From 9e5b5bfbc94c3da63c1906023a3eaa8e4323d1fc Mon Sep 17 00:00:00 2001
From: forecho <caizhenghai@gmail.com>
Date: Mon, 20 Jul 2020 18:39:19 +0800
Subject: [PATCH] feat: add refresh-token api && update README.md

---
 README.md                                 | 11 ++++++++---
 config/web.php                            |  3 +--
 core/messages/zh-CN/app.php               |  1 +
 core/models/User.php                      |  2 +-
 core/services/UserService.php             |  4 +++-
 modules/v1/controllers/UserController.php | 10 ++++++++++
 6 files changed, 24 insertions(+), 7 deletions(-)

diff --git a/README.md b/README.md
index 3430a36..924e838 100644
--- a/README.md
+++ b/README.md
@@ -87,9 +87,9 @@ You can then access the application through the following URL:
 Check out the packages
 ------------
 
-- [yiithings/yii2-doten](https://github.com/forecho/yiithings/yii2-doten)
-- [sizeg/yii2-jwt](https://github.com/forecho/sizeg/yii2-jwt)
-- [yiier/yii2-helpers](https://github.com/forecho/yiier/yii2-helpers)
+- [yiithings/yii2-doten](https://github.com/yiithings/yii2-doten)
+- [sizeg/yii2-jwt](https://github.com/sizeg/yii2-jwt)
+- [yiier/yii2-helpers](https://github.com/yiier/yii2-helpers)
 
 Use
 ------------
@@ -99,6 +99,7 @@ At this time, you have a RESTful API server running at `http://127.0.0.1:8000`.
 * `GET /health-check`: a health check service provided for health checking purpose (needed when implementing a server cluster)
 * `POST /v1/join`: create a user
 * `POST /v1/login`: authenticates a user and generates a JWT
+* `POST /v1/refresh-token`: refresh a JWT
 
 Try the URL `http://localhost:8000/health-check` in a browser, and you should see something like `{"code":0,"data":"OK","message":"成功"}` displayed.
 
@@ -113,4 +114,8 @@ curl -X POST -H "Content-Type: application/json" -d '{"username":"demo","email":
 # authenticate the user via: POST /v1/login
 curl -X POST -H "Content-Type: application/json" -d '{"username": "demo", "password": "pass123"}' http://localhost:8000/v1/login
 # should return like: {"code":0,"data":{"user":{"id":4,"username":"dem211o1","avatar":"","email":"de21mo1@mail.com","status":1,"created_at":"2020-07-17T23:49:39+08:00","updated_at":"2020-07-17T23:49:39+08:00"},"token":"eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiIsImp0aSI6IllpaS1SRVNULUFQSSJ9.eyJpc3MiOiJodHRwOlwvXC9sb2NhbGhvc3QiLCJqdGkiOiJZaWktUkVTVC1BUEkiLCJpYXQiOjE1OTUwNjQ5NzIsImV4cCI6MTU5NTMyNDE3MiwidXNlcm5hbWUiOiJkZW0yMTFvMSIsImlkIjo0fQ.y2NSVQe-TQ08RnXnF-o55h905G9WHo6GYHNaUWlKjDE"},"message":"成功"}
+
+# refresh a JWT
+curl -X POST -H 'Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiIsImp0aSI6IllpaS1SRVNULUFQSSJ9.eyJpc3MiOiJodHRwOlwvXC9sb2NhbGhvc3QiLCJqdGkiOiJZaWktUkVTVC1BUEkiLCJpYXQiOjE1OTUwNjQ5NzIsImV4cCI6MTU5NTMyNDE3MiwidXNlcm5hbWUiOiJkZW0yMTFvMSIsImlkIjo0fQ.y2NSVQe-TQ08RnXnF-o55h905G9WHo6GYHNaUWlKjDE' http://localhost:8000/v1/refresh-token
+# should return like: {"code":0,"data":{"user":{"id":4,"username":"dem211o1","avatar":"","email":"de21mo1@mail.com","status":1,"created_at":"2020-07-17T23:49:39+08:00","updated_at":"2020-07-17T23:49:39+08:00"},"token":"eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiIsImp0aSI6IllpaS1SRVNULUFQSSJ9.eyJpc3MiOiJodHRwOlwvXC9sb2NhbGhvc3QiLCJqdGkiOiJZaWktUkVTVC1BUEkiLCJpYXQiOjE1OTUwNjQ5NzIsImV4cCI6MTU5NTMyNDE3MiwidXNlcm5hbWUiOiJkZW0yMTFvMSIsImlkIjo0fQ.y2NSVQe-TQ08RnXnF-o55h905G9WHo6GYHNaUWlKjDE"},"message":"成功"}
 ```
\ No newline at end of file
diff --git a/config/web.php b/config/web.php
index ddbf427..1a3143f 100644
--- a/config/web.php
+++ b/config/web.php
@@ -67,8 +67,7 @@
             'enablePrettyUrl' => true,
             'showScriptName' => false,
             'rules' => [
-                "POST <module>/join" => '<module>/user/join',
-                "POST <module>/login" => '<module>/user/login',
+                "POST <module>/<alias:login|join|refresh-token>" => '<module>/user/<alias>',
                 "GET health-check" => 'site/health-check',
                 '<module>/<controller:\w+>/<action:\w+>/<id:\d+>' => '<module>/<controller>/<action>',
             ],
diff --git a/core/messages/zh-CN/app.php b/core/messages/zh-CN/app.php
index 2b301c5..e0c020f 100644
--- a/core/messages/zh-CN/app.php
+++ b/core/messages/zh-CN/app.php
@@ -7,4 +7,5 @@
     'Username' => '用户名',
     'Email' => '邮箱',
     'Password' => '密码',
+    'The JWT secret must be configured first.' => '必须先配置 JWT_SECRET',
 ];
diff --git a/core/models/User.php b/core/models/User.php
index 601846c..dd4041b 100644
--- a/core/models/User.php
+++ b/core/models/User.php
@@ -80,7 +80,7 @@ public static function findIdentity($id)
      */
     public static function findIdentityByAccessToken($token, $type = null)
     {
-        $userId = (string)$token->getClaim('uid');
+        $userId = (string)$token->getClaim('id');
         return self::findIdentity($userId);
     }
 
diff --git a/core/services/UserService.php b/core/services/UserService.php
index e1d9acc..927f01f 100644
--- a/core/services/UserService.php
+++ b/core/services/UserService.php
@@ -50,10 +50,12 @@ public function getToken(): string
     {
         /** @var Jwt $jwt */
         $jwt = Yii::$app->jwt;
+        if (!$jwt->key) {
+            throw new InternalException(t('app', 'The JWT secret must be configured first.'));
+        }
         $signer = $jwt->getSigner('HS256');
         $key = $jwt->getKey();
         $time = time();
-
         return (string)$jwt->getBuilder()
             ->issuedBy(params('appUrl'))
             ->identifiedBy(Yii::$app->name, true)
diff --git a/modules/v1/controllers/UserController.php b/modules/v1/controllers/UserController.php
index 0db3de2..77b30ae 100644
--- a/modules/v1/controllers/UserController.php
+++ b/modules/v1/controllers/UserController.php
@@ -58,4 +58,14 @@ public function actionLogin()
             'token' => (string)$token,
         ];
     }
+
+    public function actionRefreshToken()
+    {
+        $user = Yii::$app->user->identity;
+        $token = $this->userService->getToken();
+        return [
+            'user' => $user,
+            'token' => (string)$token,
+        ];
+    }
 }