问题
I've added this two event listeners to my : EventServiceProvider
/**
* The event listener mappings for the application.
*
* @var array
*/
protected $listen = [
'Laravel\Passport\Events\AccessTokenCreated' => [
'App\Listeners\RevokeOldTokens',
],
'Laravel\Passport\Events\RefreshTokenCreated' => [
'App\Listeners\PruneOldTokens',
],
];
And in my AuthServiceProvider I have :
public function boot()
{
$this->registerPolicies();
Passport::routes();
passport::$revokeOtherTokens;
passport::$pruneRevokedTokens;
Passport::tokensExpireIn(Carbon::now()->addDays(1));
Passport::refreshTokensExpireIn(Carbon::now()->addDays(2));
}
I want passport to revoke all other user access tokens and then prune them if they are revoked. but nothing is happening and every time I request an access token from postman I get a new access Token while there are several access tokens in the database.
回答1:
I've Solved My problem This way :
Step1 - In EventServiceProvider should change the path to the Access Token created and also refresh token created :
protected $listen = [
'Laravel\Passport\Events\AccessTokenCreated' => [
'App\Listeners\RevokeOldTokens',
],
'Laravel\Passport\Events\RefreshTokenCreated' => [
'App\Listeners\PruneOldTokens',
],
];
Step2- generate this two listeners events :
php artisan event:generate
Step3- Modify AccessTokenCreated & RefreshTokenCreated event handle methods :
RevokeOldTokens Class :
namespace App\Listeners;
use Laravel\Passport\Events\AccessTokenCreated;
use Illuminate\Queue\InteractsWithQueue;
use Illuminate\Contracts\Queue\ShouldQueue;
use DB;
class RevokeOldTokens
{
/**
* Create the event listener.
*
* @return void
*/
public function __construct()
{
//
}
/**
* Handle the event.
*
* @param AccessTokenCreated $event
* @return void
*/
public function handle(AccessTokenCreated $event)
{
DB::table('oauth_access_tokens')
->where('id', '<>', $event->tokenId)
->where('user_id', $event->userId)
->where('client_id', $event->clientId)
->update(['revoked' => true]);
}
}
PruneOldTokens Class :
namespace App\Listeners;
use Laravel\Passport\Events\RefreshTokenCreated;
use Illuminate\Queue\InteractsWithQueue;
use Illuminate\Contracts\Queue\ShouldQueue;
use DB;
class PruneOldTokens
{
/**
* Create the event listener.
*
* @return void
*/
public function __construct()
{
//
}
/**
* Handle the event.
*
* @param RefreshTokenCreated $event
* @return void
*/
public function handle(RefreshTokenCreated $event)
{
DB::table('oauth_refresh_tokens')
->where('id', '<>', $event->refreshTokenId)
->where('access_token_id', '<>', $event->accessTokenId)
->update(['revoked' => true]);
}
}
After This steps if I send any request to my project it will check for tokens and if there is another token it will revoke it and make it unathorized.
回答2:
May be because you missed something important to let the passport works find,
1- Register Passport service provider in the providers array of your config/app.php Laravel\Passport\PassportServiceProvider::class,
1- you have to add the Laravel\Passport\HasApiTokens trait to your App\User model 2- in your config/auth.php configuration file, you should set the driver option of the api authentication guard to passport
check this http://www.snippetcase.com/snippet/61/API+Authentication+(Passport)+Laravel+5.3
来源:https://stackoverflow.com/questions/40758505/laravel-passport-revoke-and-prune-event-listener-is-not-doing-anything