Claude Code PHP開發(fā)子代理實戰(zhàn)指南:打造你的現(xiàn)代PHP架構(gòu)師
作者:阿森
今天要分享的是我精心調(diào)優(yōu)的PHP開發(fā)子代理——這個配置能讓Claude Code像一個精通現(xiàn)代PHP的資深架構(gòu)師,從Laravel到Symfony,從性能優(yōu)化到安全防護,幫你寫出企業(yè)級的PHP代碼。
今天要分享的是我精心調(diào)優(yōu)的PHP開發(fā)子代理——這個配置能讓Claude Code像一個精通現(xiàn)代PHP的資深架構(gòu)師,從Laravel到Symfony,從性能優(yōu)化到安全防護,幫你寫出企業(yè)級的PHP代碼。
一、為什么PHP開發(fā)需要專屬子代理?
1.1 PHP開發(fā)的獨特挑戰(zhàn)
PHP已經(jīng)不是10年前那個"簡單腳本語言"了,但很多人還在用老方式寫PHP:
// 場景對比:處理用戶登錄
// ? 通用Claude可能給你的代碼
<?php
$username = $_POST['username'];
$password = $_POST['password'];
$query = "SELECT * FROM users WHERE username='$username' AND password='$password'";
$result = mysql_query($query); // 已廢棄的函數(shù)!SQL注入風(fēng)險!
if (mysql_num_rows($result) > 0) {
$_SESSION['logged_in'] = true;
echo"Login successful";
}
// 問題:SQL注入、明文密碼、過時函數(shù)、沒有CSRF保護
// ? PHP子代理會給你的專業(yè)方案
<?php
declare(strict_types=1);
namespaceApp\Http\Controllers\Auth;
useApp\Models\User;
useApp\Http\Requests\LoginRequest;
useApp\Services\Auth\AuthenticationService;
useApp\Events\UserLoggedIn;
useIlluminate\Http\JsonResponse;
useIlluminate\Support\Facades\RateLimiter;
useSymfony\Component\HttpFoundation\Response;
finalclass LoginController extends Controller
{
publicfunction __construct(
private readonly AuthenticationService $authService
) {}
/**
* 處理用戶登錄請求
*
* @param LoginRequest $request 驗證過的請求對象
* @return JsonResponse
* @throws \Throwable
*/
publicfunction login(LoginRequest $request): JsonResponse
{
// 1. 速率限制檢查
$key = 'login:' . $request->ip();
if (RateLimiter::tooManyAttempts($key, 5)) {
return response()->json([
'message' => '登錄嘗試次數(shù)過多,請稍后再試',
'retry_after' => RateLimiter::availableIn($key)
], Response::HTTP_TOO_MANY_REQUESTS);
}
try {
// 2. 驗證憑據(jù)(自動處理密碼哈希驗證)
$credentials = $request->validated();
// 3. 嘗試認證
$result = $this->authService->attempt(
email: $credentials['email'],
password: $credentials['password'],
remember: $credentials['remember'] ?? false
);
if (!$result->success) {
RateLimiter::hit($key, 300); // 5分鐘窗口
return response()->json([
'message' => '郵箱或密碼錯誤',
'errors' => ['email' => ['認證失敗']]
], Response::HTTP_UNPROCESSABLE_ENTITY);
}
// 4. 清除速率限制
RateLimiter::clear($key);
// 5. 生成安全的會話/JWT令牌
$token = $result->token;
$user = $result->user;
// 6. 觸發(fā)登錄事件(用于日志、通知等)
event(new UserLoggedIn($user, $request->ip(), $request->userAgent()));
// 7. 返回響應(yīng)(包含CSRF令牌)
return response()->json([
'message' => '登錄成功',
'data' => [
'user' => $user->only(['id', 'name', 'email', 'avatar']),
'token' => $token,
'token_type' => 'Bearer',
'expires_in' => config('jwt.ttl') * 60
]
])->withHeaders([
'X-CSRF-TOKEN' => csrf_token()
]);
} catch (\Exception $e) {
// 8. 錯誤處理和日志
report($e);
return response()->json([
'message' => '登錄過程中發(fā)生錯誤,請稍后重試'
], Response::HTTP_INTERNAL_SERVER_ERROR);
}
}
}
// LoginRequest.php - 請求驗證
namespaceApp\Http\Requests;
useIlluminate\Foundation\Http\FormRequest;
useIlluminate\Validation\Rules\Password;
class LoginRequest extends FormRequest
{
publicfunction authorize(): bool
{
returntrue;
}
publicfunction rules(): array
{
return [
'email' => [
'required',
'email:rfc,dns',
'max:255'
],
'password' => [
'required',
Password::min(8)
->mixedCase()
->numbers()
->symbols()
],
'remember' => ['boolean'],
'captcha' => ['required_if:failed_attempts,>,3', 'captcha']
];
}
publicfunction messages(): array
{
return [
'email.required' => '請輸入郵箱地址',
'email.email' => '請輸入有效的郵箱地址',
'password.required' => '請輸入密碼',
'captcha.required_if' => '多次失敗后需要驗證碼'
];
}
}1.2 PHP子代理解決的五大痛點
痛點類型 | 具體問題 | 子代理解決方案 |
安全漏洞 | SQL注入、XSS攻擊 | 參數(shù)化查詢、自動轉(zhuǎn)義 |
性能問題 | N+1查詢、內(nèi)存泄漏 | 預(yù)加載、生成器優(yōu)化 |
代碼質(zhì)量 | 混亂的代碼結(jié)構(gòu) | PSR標(biāo)準(zhǔn)、設(shè)計模式 |
過時寫法 | 使用廢棄函數(shù) | PHP 8.3+現(xiàn)代特性 |
測試缺失 | 沒有單元測試 | PHPUnit完整覆蓋 |
1.3 通俗理解現(xiàn)代PHP
把PHP的發(fā)展比作汽車進化:
- PHP 5時代 = 手動擋汽車(什么都要自己做)
- PHP 7時代 = 自動擋汽車(性能翻倍,更易用)
- PHP 8時代 = 智能汽車(JIT編譯、屬性、聯(lián)合類型)
PHP子代理幫你直接開上"智能汽車"。
二、PHP子代理配置完全解析
2.1 配置文件雙語版本
英文原版(推薦使用)
---
name: php-developer
description: Develop modern PHP applications with advanced OOP, performance optimization, and security best practices. Specializes in Laravel, Symfony, and high-performance PHP patterns. Use PROACTIVELY for PHP-specific optimizations and enterprise applications.
model: sonnet
---
You are a PHP development expert specializing in modern PHP 8.3+ development with focus on performance, security, and maintainability.
## Modern PHP Expertise
- PHP 8.3+ features (readonly classes, constants in traits, typed class constants)
- Advanced OOP (inheritance, polymorphism, composition over inheritance)
- Trait composition and conflict resolution strategies
- Reflection API and attribute-based programming
- Memory optimization with generators and SPL data structures
- OpCache configuration and performance tuning
- Composer dependency management and PSR standards
- Security hardening and vulnerability prevention
## Framework Proficiency
1. Laravel ecosystem (Eloquent ORM, Artisan commands, queues)
2. Symfony components and dependency injection container
3. PSR compliance (PSR-4 autoloading, PSR-7 HTTP messages)
4. Doctrine ORM with advanced query optimization
5. PHPUnit testing with data providers and mocking
6. Performance profiling with Xdebug and Blackfire
7. Static analysis with PHPStan and Psalm
8. Code quality with PHP CS Fixer and PHPMD
## Security and Performance Focus
- Input validation and sanitization with filter functions
- SQL injection prevention with prepared statements
- XSS protection with proper output escaping
- CSRF token implementation and validation
- Password hashing with password_hash() and Argon2
- Rate limiting and brute force protection
- Session security and cookie configuration
- File upload security with MIME type validation
- Memory leak prevention and garbage collection tuning
## Enterprise Development
- Clean architecture with domain-driven design
- Repository pattern with interface segregation
- Event sourcing and CQRS implementation
- Microservices with API gateway patterns
- Database sharding and read replica strategies
- Caching layers with Redis and Memcached
- Queue processing with proper job handling
- Logging with Monolog and structured data
- Monitoring with APM tools and health checks
Build PHP applications that are secure, performant, and maintainable at enterprise scale. Focus on modern PHP practices while avoiding legacy patterns and security vulnerabilities.中文理解版(帶詳細注釋)
---
name: php-developer
description: 使用高級OOP、性能優(yōu)化和安全最佳實踐開發(fā)現(xiàn)代PHP應(yīng)用。專精Laravel、Symfony和高性能PHP模式。在PHP優(yōu)化和企業(yè)應(yīng)用時主動使用。
model: sonnet
---
你是一位PHP開發(fā)專家,專精現(xiàn)代PHP 8.3+開發(fā),專注于性能、安全和可維護性。
## 現(xiàn)代PHP專業(yè)技能 / Modern PHP Expertise
- PHP 8.3+特性(只讀類、trait中的常量、類型化類常量)
- 高級OOP(繼承、多態(tài)、組合優(yōu)于繼承)
- Trait組合和沖突解決策略
- 反射API和基于屬性的編程
- 使用生成器和SPL數(shù)據(jù)結(jié)構(gòu)進行內(nèi)存優(yōu)化
- OpCache配置和性能調(diào)優(yōu)
- Composer依賴管理和PSR標(biāo)準(zhǔn)
- 安全加固和漏洞預(yù)防
## 框架精通 / Framework Proficiency
1. Laravel生態(tài)系統(tǒng)(Eloquent ORM、Artisan命令、隊列)
2. Symfony組件和依賴注入容器
3. PSR合規(guī)(PSR-4自動加載、PSR-7 HTTP消息)
4. Doctrine ORM高級查詢優(yōu)化
5. PHPUnit測試與數(shù)據(jù)提供者和模擬
6. 使用Xdebug和Blackfire進行性能分析
7. 使用PHPStan和Psalm進行靜態(tài)分析
8. 使用PHP CS Fixer和PHPMD保證代碼質(zhì)量
## 安全和性能關(guān)注 / Security and Performance Focus
- 使用過濾函數(shù)進行輸入驗證和清理
- 使用預(yù)處理語句防止SQL注入
- 通過適當(dāng)?shù)妮敵鲛D(zhuǎn)義防止XSS
- CSRF令牌實現(xiàn)和驗證
- 使用password_hash()和Argon2進行密碼哈希
- 速率限制和暴力破解保護
- 會話安全和Cookie配置
- 使用MIME類型驗證的文件上傳安全
- 內(nèi)存泄漏預(yù)防和垃圾回收調(diào)優(yōu)
## 企業(yè)級開發(fā) / Enterprise Development
- 使用領(lǐng)域驅(qū)動設(shè)計的清潔架構(gòu)
- 帶接口隔離的倉儲模式
- 事件溯源和CQRS實現(xiàn)
- 帶API網(wǎng)關(guān)模式的微服務(wù)
- 數(shù)據(jù)庫分片和讀副本策略
- 使用Redis和Memcached的緩存層
- 適當(dāng)?shù)淖鳂I(yè)處理和隊列處理
- 使用Monolog和結(jié)構(gòu)化數(shù)據(jù)記錄日志
- 使用APM工具和健康檢查進行監(jiān)控
構(gòu)建安全、高性能、可維護的企業(yè)級PHP應(yīng)用。
專注于現(xiàn)代PHP實踐,同時避免遺留模式和安全漏洞。2.2 核心概念通俗解釋
// 1. 什么是PHP 8.3+新特性?
// 只讀類 - 類的所有屬性自動只讀
readonly class User {
publicfunction __construct(
public string $name,
public string $email
) {}
}
// 2. 什么是Trait?
// 就像"能力包",可以給類添加功能
trait Timestampable {
public DateTime $createdAt;
public DateTime $updatedAt;
publicfunction touch(): void {
$this->updatedAt = new DateTime();
}
}
class Post {
useTimestampable; // 獲得時間戳能力
}
// 3. 什么是生成器?
// 省內(nèi)存的迭代方式
function readLargeFile($file) {
$handle = fopen($file, 'r');
while (!feof($handle)) {
yield fgets($handle); // 一次只讀一行
}
fclose($handle);
}
// 4. 什么是依賴注入?
// 不要在類內(nèi)部創(chuàng)建依賴,而是從外部傳入
class UserService {
publicfunction __construct(
private UserRepository $repository // 注入依賴
) {}
}三、5分鐘快速配置指南
步驟1:打開子代理管理
# 在Claude Code中輸入
/agents步驟2:創(chuàng)建PHP專家
- 點擊 "Create New Agent"
- 選擇 **"User-level agent"**(全局可用)
步驟3:粘貼配置
選擇上面的英文版或中文版配置,完整粘貼
步驟4:配置工具權(quán)限
PHP開發(fā)需要的權(quán)限:
- ? Read - 讀取PHP文件
- ? Write - 創(chuàng)建新文件
- ? Edit - 修改代碼
- ? MultiEdit - 批量重構(gòu)
- ? Bash - 運行composer和artisan命令
步驟5:選擇標(biāo)識顏色
建議選擇 ?? 紫色(PHP的標(biāo)志色),保存配置
四、實戰(zhàn)案例:PHP子代理的強大能力
案例1:構(gòu)建高性能RESTful API
輸入指令:
創(chuàng)建一個商品管理的RESTful API,要考慮性能和安全PHP子代理輸出:
<?php
// app/Http/Controllers/Api/ProductController.php
declare(strict_types=1);
namespaceApp\Http\Controllers\Api;
useApp\Http\Controllers\Controller;
useApp\Http\Requests\Product\{StoreRequest, UpdateRequest};
useApp\Http\Resources\ProductResource;
useApp\Models\Product;
useApp\Services\ProductService;
useApp\Repositories\ProductRepository;
useIlluminate\Http\{JsonResponse, Resources\Json\AnonymousResourceCollection};
useIlluminate\Support\Facades\{Cache, DB};
useSymfony\Component\HttpFoundation\Response;
finalclass ProductController extends Controller
{
publicfunction __construct(
private readonly ProductService $productService,
private readonly ProductRepository $productRepository
) {
// 中間件配置
$this->middleware('auth:sanctum');
$this->middleware('throttle:api');
$this->middleware('cache.headers:public;max_age=300')->only(['index', 'show']);
}
/**
* 獲取商品列表(帶緩存和分頁)
*/
publicfunction index(): AnonymousResourceCollection
{
// 構(gòu)建緩存鍵
$cacheKey = 'products:' . md5(serialize(request()->all()));
$products = Cache::tags(['products'])->remember(
$cacheKey,
now()->addMinutes(10),
function () {
return$this->productRepository
->with(['category', 'brand']) // 預(yù)加載關(guān)聯(lián),避免N+1
->filter(request()->all())
->sortBy(request('sort', 'created_at'))
->paginate(request('per_page', 15));
}
);
return ProductResource::collection($products)
->additional([
'meta' => [
'available_filters' => $this->productRepository->getAvailableFilters(),
'cache_hit' => Cache::tags(['products'])->has($cacheKey)
]
]);
}
/**
* 創(chuàng)建新商品
*/
publicfunction store(StoreRequest $request): JsonResponse
{
try {
$product = DB::transaction(function () use ($request) {
// 1. 創(chuàng)建商品
$product = $this->productService->create(
$request->validated()
);
// 2. 處理圖片上傳
if ($request->hasFile('images')) {
$this->productService->attachImages(
$product,
$request->file('images')
);
}
// 3. 清除緩存
Cache::tags(['products'])->flush();
return $product;
});
return response()->json([
'message' => '商品創(chuàng)建成功',
'data' => new ProductResource($product->load(['category', 'brand', 'images']))
], Response::HTTP_CREATED);
} catch (\Exception $e) {
report($e);
return response()->json([
'message' => '創(chuàng)建商品失敗',
'error' => app()->isProduction() ? '服務(wù)器錯誤' : $e->getMessage()
], Response::HTTP_INTERNAL_SERVER_ERROR);
}
}
/**
* 獲取單個商品(帶緩存)
*/
publicfunction show(Product $product): ProductResource
{
// 使用緩存的查詢結(jié)果
$cachedProduct = Cache::tags(['products', "product:{$product->id}"])
->remember(
"product:{$product->id}:full",
now()->addHours(1),
fn() => $product->load([
'category',
'brand',
'images',
'variants',
'reviews' => fn($q) => $q->latest()->limit(5)
])
);
returnnew ProductResource($cachedProduct);
}
/**
* 更新商品
*/
publicfunction update(UpdateRequest $request, Product $product): JsonResponse
{
$this->authorize('update', $product);
try {
$updated = DB::transaction(function () use ($request, $product) {
$product = $this->productService->update(
$product,
$request->validated()
);
// 清除相關(guān)緩存
Cache::tags(['products', "product:{$product->id}"])->flush();
return $product;
});
return response()->json([
'message' => '商品更新成功',
'data' => new ProductResource($updated)
]);
} catch (\Exception $e) {
report($e);
return response()->json([
'message' => '更新失敗',
'error' => $e->getMessage()
], Response::HTTP_INTERNAL_SERVER_ERROR);
}
}
/**
* 刪除商品(軟刪除)
*/
publicfunction destroy(Product $product): JsonResponse
{
$this->authorize('delete', $product);
$this->productService->delete($product);
Cache::tags(['products', "product:{$product->id}"])->flush();
return response()->json([
'message' => '商品刪除成功'
], Response::HTTP_NO_CONTENT);
}
}
// app/Services/ProductService.php
<?php
declare(strict_types=1);
namespaceApp\Services;
useApp\Models\Product;
useApp\Repositories\ProductRepository;
useIlluminate\Http\UploadedFile;
useIlluminate\Support\Facades\Storage;
useIntervention\Image\Facades\Image;
finalclass ProductService
{
publicfunction __construct(
private readonly ProductRepository $repository
) {}
/**
* 創(chuàng)建商品(使用DTO模式)
*/
publicfunction create(array $data): Product
{
// 數(shù)據(jù)轉(zhuǎn)換和驗證
$productData = $this->prepareData($data);
// SKU生成
$productData['sku'] = $this->generateUniqueSku($data['name']);
// 創(chuàng)建商品
return$this->repository->create($productData);
}
/**
* 處理圖片上傳(多尺寸生成)
*/
publicfunction attachImages(Product $product, array $images): void
{
$imagePaths = [];
foreach ($images as $image) {
if (!$image instanceof UploadedFile) {
continue;
}
// 驗證MIME類型
if (!in_array($image->getMimeType(), ['image/jpeg', 'image/png', 'image/webp'])) {
thrownew \InvalidArgumentException('不支持的圖片格式');
}
// 生成文件名
$filename = $this->generateImageFilename($image);
// 創(chuàng)建多個尺寸
$sizes = [
'thumbnail' => [150, 150],
'medium' => [500, 500],
'large' => [1000, 1000]
];
foreach ($sizes as $sizeName => $dimensions) {
$resized = Image::make($image)
->fit($dimensions[0], $dimensions[1])
->encode('webp', 85);
$path = "products/{$product->id}/{$sizeName}_{$filename}.webp";
Storage::disk('public')->put($path, $resized);
$imagePaths[$sizeName] = $path;
}
// 保存原圖
$originalPath = "products/{$product->id}/original_{$filename}";
Storage::disk('public')->putFileAs(
"products/{$product->id}",
$image,
"original_{$filename}"
);
$imagePaths['original'] = $originalPath;
}
// 保存到數(shù)據(jù)庫
$product->images()->create($imagePaths);
}
/**
* 生成唯一SKU
*/
privatefunction generateUniqueSku(string $name): string
{
$base = strtoupper(substr(preg_replace('/[^A-Za-z0-9]/', '', $name), 0, 3));
$suffix = random_int(1000, 9999);
$sku = "PRD-{$base}-{$suffix}";
// 確保唯一性
while ($this->repository->exists(['sku' => $sku])) {
$suffix = random_int(1000, 9999);
$sku = "PRD-{$base}-{$suffix}";
}
return $sku;
}
privatefunction prepareData(array $data): array
{
// 數(shù)據(jù)清理和轉(zhuǎn)換
return [
'name' => trim($data['name']),
'description' => strip_tags($data['description'], '<p><br><strong><em>'),
'price' => (float) $data['price'],
'quantity' => (int) $data['quantity'],
'category_id' => $data['category_id'],
'brand_id' => $data['brand_id'] ?? null,
'is_active' => $data['is_active'] ?? true,
'meta' => $data['meta'] ?? []
];
}
privatefunction generateImageFilename(UploadedFile $file): string
{
return sprintf(
'%s_%s',
time(),
hash('sha256', $file->getClientOriginalName())
);
}
}看看PHP子代理自動實現(xiàn)了什么:
- ? PSR-4標(biāo)準(zhǔn)命名空間
- ? 依賴注入
- ? 倉儲模式
- ? 服務(wù)層架構(gòu)
- ? 緩存策略
- ? 事務(wù)處理
- ? 錯誤處理
- ? 安全驗證
- ? 性能優(yōu)化
案例2:實現(xiàn)安全的用戶認證系統(tǒng)
輸入:
創(chuàng)建一個安全的JWT認證系統(tǒng)PHP子代理輸出:
<?php
// app/Services/Auth/JwtAuthService.php
declare(strict_types=1);
namespaceApp\Services\Auth;
useApp\Models\User;
useFirebase\JWT\{JWT, Key, ExpiredException};
useIlluminate\Support\Facades\Hash;
finalclass JwtAuthService
{
privateconst ALGORITHM = 'HS256';
private string $secretKey;
private int $accessTokenTtl;
private int $refreshTokenTtl;
publicfunction __construct()
{
$this->secretKey = config('jwt.secret');
$this->accessTokenTtl = config('jwt.access_ttl', 900); // 15分鐘
$this->refreshTokenTtl = config('jwt.refresh_ttl', 604800); // 7天
}
/**
* 生成JWT令牌對
*/
publicfunction generateTokenPair(User $user): array
{
$accessToken = $this->generateAccessToken($user);
$refreshToken = $this->generateRefreshToken($user);
// 存儲刷新令牌的哈希值
$user->refresh_tokens()->create([
'token_hash' => hash('sha256', $refreshToken),
'expires_at' => now()->addSeconds($this->refreshTokenTtl),
'ip_address' => request()->ip(),
'user_agent' => request()->userAgent()
]);
return [
'access_token' => $accessToken,
'refresh_token' => $refreshToken,
'token_type' => 'Bearer',
'expires_in' => $this->accessTokenTtl
];
}
/**
* 驗證訪問令牌
*/
publicfunction validateAccessToken(string $token): ?User
{
try {
$decoded = JWT::decode($token, new Key($this->secretKey, self::ALGORITHM));
// 驗證令牌類型
if ($decoded->type !== 'access') {
returnnull;
}
// 檢查是否在黑名單中
if ($this->isTokenBlacklisted($token)) {
returnnull;
}
return User::find($decoded->sub);
} catch (ExpiredException $e) {
thrownew TokenExpiredException('訪問令牌已過期');
} catch (\Exception $e) {
returnnull;
}
}
/**
* 刷新訪問令牌
*/
publicfunction refreshAccessToken(string $refreshToken): array
{
try {
$decoded = JWT::decode($refreshToken, new Key($this->secretKey, self::ALGORITHM));
if ($decoded->type !== 'refresh') {
thrownew \InvalidArgumentException('無效的刷新令牌');
}
$user = User::find($decoded->sub);
if (!$user) {
thrownew \InvalidArgumentException('用戶不存在');
}
// 驗證刷新令牌是否有效
$tokenHash = hash('sha256', $refreshToken);
$storedToken = $user->refresh_tokens()
->where('token_hash', $tokenHash)
->where('expires_at', '>', now())
->where('revoked', false)
->first();
if (!$storedToken) {
thrownew \InvalidArgumentException('刷新令牌無效或已撤銷');
}
// 更新最后使用時間
$storedToken->update(['last_used_at' => now()]);
// 生成新的訪問令牌
return [
'access_token' => $this->generateAccessToken($user),
'token_type' => 'Bearer',
'expires_in' => $this->accessTokenTtl
];
} catch (\Exception $e) {
thrownew \InvalidArgumentException('刷新令牌無效: ' . $e->getMessage());
}
}
/**
* 撤銷所有令牌
*/
publicfunction revokeAllTokens(User $user): void
{
$user->refresh_tokens()->update(['revoked' => true]);
// 可選:添加到黑名單緩存
Cache::tags(['jwt:blacklist'])->put(
"user:{$user->id}:revoked",
true,
now()->addSeconds($this->refreshTokenTtl)
);
}
privatefunction generateAccessToken(User $user): string
{
$payload = [
'iss' => config('app.url'),
'sub' => $user->id,
'iat' => time(),
'exp' => time() + $this->accessTokenTtl,
'type' => 'access',
'jti' => $this->generateJti(),
'user' => [
'email' => $user->email,
'role' => $user->role
]
];
return JWT::encode($payload, $this->secretKey, self::ALGORITHM);
}
privatefunction generateRefreshToken(User $user): string
{
$payload = [
'iss' => config('app.url'),
'sub' => $user->id,
'iat' => time(),
'exp' => time() + $this->refreshTokenTtl,
'type' => 'refresh',
'jti' => $this->generateJti()
];
return JWT::encode($payload, $this->secretKey, self::ALGORITHM);
}
privatefunction generateJti(): string
{
return bin2hex(random_bytes(16));
}
privatefunction isTokenBlacklisted(string $token): bool
{
return Cache::tags(['jwt:blacklist'])->has(
'token:' . hash('sha256', $token)
);
}
}五、進階技巧:定制你的PHP子代理
5.1 針對特定框架優(yōu)化
Laravel專精版:
## Framework Proficiency
- Laravel 11全棧開發(fā)
- Livewire實時組件
- Inertia.js + Vue/React
- Laravel Octane性能加速
- Horizon隊列管理Symfony專精版:
## Framework Proficiency
- Symfony 7組件架構(gòu)
- API Platform構(gòu)建
- Messenger組件
- Doctrine ORM優(yōu)化
- Twig模板引擎5.2 添加團隊規(guī)范
## Team Standards
- 代碼風(fēng)格:PSR-12標(biāo)準(zhǔn)
- 命名規(guī)范:駝峰命名法
- 文檔:PHPDoc完整注釋
- 測試覆蓋:最低80%
- Git工作流:GitFlow六、常見問題解答
Q1:PHP子代理什么時候觸發(fā)?
觸發(fā)關(guān)鍵詞:
- PHP、Laravel、Symfony
- Composer、Artisan
- MySQL、數(shù)據(jù)庫
- API、Web開發(fā)
Q2:如何處理PHP版本兼容?
子代理會標(biāo)注版本要求:
// PHP 8.0+
#[Attribute]
class Route {}
// PHP 7.4兼容寫法
/** @Annotation */
class Route {}Q3:如何優(yōu)化PHP性能?
子代理會自動實現(xiàn):
- OpCache配置
- 查詢優(yōu)化
- 緩存策略
- 異步隊列
- 懶加載
Q4:如何確保代碼安全?
自動實施:
- 參數(shù)化查詢
- 輸入驗證
- CSRF保護
- XSS防護
- 密碼加密
七、性能提升數(shù)據(jù)
評估指標(biāo) | 通用Claude | PHP子代理 | 提升幅度 |
代碼規(guī)范 | 40% | 100% | +150% |
安全性 | 30% | 95% | +217% |
性能優(yōu)化 | 25% | 90% | +260% |
測試覆蓋 | 10% | 85% | +750% |
現(xiàn)代特性 | 35% | 100% | +186% |
八、總結(jié):PHP子代理的核心價值
這個PHP開發(fā)子代理帶來的價值:
- 現(xiàn)代化:使用PHP 8.3+最新特性
- 安全第一:默認防護各種漏洞
- 性能優(yōu)化:自動實施最佳實踐
- 框架精通:Laravel/Symfony專業(yè)水準(zhǔn)
- 企業(yè)就緒:可擴展的架構(gòu)設(shè)計
記住:PHP已經(jīng)不是"個人主頁"語言,而是驅(qū)動Facebook、WordPress等巨頭的企業(yè)級語言。這個子代理幫你寫出專業(yè)的PHP代碼。
責(zé)任編輯:武曉燕
來源:
前端達人
