How to refresh token in php interface development

after the user logs in, the user id login ip is encrypted by some algorithms.
after encryption, the user token is written to the database and written to the cache (redis)
the purpose of writing the cache is that every time the client requests to get the user id to write to the database, it wants to clear the token after the user has changed the password and so on.

but the write cache is one hour after the redis expires, there is no way to continue to use it after expiration

I have an idea, that is, if you can"t query it in the cache, go to the database to query the database and directly return to write to the cache again

.

but this way of implementation doesn"t seem to be very good. Do you gods have any good ideas?

Thinkphp5 laravel yii php
Jan.09,2022
The token refresh mechanism in the

interface.
this update token may help you

increase the duration, such as 15 days

there should be two token, one is access_token, and the other is refresh_token, returned to the client at the same time, but there is a difference.
1. The expiration time is different. The access_token expiration time should be set to be shorter, such as 1 hour, and the refresh_token expiration time should be relatively longer, such as one week.
2.access_token is the user's credential, which expires within 1 hour. After expiration, you can only use refresh_token to obtain a new pair of token,refresh_token. You can only use it once.

what's the point of adding time if token is not random? token has been encrypted and verified in the way you gave it.

the method you said is feasible for small sites, but for large websites, when a large number of users' cache expires, a large number of requests will enter the database, so it is not desirable. My solution is to generate token, assuming that the token is valid for 24 hours, and put the user id and token expiration time into the message queue. The message queue will always cycle to detect users whose token is about to expire. Once it is detected that the token will expire in less than 2 hours, a new token. will be generated immediately. If the site has a large number of users, consider moderately increasing the previous token validity period and 2 hours, or consider a distributed message queuing scheme. In addition, token updates frequently, there is no need for inventory. Okay, I can't make it up anymore.

Previous: How to set multiple session with different configurations by koa-session (for example, the expiration time is different)

Next: The downloaded hexo theme must be deleted. Git

css mysql arrays josn react html typescript webpack npm sass R objective-c .net sql-server jquery python-3.x angularjs django angular excel regex iphone ajax linux xml pandas vba spring database wordpress string wpf xcode windows bash postgresql oracle multithreading eclipse list firebase algorithm macos forms image scala visual-studio azure bootstrap spring-boot react-native python-2.7 docker performance function winforms matlab powershell apache dataframe api sqlite numpy rest shell selenium flutter dart maven loops qt swing android-studio csv express file class tensorflow sorting codeigniter perl
© 2021 CodesHelper
Advertising Contact us About us
Menu