Use Workerman to realize user authentication and authority control of online chat system

Use workerman to implement user authentication and permission control of online chat systems

As a high-performance PHP socket framework, workerman is widely used in the development of real-time communication systems. When developing an online chat system, user authentication and permission control are very important links. This article will introduce how to use Workerman to complete user authentication and permission control, and attach code examples.

1. User Authentication
   User authentication refers to verifying whether the user's identity is legal. In online chat systems, the Token-based authentication mechanism is usually used. The specific steps are as follows:

Step 1: When the user logs in, the server generates a Token and sends the Token to the client for storage.

Step 2: The client sends the Token to the server in the form of HTTP Header in subsequent requests.

Step 3: When the server receives the request, verify the validity of the Token. If the token is valid, the user is considered logged in and the request can continue to be processed; otherwise, an authentication failure error message is returned.

The following is a sample code that uses workererman to implement user authentication:

require_once __DIR__ . '/vendor/autoload.php';

use WorkermanWorker;
use WorkermanConnectionAsyncTcpConnection;
use WorkermanProtocolsHttpRequest;
use WorkermanProtocolsHttpResponse;

$worker = new Worker('http://0.0.0.0:8080');

$users = [
    'user1' => 'password1',
    'user2' => 'password2',
    // ...
];

$worker->onMessage = function ($connection, Request $request) use ($users) {
    $path = $request->path();
    if ($path === '/login') {
        $username = $request->post('username');
        $password = $request->post('password');
        if (!isset($users[$username]) || $users[$username] !== $password) {
            $response = new Response(401, ['Content-Type' => 'application/json'], json_encode(['error' => 'Invalid credentials']));
            $connection->send($response);
        } else {
            $token = generateToken();
            $response = new Response(200, ['Content-Type' => 'application/json'], json_encode(['token' => $token]));
            $connection->send($response);
        }
    } elseif (substr($path, 0, 7) === '/api/v1') {
        $token = $request->header('Authorization');
        if (!validateToken($token)) {
            $response = new Response(401, ['Content-Type' => 'application/json'], json_encode(['error' => 'Unauthorized']));
            $connection->send($response);
        } else {
            // 处理请求逻辑
        }
    } else {
        $response = new Response(404, ['Content-Type' => 'text/html'], 'Not found');
        $connection->send($response);
    }
};

Worker::runAll();

function generateToken()
{
    // 生成Token逻辑
}

function validateToken($token)
{
    // 验证Token逻辑
}

2. Permission control
   Permission control refers to controlling the user's access to system resources. In the online chat system Permission control is usually carried out in the form of roles and permissions. The specific steps are as follows:

Step 1: Define the role and permission list and store it in the database.

Step 2: After the user logs in, the server obtains the permission list corresponding to the role based on the user's role.

Step 3: When the server processes the request, it determines whether the user has the permission to perform the operation based on the permissions required by the request. If it has permission, continue processing the request; otherwise, return an error message indicating insufficient permissions.

The following is a sample code that uses Workerman to implement permission control:

require_once __DIR__ . '/vendor/autoload.php';

use WorkermanWorker;
use WorkermanConnectionAsyncTcpConnection;
use WorkermanProtocolsHttpRequest;
use WorkermanProtocolsHttpResponse;

$worker = new Worker('http://0.0.0.0:8080');

$roles = [
    'admin' => ['create', 'read', 'update', 'delete'],
    'user' => ['read']
];

$worker->onMessage = function ($connection, Request $request) use ($roles) {
    $path = $request->path();
    $role = getUserRole(); // 根据Token获取用户角色

    if (!isset($roles[$role])) {
        $response = new Response(401, ['Content-Type' => 'application/json'], json_encode(['error' => 'Unauthorized']));
        $connection->send($response);
        return;
    }

    $allowedPermissions = $roles[$role];
    $requiredPermission = extractRequiredPermission($path); // 根据请求路径提取所需权限

    if (!in_array($requiredPermission, $allowedPermissions)) {
        $response = new Response(403, ['Content-Type' => 'application/json'], json_encode(['error' => 'Forbidden']));
        $connection->send($response);
        return;
    }

    // 处理请求逻辑
};

Worker::runAll();

function getUserRole()
{
    // 根据Token获取用户角色的逻辑
}

function extractRequiredPermission($path)
{
    // 从请求路径中提取所需权限的逻辑
}

Through the above sample code, we can see that it is very simple to implement user authentication and permission control in Workerman. Through reasonable authentication and authorization mechanisms, the security of the online chat system and user rights can be effectively protected. Hope this article can be helpful to you.

The above is the detailed content of Use Workerman to realize user authentication and authority control of online chat system. For more information, please follow other related articles on the PHP Chinese website!