生成JWTAuth
获取最新版本生成
composer require tymon/jwt-auth
添加服务提供商(在config/app.php文件)
Tymon\JWTAuth\Providers\LaravelServiceProvider::class,
发布程序包配置文件
php artisan vendor:publish --provider="Tymon\JWTAuth\Providers\LaravelServiceProvider"
注意:配置之后就会生成config/jwt.php
生成秘钥
php artisan jwt:secret
这将使用以下方式更新.env文件JWT_SECRET=foobar
设置jwt对应的model
admin生成token
<?php namespace App\Http\Logics; use App\Http\Model\Admin; use Tymon\JWTAuth\Facades\JWTAuth; use Tymon\JWTAuth\Facades\JWTFactory; class AdminLogin extends BaseLogic { //登录之后生成token public static function login($request){ $input = $request->input(); $user = Admin::where(['account' => $input['account']])->first(); if (!$user) { return static::error("账号不存在"); } $customClaims = ['sub' => ["account" =>$user->account,'password'=>$user->password]]; $payload = JWTFactory::customClaims($customClaims)->make(); $token = JWTAuth::encode($payload)->get(); if (!$token) { return static::error("账号或密码错误", 4001); } return static::success($user, "登录成功", 200, $token); } }
建立token验证中间件
php artisan make:middleware CheckAdminToken
为路由分配中间件在 App\Http\Kernel 类中加入
'jwt.admin' => \App\Http\Middleware\Authenticate::class,//注意名称要和路由保持一致添加
添加中间件路由
Route::middleware('jwt.admin')->group(function () {
Route::apiResource("admins", "AdminController");//测试中间件是否成功的路由
});
postman测试生成token
验证token的有效性
<?php namespace App\Http\Middleware; use App\Http\Model\Admin; use Closure; use Tymon\JWTAuth\Exceptions\JWTException; use Tymon\JWTAuth\Exceptions\TokenExpiredException; use Tymon\JWTAuth\Facades\JWTAuth; class CheckAdminToken { /** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { try { $token = JWTAuth::getToken(); if (!$token) { return response()->json([ 'status_code' => 4001, 'message' => '未登录', ]); } $user_info =JWTAuth::setToken($token)->getPayload()->get('sub'); if ($user_info) { $user = Admin::where('account', $user_info->account)->first(); if ($user) { //如果想向控制器里传入用户信息,将数据添加到$request里面 $request->attributes->add(['userinfo' => $user]); //添加参数 } else { return response()->json([ 'status_code' => 4002, 'message' => '用户异常', ]); } } //其他地方获取用户值 //dd($request->atttibutes("userinfo");) return $next($request); } catch (TokenExpiredException $e) { try { $token = JWTAuth::refresh(); if ($token) { return response()->json([ 'status_code' => 4003, 'message' => '新token', 'token' => $token, ]); } } catch (JWTException $e) { return response()->json([ 'status_code' => 4004, 'message' => 'token无效', 'token' => '', ]); } } } }
postman测试
前端接口创建token验证
创建中间件
php artisan make:middleware CheckUserToken
分配路由
更改配置文件的名称config/auth.php
login登录生成token
public static function login($request){
$input = $request->input();
$user = User::where(['account' => $input['account']])->first();
if (!$user) {
return static::error("账号不存在");
}
$customClaims = ['sub' => ["account" =>$user->account,'password'=>$user->password]];
$payload = JWTFactory::customClaims($customClaims)->make();
$token = JWTAuth::encode($payload)->get();
if (!$token) {
return static::error("账号或密码错误", 4001);
}
return static::success($user, "登录成功", 200, $token);
}
//注意:JWTFactory和JWTAuth两个类的命名空间要写好
use Tymon\JWTAuth\Facades\JWTAuth;
use Tymon\JWTAuth\Facades\JWTFactory;
修改路由
注意:jwt.user是你分配路由的时候的名字
编写中间件中的内容再CheckUserToken中
<?php namespace App\Http\Middleware; use App\Http\Model\User; use Closure; use Tymon\JWTAuth\Exceptions\JWTException; use Tymon\JWTAuth\Facades\JWTAuth; class CheckUserToken {/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { try { $token = JWTAuth::getToken(); if (!$token) { return response()->json([ 'status_code' => 4001, 'message' => '未登录', ]); } $user_info =JWTAuth::setToken($token)->getPayload()->get('sub'); if ($user_info) { $user =User::where('account', $user_info->account)->first(); if ($user) { //如果想向控制器里传入用户信息,将数据添加到$request里面 $request->attributes->add(['userinfo' => $user]); //添加参数 } else { return response()->json([ 'status_code' => 4002, 'message' => '用户异常', ]); } } //其他地方获取用户值 //dd($request->atttibutes("userinfo");) return $next($request); } catch (TokenExpiredException $e) { try { $token = JWTAuth::refresh(); if ($token) { return response()->json([ 'status_code' => 4003, 'message' => '新token', 'token' => $token, ]); } } catch (JWTException $e) { return response()->json([ 'status_code' => 4004, 'message' => 'token无效', 'token' => '', ]); } } } }
建立需要验证token的路由
这是没有携带token所以提示未登录
携带token之后输出如下内容说明验证通过你前端调用接口时候都会携带登录后的token进入中间件,验证通过之后可以调用,验证没有通过提示未登录
