生成JWTAuth
獲取最新版本生成
composer require tymon/jwt-auth
添加服務提供商(在config/app.php文件)
Tymon\JWTAuth\Providers\LaravelServiceProvider::class,
發布程序包配置文件
php artisan vendor:publish --provider="Tymon\JWTAuth\Providers\LaravelServiceProvider"
注意:配置之后就會生成config/jwt.php
生成秘鑰
php artisan jwt:secret
這將使用以下方式更新.env文件JWT_SECRET=foobar
設置jwt對應的model
admin生成token
<?php namespace App\Http\Logics; use App\Http\Model\Admin; use Tymon\JWTAuth\Facades\JWTAuth; use Tymon\JWTAuth\Facades\JWTFactory; class AdminLogin extends BaseLogic { //登錄之后生成token public static function login($request){ $input = $request->input(); $user = Admin::where(['account' => $input['account']])->first(); if (!$user) { return static::error("賬號不存在"); } $customClaims = ['sub' => ["account" =>$user->account,'password'=>$user->password]]; $payload = JWTFactory::customClaims($customClaims)->make(); $token = JWTAuth::encode($payload)->get(); if (!$token) { return static::error("賬號或密碼錯誤", 4001); } return static::success($user, "登錄成功", 200, $token); } }
建立token驗證中間件
php artisan make:middleware CheckAdminToken
為路由分配中間件在 App\Http\Kernel 類中加入
'jwt.admin' => \App\Http\Middleware\Authenticate::class,//注意名稱要和路由保持一致添加
添加中間件路由
Route::middleware('jwt.admin')->group(function () {
Route::apiResource("admins", "AdminController");//測試中間件是否成功的路由
});
postman測試生成token
驗證token的有效性
<?php namespace App\Http\Middleware; use App\Http\Model\Admin; use Closure; use Tymon\JWTAuth\Exceptions\JWTException; use Tymon\JWTAuth\Exceptions\TokenExpiredException; use Tymon\JWTAuth\Facades\JWTAuth; class CheckAdminToken { /** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { try { $token = JWTAuth::getToken(); if (!$token) { return response()->json([ 'status_code' => 4001, 'message' => '未登錄', ]); } $user_info =JWTAuth::setToken($token)->getPayload()->get('sub'); if ($user_info) { $user = Admin::where('account', $user_info->account)->first(); if ($user) { //如果想向控制器里傳入用戶信息,將數據添加到$request里面 $request->attributes->add(['userinfo' => $user]); //添加參數 } else { return response()->json([ 'status_code' => 4002, 'message' => '用戶異常', ]); } } //其他地方獲取用戶值 //dd($request->atttibutes("userinfo");) return $next($request); } catch (TokenExpiredException $e) { try { $token = JWTAuth::refresh(); if ($token) { return response()->json([ 'status_code' => 4003, 'message' => '新token', 'token' => $token, ]); } } catch (JWTException $e) { return response()->json([ 'status_code' => 4004, 'message' => 'token無效', 'token' => '', ]); } } } }
postman測試
前端接口創建token驗證
創建中間件
php artisan make:middleware CheckUserToken
分配路由
更改配置文件的名稱config/auth.php
login登錄生成token
public static function login($request){
$input = $request->input();
$user = User::where(['account' => $input['account']])->first();
if (!$user) {
return static::error("賬號不存在");
}
$customClaims = ['sub' => ["account" =>$user->account,'password'=>$user->password]];
$payload = JWTFactory::customClaims($customClaims)->make();
$token = JWTAuth::encode($payload)->get();
if (!$token) {
return static::error("賬號或密碼錯誤", 4001);
}
return static::success($user, "登錄成功", 200, $token);
}
//注意:JWTFactory和JWTAuth兩個類的命名空間要寫好
use Tymon\JWTAuth\Facades\JWTAuth;
use Tymon\JWTAuth\Facades\JWTFactory;
修改路由
注意:jwt.user是你分配路由的時候的名字
編寫中間件中的內容再CheckUserToken中
<?php namespace App\Http\Middleware; use App\Http\Model\User; use Closure; use Tymon\JWTAuth\Exceptions\JWTException; use Tymon\JWTAuth\Facades\JWTAuth; class CheckUserToken {/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { try { $token = JWTAuth::getToken(); if (!$token) { return response()->json([ 'status_code' => 4001, 'message' => '未登錄', ]); } $user_info =JWTAuth::setToken($token)->getPayload()->get('sub'); if ($user_info) { $user =User::where('account', $user_info->account)->first(); if ($user) { //如果想向控制器里傳入用戶信息,將數據添加到$request里面 $request->attributes->add(['userinfo' => $user]); //添加參數 } else { return response()->json([ 'status_code' => 4002, 'message' => '用戶異常', ]); } } //其他地方獲取用戶值 //dd($request->atttibutes("userinfo");) return $next($request); } catch (TokenExpiredException $e) { try { $token = JWTAuth::refresh(); if ($token) { return response()->json([ 'status_code' => 4003, 'message' => '新token', 'token' => $token, ]); } } catch (JWTException $e) { return response()->json([ 'status_code' => 4004, 'message' => 'token無效', 'token' => '', ]); } } } }
建立需要驗證token的路由
這是沒有攜帶token所以提示未登錄
攜帶token之后輸出如下內容說明驗證通過你前端調用接口時候都會攜帶登錄后的token進入中間件,驗證通過之后可以調用,驗證沒有通過提示未登錄
