Laravel 记住密码值解剖

介绍

laravel 登录的时候记住密码,那么它是怎么存储呢

文件

vendor/laravel/framework/src/Illuminate/Auth/SessionGuard.php

 public function login(AuthenticatableContract $user, $remember = false)
    {
        $this->updateSession($user->getAuthIdentifier());

        // If the user should be permanently "remembered" by the application we will
        // queue a permanent cookie that contains the encrypted copy of the user
        // identifier. We will then decrypt this later to retrieve the users.
        if ($remember) {
            $this->ensureRememberTokenIsSet($user);

            $this->queueRecallerCookie($user);
        }

        // If we have an event dispatcher instance set we will fire an event so that
        // any listeners will hook into the authentication events and run actions
        // based on the login and logout events fired from the guard instances.
        $this->fireLoginEvent($user, $remember);

        $this->setUser($user);
    }
        if ($remember) {
            $this->ensureRememberTokenIsSet($user);

            $this->queueRecallerCookie($user);
        }

$this->ensureRememberTokenIsSet($user);这里判断记住密码的token是否存在,如果不存在创建.
$this->queueRecallerCookie($user); 创建cookies

cookie 值

  protected function queueRecallerCookie(AuthenticatableContract $user)
    {
        $this->getCookieJar()->queue($this->createRecaller(
            $user->getAuthIdentifier().'|'.$user->getRememberToken().'|'.$user->getAuthPassword()
        ));
    }
    //永久存储
    protected function createRecaller($value)
    {
        return $this->getCookieJar()->forever($this->getRecallerName(), $value);
    }

cookie 名字

    public function getRecallerName()
    {
        return 'remember_'.$this->name.'_'.sha1(static::class);//$this->name认证器使用的那个,默认是web
    }

 $user->getAuthIdentifier().'|'.$user->getRememberToken().'|'.$user->getAuthPassword()

用户唯一标识符,用户记住token,用户密码

用户记住密码 token

/**
     * Refresh the "remember me" token for the user.
     *
     * @param  \Illuminate\Contracts\Auth\Authenticatable  $user
     * @return void
     */
    protected function cycleRememberToken(AuthenticatableContract $user)
    {
        $user->setRememberToken($token = Str::random(60));

        $this->provider->updateRememberToken($user, $token);
    }

提示

评论区 (1)

谢谢分享 受教

#1 楼
支持 markdown,图片截图粘贴拖拽都可以自动上传。
查看更多

最新视频课程

Laravel 的 PhpSpreadsheet 包入门

wap2App 入门讲解,100%速成,全面为你讲解。

ace.js 打造一款属于你的 Web 编辑器,入门文档。

Laravel Permission 中文文档

解释 OAuth 2.0 认证 和使用场景说明

Laravel 之 horizon 队列管理界面系统

钻级赞助商