update: Auth Token 超时为 12h, 付款订单不可取消

app/models/store/StoreOrder.php

@@ -543,7 +543,9 @@ class StoreOrder extends BaseModel
      */
     public static function cancelOrder($order_id, $uid)
     {
-        $order = self::where('order_id', $order_id)->where('uid', $uid)->find();
+        //$order = self::where('order_id', $order_id)->where('uid', $uid)->find();
+        //comment 20201027 暂定不可取消已付款订单, 取消已付款订单意味着什么?^M
+        $order = self::where('order_id', $order_id)->where('uid', $uid)->where('paid',0)->find();
         if (!$order) return self::setErrorInfo('没有查到此订单');
         self::beginTrans();
         try {

crmeb/traits/JwtAuthModelTrait.php

@@ -29,7 +29,7 @@ trait JwtAuthModelTrait
             'aud' => $host,
             'iat' => $time,
             'nbf' => $time,
-            'exp' => strtotime('+ 3hour'),
+            'exp' => strtotime('+ 12hour'),
         ];
         $params['jti'] = compact('id', 'type');
         $token = JWT::encode($params, Config::get('app.app_key', 'default'));