如何存储token比较合适？-PHP Tutorial-php.cn

Table of Contents

回复内容：

Home

Backend Development

PHP Tutorial

如何存储token比较合适？

WBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWB

Jun 06, 2016 pm 08:30 PM

java php web rear end

在保持多步骤流程一致性时我需要用到token（比如找回密码）：

步骤1，用户提交要找回密码的用户名和验证码，我生成token1，返回页面中包含这个token1

步骤2，用户提交他收到的短信验证码和token1，我根据token1来识别是哪个用户，短信验证码是否正确，token是否过期，这个token的使用场景是否正确，如果都有效，我生成一个token2，返回页面包含这个token2

步骤3，用户提交他的新密码和token2，我根据token2来找出是哪个用户，最后重置那个用户的密码

这里的token都有时效性，我存在mysql里，每天都要跑cron job来删除过期的token，这样不太好吧，我应该怎么存token？或者有更好的办法？

回复内容：

在保持多步骤流程一致性时我需要用到token（比如找回密码）：

步骤1，用户提交要找回密码的用户名和验证码，我生成token1，返回页面中包含这个token1

步骤2，用户提交他收到的短信验证码和token1，我根据token1来识别是哪个用户，短信验证码是否正确，token是否过期，这个token的使用场景是否正确，如果都有效，我生成一个token2，返回页面包含这个token2

步骤3，用户提交他的新密码和token2，我根据token2来找出是哪个用户，最后重置那个用户的密码

这里的token都有时效性，我存在mysql里，每天都要跑cron job来删除过期的token，这样不太好吧，我应该怎么存token？或者有更好的办法？

token可以使用 md5(username+userid+timestamp)_timestamp，这种格式的token基本上不会重复了，同时尾部的timestample也能用于过期检测。
对于一个用户来说通常一个token就够了，当你生成第二个token的时候第一个已经失效了，所以可以直接update掉，这样每个用户最多有一个token就不需要考虑删除的问题了，当然在token被验证有效地时候应该把数据库中的token set null，防止同一个token被二次验证。

token不需要存储的，你可以使用AES的可逆向加/解密算法对数据进行加密，如aes.ecode(userId+time+info+key(密钥))，生成token后把这个串传回给客户端，不需要保存，等下次他传回给你的时候你只需要aes.decode(token)解密一下就可以获得这里面的用户信息与当前登陆的用户信息对比一下就行了

或者不用储存token，有效性信息就放在token里，你看看这个json web token

token不用存mysql吧，存内存就好了。
一个线程轮训删除过期的token数据。
当然你会说宕机了，内存数据就没了，但是基于找回密码的操作不常有，这个数据不会太多，而时效性一般不会太长，如果真遇到宕机，宕机了用户也无法访问了啊，故这个token就废弃也无所谓，让用户重新提交找回操作。

可以存memcahe或redis里，缓存设定时间过期。

我一般直接存session

token 我是用md5 用户名加现有密码生成....
然后记录下时间

存redis，设置过期时间是最方便的

token类似于单个web工程中使用的session，保存起来便于查看访问日志，不保存也可以，但每个模块和功能的操作日志最好记录一下，以便后期运营和维护使用。

Statement of this Website

The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn

Hot AI Tools

Undresser.AI Undress

AI-powered app for creating realistic nude photos

AI Clothes Remover

Online AI tool for removing clothes from photos.

Undress AI Tool

Undress images for free

Clothoff.io

AI clothes remover

AI Hentai Generator

Generate AI Hentai for free.

Hot Article

R.E.P.O. Energy Crystals Explained and What They Do (Yellow Crystal)

2 weeks ago By 尊渡假赌尊渡假赌尊渡假赌

Repo: How To Revive Teammates

4 weeks ago By 尊渡假赌尊渡假赌尊渡假赌

Hello Kitty Island Adventure: How To Get Giant Seeds

4 weeks ago By 尊渡假赌尊渡假赌尊渡假赌

How Long Does It Take To Beat Split Fiction?

3 weeks ago By DDD

R.E.P.O. Save File Location: Where Is It & How to Protect It?

3 weeks ago By DDD

Hot Tools

Notepad++7.3.1

Easy-to-use and free code editor

SublimeText3 Chinese version

Chinese version, very easy to use

Zend Studio 13.0.1

Powerful PHP integrated development environment

Dreamweaver CS6

Visual web development tools

SublimeText3 Mac version

God-level code editing software (SublimeText3)

Hot Topics

Where is the login entrance for gmail email?

7323

Java Tutorial

1625

CakePHP Tutorial

1350

Laravel Tutorial

1262

PHP Tutorial

1209

Related knowledge

PHP 8.4 Installation and Upgrade guide for Ubuntu and Debian Dec 24, 2024 pm 04:42 PM

PHP 8.4 brings several new features, security improvements, and performance improvements with healthy amounts of feature deprecations and removals. This guide explains how to install PHP 8.4 or upgrade to PHP 8.4 on Ubuntu, Debian, or their derivati

How To Set Up Visual Studio Code (VS Code) for PHP Development Dec 20, 2024 am 11:31 AM

Visual Studio Code, also known as VS Code, is a free source code editor — or integrated development environment (IDE) — available for all major operating systems. With a large collection of extensions for many programming languages, VS Code can be c

How do you parse and process HTML/XML in PHP? Feb 07, 2025 am 11:57 AM

This tutorial demonstrates how to efficiently process XML documents using PHP. XML (eXtensible Markup Language) is a versatile text-based markup language designed for both human readability and machine parsing. It's commonly used for data storage an

Break or return from Java 8 stream forEach? Feb 07, 2025 pm 12:09 PM

Java 8 introduces the Stream API, providing a powerful and expressive way to process data collections. However, a common question when using Stream is: How to break or return from a forEach operation? Traditional loops allow for early interruption or return, but Stream's forEach method does not directly support this method. This article will explain the reasons and explore alternative methods for implementing premature termination in Stream processing systems. Further reading: Java Stream API improvements Understand Stream forEach The forEach method is a terminal operation that performs one operation on each element in the Stream. Its design intention is

PHP Program to Count Vowels in a String Feb 07, 2025 pm 12:12 PM

A string is a sequence of characters, including letters, numbers, and symbols. This tutorial will learn how to calculate the number of vowels in a given string in PHP using different methods. The vowels in English are a, e, i, o, u, and they can be uppercase or lowercase. What is a vowel? Vowels are alphabetic characters that represent a specific pronunciation. There are five vowels in English, including uppercase and lowercase: a, e, i, o, u Example 1 Input: String = "Tutorialspoint" Output: 6 explain The vowels in the string "Tutorialspoint" are u, o, i, a, o, i. There are 6 yuan in total

Java Made Simple: A Beginner's Guide to Programming Power Oct 11, 2024 pm 06:30 PM

Java Made Simple: A Beginner's Guide to Programming Power Introduction Java is a powerful programming language used in everything from mobile applications to enterprise-level systems. For beginners, Java's syntax is simple and easy to understand, making it an ideal choice for learning programming. Basic Syntax Java uses a class-based object-oriented programming paradigm. Classes are templates that organize related data and behavior together. Here is a simple Java class example: publicclassPerson{privateStringname;privateintage;

Create the Future: Java Programming for Absolute Beginners Oct 13, 2024 pm 01:32 PM

Java is a popular programming language that can be learned by both beginners and experienced developers. This tutorial starts with basic concepts and progresses through advanced topics. After installing the Java Development Kit, you can practice programming by creating a simple "Hello, World!" program. After you understand the code, use the command prompt to compile and run the program, and "Hello, World!" will be output on the console. Learning Java starts your programming journey, and as your mastery deepens, you can create more complex applications.

Java Program to Find the Volume of Capsule Feb 07, 2025 am 11:37 AM

Capsules are three-dimensional geometric figures, composed of a cylinder and a hemisphere at both ends. The volume of the capsule can be calculated by adding the volume of the cylinder and the volume of the hemisphere at both ends. This tutorial will discuss how to calculate the volume of a given capsule in Java using different methods. Capsule volume formula The formula for capsule volume is as follows: Capsule volume = Cylindrical volume Volume Two hemisphere volume in, r: The radius of the hemisphere. h: The height of the cylinder (excluding the hemisphere). Example 1 enter Radius = 5 units Height = 10 units Output Volume = 1570.8 cubic units explain Calculate volume using formula: Volume = π × r2 × h (4

See all articles