get( 'app.cipher' ) );
$decryptedBearerToken = $newEncrypter->decrypt( $encryptedToken );
if($bearerToken !== $decryptedBearerToken)
{
return $this->invalidToken();
}
}
$validateApi = $this->authenticate(['api']);
if(!$validateApi)
{
if(empty($bearerToken))
{
return $this->invalidToken();
}
$user = User::where('api_key', $bearerToken)->first();
if(empty($user))
{
return $this->invalidToken();
}
\Illuminate\Support\Facades\Auth::setUser($user);
}
有关上述代码实现的一些问题
问题:
502 Gateway timeout 如何更好地对令牌进行身份验证并优化身份验证
[注意:执行单个Request时,实现工作正常 通过POSTMAN]