MineAdmin 交流群

官方QQ群: 150105478

MineAdmin

English

中文
繁體中文(香港)
繁體中文(台灣)

English

中文
繁體中文(香港)
繁體中文(台灣)

Appearance

Lifecycle

TIP

Whether it's Swoole or Swow, in MineAdmin, they are both integrated by Hyperf through the symfony/console component. The startup command is php bin/hyperf.php start.

MineAdmin is built to run on PHP + (Swoole or Swow) + Hyperf. To thoroughly understand the lifecycle of MineAdmin, it is crucial to comprehend the lifecycle of the underlying architecture.

This article will not further elaborate on the lifecycle of the aforementioned underlying architecture. If interested, please study it on your own. This article will focus more on describing the lifecycle related to business operations.

Dual Token Authentication Refresh

The dual-token mechanism refers to the process where, in addition to the traditional Access Token, an additional Refresh Token is introduced during user login. The Access Token is primarily used to verify user identity and maintain user sessions, while the Refresh Token is used to obtain a new Access Token after the current one expires. This design ensures security while providing a better user experience.

TIP

The default application authentication mechanism provided is implemented using two tokens for interactive refresh and authentication, namely AccessToken and RefreshToken.

The generation and authentication of JWT are uniformly implemented by MineAdmin integrating the lcobucci/jwt component.

Sequence Diagram

plantuml diagram

Flowchart

plantuml diagram

Explanation

After a successful login, store the access token and refresh token locally.

When a request fails with a 401 error code and the local refresh_token is not expired, temporarily store the current request information in a queue. This queue is designed to prevent multiple requests from refreshing the token simultaneously.

Then, use the refresh token to exchange for a new access_token and refresh_token.

If the token exchange interface also returns a 401 error code, it means the access token and refresh token are both invalid, and the user needs to log in again. Clear the local cache and redirect to the login page.

If the token exchange is successful, update the local token and retry the failed request.

致力于为品牌和企业创造价值

Copyright © 2021-present MineAdmin