如何在Laravel Passport中获取所有用户的访问权限?

For background we have two servers: the oauth server which issues out tokens and has laravel passport installed, and an api server which handles requests for the front end. In order to minimize requests, we are caching the access token on the api server, so that there is no need to make a request out to the oauth server from the api server.

However, in the case of an emergency, we want to quickly invalidate all of a user's tokens and remove the tokens from the cache on the api server.

I have figured out how to invalidate all of a user's tokens, but getting the actual access token value proves to be difficult. Is there a way to get a user's access tokens and return them to the api server?

For reference, here is the code I have to currently invalidate a user's tokens:

use App\User;

public function invalidate_sessions($user_id) {
    $user = User::find($user_id);

    $tokens = [];
    foreach ($user->tokens as $token) {
        $token->revoke();
        // this doesn't work
        $tokens[] = $token;
    }
    $api_server = config('auth.api_server');
    $http = new \GuzzleHttp\Client;

    $response = $http->post("{$api_server}/api/invalidate_sessions", [ 
        \GuzzleHttp\RequestOptions::JSON => $tokens
    ]);

    return (string)$response->getBody();
}
Csdn user default icon
上传中...
上传图片
插入图片
抄袭、复制答案,以达到刷声望分或其他目的的行为,在CSDN问答是严格禁止的,一经发现立刻封号。是时候展现真正的技术了!
立即提问