xiaokang/lotteryLaravel
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
87637f2e4a53649185e72371b1d3324b4abec7bb
lotteryLaravel/config/lottery.php
kang c9c1fecfcf feat(player-auth): add JWT TTL check and AES wrapped token support 
1. 新增JWT有效期校验,限制exp-iat最大时长并支持强制校验iat字段
2. 新增AES-GCM密文Token解包能力,支持非标准JWT格式的令牌传递
3. 新增相关配置项和环境变量,可灵活调整校验策略
2026-05-14 09:37:52 +08:00

106 lines
5.0 KiB
PHP
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
<?php
/**
* 彩票业务配置(多语言、主站 SSO、玩家鉴权等
*
* 【locales】API 返回 msg 时使用的语言集合与库表多语言列命名一致zh / en / ne
* - supported合法语言列表NegotiateLotteryLocale 只会在其中选择。
* - fallback无匹配头或缺翻译键时的兜底语言通常用 en
*/
return [
'locales' => [
'supported' => ['zh', 'en', 'ne'],
'fallback' => 'en',
],
'default_currency' => env('LOTTERY_DEFAULT_CURRENCY', 'NPR'),
/*
| lottery_settings 表读缓存 TTL。调小可更快看到后台改值调大减 DB 压力。
*/
'settings' => [
'cache_ttl_seconds' => (int) env('LOTTERY_SETTINGS_CACHE_TTL', 60),
],
'main_site' => [
'base_url' => env('MAIN_SITE_BASE_URL'),
'sso_jwt_secret' => env('MAIN_SITE_SSO_JWT_SECRET'),
'wallet_api_url' => env('MAIN_SITE_WALLET_API_URL'),
'wallet_api_key' => env('MAIN_SITE_WALLET_API_KEY'),
'wallet_timeout' => (int) env('MAIN_SITE_WALLET_TIMEOUT', 10),
/** 主站钱包 HTTP 相对路径(拼接在 wallet_api_url 后Stub 模式下忽略 */
'wallet_debit_path' => env('MAIN_SITE_WALLET_DEBIT_PATH', '/wallet/debit-for-lottery'),
'wallet_credit_path' => env('MAIN_SITE_WALLET_CREDIT_PATH', '/wallet/credit-from-lottery'),
],
/*
| player_auth配合 app/Services/PlayerTokenResolver.php
|
| dev_bypass仅当 APP_ENV∈{local, testing} 且 LOTTERY_PLAYER_AUTH_DEV_BYPASS=true 时,
| 允许 Authorization: Bearer dev:{players.id}(否则 dev: 会被当成 JWT 解析并报 8002
| jwt.* :主站签发的 JWT验签通过后若无映射行则自动建档
| max_ttl_seconds :允许 (exp-iat) 最大秒数(默认 300=5 分钟),与「短效 Token」对齐
| require_iat_claim为 true 时必须带 iat否则拒绝不建档
|
| aes.key_base64 可选。32 字节原始密钥再做 Base64 写入 env LOTTERY_PLAYER_TOKEN_AES_KEY
| 有值时 Bearer 串(非 xxx.yyy.zzz 外形)会先尝试 AES-GCM 解包为内层 JWT 再验签。
*/
'player_auth' => [
'dev_bypass' => env('LOTTERY_PLAYER_AUTH_DEV_BYPASS', false),
'jwt' => [
'algorithm' => env('LOTTERY_JWT_ALGORITHM', 'HS256'),
'claim_site_code' => env('LOTTERY_JWT_CLAIM_SITE_CODE', 'site_code'),
'claim_site_player_id' => env('LOTTERY_JWT_CLAIM_SITE_PLAYER_ID', 'site_player_id'),
'max_ttl_seconds' => max(1, min(3600, (int) env('LOTTERY_JWT_MAX_TTL_SECONDS', 300))),
'require_iat_claim' => filter_var(env('LOTTERY_JWT_REQUIRE_IAT', true), FILTER_VALIDATE_BOOLEAN),
],
'aes' => [
'key_base64' => env('LOTTERY_PLAYER_TOKEN_AES_KEY'),
],
],
/*
| admin_apiSanctum Personal Access Tokenauth:sanctum + lottery.admin
|
| token_ttl_days签发时刻起有效日历天数到期后 Laravel 拒绝该 token需重新登录。
*/
'admin_api' => [
'token_ttl_days' => max(1, (int) env('ADMIN_API_TOKEN_TTL_DAYS', 7)),
],
/*
| 期号调度GMT/业务日时区):生成计划、封盘与开奖时间点。
| 与 PRD 「期号生成 / 封盘 / 开奖调度」链路一致RNG 详见 DrawRngRunner。
*/
'draw' => [
/** 盘面「业务日」切分与应用展示用 */
'timezone' => env('LOTTERY_DRAW_TIMEZONE', 'UTC'),
/** 开奖时间间隔(分钟),整日从 00:00 起排槽 */
'interval_minutes' => max(1, min(1440, (int) env('LOTTERY_DRAW_INTERVAL_MINUTES', 5))),
/** 下注开放时长start_time = close_time - betting_window_seconds */
'betting_window_seconds' => max(10, (int) env('LOTTERY_DRAW_BETTING_WINDOW_SECONDS', 270)),
/** 开奖前若干秒封盘close_time = draw_time - 该值 */
'close_before_draw_seconds' => max(5, (int) env('LOTTERY_DRAW_CLOSE_BEFORE_SECONDS', 30)),
/** 预生成尚未开奖的期号数量(调度补齐);生产可调大,本地/联测建议 612 */
'buffer_draws_ahead' => max(1, (int) env('LOTTERY_DRAW_BUFFER_AHEAD', 8)),
/** trueRNG 后进入 review需后台接口发布 */
'require_manual_review' => filter_var(env('LOTTERY_DRAW_REQUIRE_MANUAL_REVIEW', true), FILTER_VALIDATE_BOOLEAN),
/** 结果发布后的冷静期(分钟),{@see draws.cooling_end_time} */
'cooldown_minutes' => max(0, (int) env('LOTTERY_DRAW_COOLDOWN_MINUTES', 15)),
],
/*
| ui.formatAPI 中 *_formatted 展示用(由 {@see \App\Support\CurrencyFormatter} 读取)
*/
'ui' => [
'format' => [
'currency' => [
'decimals' => max(0, min(12, (int) env('LOTTERY_CURRENCY_DISPLAY_DECIMALS', 2))),
'decimal_separator' => env('LOTTERY_CURRENCY_DECIMAL_SEP', '.'),
'thousands_separator' => env('LOTTERY_CURRENCY_THOUSANDS_SEP', ','),
],
],
],
];
Reference in New Issue View Git Blame Copy Permalink