laravel接入jwt

jwt是什么?

JSON Web Token(缩写 JWT)是目前最流行的跨域认证解决方案。详细介绍文档

安装文档
composer require  tymon/jwt-auth
//生成配置文件
php artisan vendor:publish --provider="Tymon\JWTAuth\Providers\LaravelServiceProvider"
// 生成密钥
php artisan jwt:secret
配置模型和控制器
<?php

namespace App;

use Tymon\JWTAuth\Contracts\JWTSubject;
use Illuminate\Notifications\Notifiable;
use Illuminate\Foundation\Auth\User as Authenticatable;

class User extends Authenticatable implements JWTSubject
{
    use Notifiable;

    // Rest omitted for brevity

    /**
     * Get the identifier that will be stored in the subject claim of the JWT.
     *
     * @return mixed
     */
    public function getJWTIdentifier()
    {
        return $this->getKey();
    }

    /**
     * Return a key value array, containing any custom claims to be added to the JWT.
     *
     * @return array
     */
    public function getJWTCustomClaims()
    {
        return [];
    }
}

创建控制器 php artisan make:controller AuthController

<?php

namespace App\Http\Controllers;

use Illuminate\Support\Facades\Auth;
use App\Http\Controllers\Controller;

class AuthController extends Controller
{
    /**
     * Create a new AuthController instance.
     *
     * @return void
     */
    public function __construct()
    {
        $this->middleware('auth:api', ['except' => ['login']]);
    }

    /**
     * Get a JWT via given credentials.
     *
     * @return \Illuminate\Http\JsonResponse
     */
    public function login()
    {
        $credentials = request(['email', 'password']);

        if (! $token = auth()->attempt($credentials)) {
            return response()->json(['error' => 'Unauthorized'], 401);
        }

        return $this->respondWithToken($token);
    }

    /**
     * Get the authenticated User.
     *
     * @return \Illuminate\Http\JsonResponse
     */
    public function me()
    {
        return response()->json(auth()->user());
    }

    /**
     * Log the user out (Invalidate the token).
     *
     * @return \Illuminate\Http\JsonResponse
     */
    public function logout()
    {
        auth()->logout();

        return response()->json(['message' => 'Successfully logged out']);
    }

    /**
     * Refresh a token.
     *
     * @return \Illuminate\Http\JsonResponse
     */
    public function refresh()
    {
        return $this->respondWithToken(auth()->refresh());
    }

    /**
     * Get the token array structure.
     *
     * @param  string $token
     *
     * @return \Illuminate\Http\JsonResponse
     */
    protected function respondWithToken($token)
    {
        return response()->json([
            'access_token' => $token,
            'token_type' => 'bearer',
            'expires_in' => auth()->factory()->getTTL() * 60
        ]);
    }
}

修改路由配置文件

'defaults' => [
    'guard' => 'api',
    'passwords' => 'users',
],

...

'guards' => [
    'api' => [
        'driver' => 'jwt',
        'provider' => 'users',
    ],
],

配置路由文件api.php

Route::group([

    'middleware' => 'api',
    'prefix' => 'auth'

], function ($router) {

    Route::post('login', 'AuthController@login');
    Route::post('logout', 'AuthController@logout');
    Route::post('refresh', 'AuthController@refresh');
    Route::post('me', 'AuthController@me');

});

现在你可以通过访问(http://example.dev/auth/login)登陆接口:
在这里插入图片描述
验证请求的方式有两种:
1、Authorization: Bearer eyJhbGciOiJIUzI1NiI...
在这里插入图片描述
2、me?token=yeskfhkhdksf····

参考文档:
关方文档

Laravel中封装JWT(JSON Web Token)有如下几个步骤: 1. 首先,在路由中使用中间件来验证API登录状态。通过调用`Route::group`方法,并传入`middleware`参数和对应的中间件类,可以将需要验证登录状态的路由进行分组。例如: ``` Route::group(['middleware' => 'checkApiLogin'], function () { // 路由代码 }); ``` 2. 在中间件中编写代码,将token放入header中进行传输。在中间件的`handle`方法中,可以通过`$request->header('token')`来获取header中的token,将token存储在Redis中。如果token不存在,可以返回一个错误响应。如果token存在,则将解密后的用户ID传递给下一步处理。例如: ``` public function handle(Request $request, Closure $next) { $token = Redis::get('token'); if (!$token) { return response()->json(['code' => 500, 'msg' => 'token不存在', 'data' => []]); } $userId = JwtServer::decodeToken($token); if ($userId) { $request->attributes->add(['user_id' => $userId->user_id]); } else { return response()->json(['code' => 500, 'msg' => 'token过期', 'data' => []]); } return $next($request); } ``` 3. 实现生成token和解析token的功能。在相关的控制器类中,可以编写生成token和解析token的方法。生成token时,可以从请求参数中获取用户ID,调用`JwtServer::createToken`方法生成token,并将token存储在Redis中。解析token时,可以从Redis中获取token,调用`JwtServer::decodeToken`方法解析token,并获取用户ID。例如: ``` // 生成token public function createtoken() { $userId = request()->get('userId'); $token = JwtServer::createToken($userId); Redis::setex('token', 120, $token); dd($token); } // 获取ID public function decodeToken() { $token = Redis::get('token'); $userId = JwtServer::decodeToken($token); $userId = json_decode(json_encode($userId), true); dd($userId['user_id']); } public function Token() { dd('我口袋只剩玫瑰一片,此行山高又路远。'); } ``` 这样,就完成了在Laravel中封装JWT的相关步骤。<span class="em">1</span><span class="em">2</span><span class="em">3</span> #### 引用[.reference_title] - *1* *2* *3* [laravel8 实现接口鉴权封装使用JWT](https://blog.youkuaiyun.com/code_nutter/article/details/125984755)[target="_blank" data-report-click={"spm":"1018.2226.3001.9630","extra":{"utm_source":"vip_chatgpt_common_search_pc_result","utm_medium":"distribute.pc_search_result.none-task-cask-2~all~insert_cask~default-1-null.142^v93^chatsearchT3_2"}}] [.reference_item style="max-width: 100%"] [ .reference_list ]
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值