作者:陈进坚
CSDN:https://blog.csdn.net/c_jian
简书:https://www.jianshu.com/u/8ba9ac5706b6
声明:有错欢迎纠正,转载请注明出处。
1.安装依赖
用composer安装依赖
composer require tymon/jwt-auth 1.*@rc
对于 Laravel 版本 低于 5.5 的应用,还要在 config/app.php 文件中设置服务提供者和别名
'providers' => [
....
Tymon\JWTAuth\Providers\JWTAuthServiceProvider::class,
....
],
'aliases' => [
....
'JWTAuth' => Tymon\JWTAuth\Facades\JWTAuth::class,
'JWTFactory' => 'Tymon\JWTAuth\Facades\JWTFactory',
....
],
2.发布配置文件
在命令执行下面的命令, 会生成 config/jwt.php 配置文件
php artisan vendor:publish --provider="Tymon\JWTAuth\Providers\LaravelServiceProvider"
3.生成加密密钥
在命令执行下面的命令,会在.env文件下生成一个加密密钥,如:JWT_SECRET=**********
php artisan jwt:secret
4.创建模型
创建你的用户表模型
php artisan make:model Models/User
创建完成后不要继承Model,而是继承User和JWTSubject,并实现getJWTIdentifier()和getJWTCustomClaims()方法,需要修改如下:
<?php
namespace App\Models;
use Illuminate\Notifications\Notifiable;
use Illuminate\Foundation\Auth\User as Authenticatable;
use Tymon\JWTAuth\Contracts\JWTSubject;
class User extends Authenticatable implements JWTSubject
{
use Notifiable;
public function getJWTIdentifier()
{
return $this->getKey();
}
public function getJWTCustomClaims()
{
return [];
}
}
5.设置表和字段
在上面创建的模型中设置你的用户表名称和验证字段
<?php
namespace App\Models;
use Illuminate\Notifications\Notifiable;
use Illuminate\Foundation\Auth\User as Authenticatable;
use Tymon\JWTAuth\Contracts\JWTSubject;
class User extends Authenticatable implements JWTSubject
{
use Notifiable;
protected $table = 'member';
protected $primaryKey = 'member_id';
protected $fillable = [
'name', 'email', 'password',
];
protected $hidden = [
'password',
];
public function getJWTIdentifier()
{
return $this->getKey();
}
public function getJWTCustomClaims()
{
return [];
}
}
6.修改 auth.php
修改config/auth.php认证方式为jwt,用户模型改为上面创建的模型
'guards' => [
'web' => [
'driver' => 'session',
'provider' => 'users',
],
'api' => [
'driver' => 'jwt',
'provider' => 'users',
],
],
...
'providers' => [
'users' => [
'driver' => 'eloquent',
'model' => App\Models\User::class,
],
],
7.注册路由
在route/api.php注册登录和注销接口的路由
Route::group([
'prefix' => 'auth'
], function ($router) {
$router->post('login', 'AuthController@login');
$router->get('logout', 'AuthController@logout');
$router->post('refresh', 'AuthController@refresh');
$router->get('userInfo', 'AuthController@userInfo');
});
8.创建控制器
在命令执行下面的命令创建认证控制器
php artisan make:controller AuthController
创建完控制器后实现路由中的几个方法
<?php
namespace App\Http\Controllers;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Hash;
use Tymon\JWTAuth\Facades\JWTAuth;
class AuthController extends Controller
{
public function __construct()
{
$this->middleware('auth:api', ['except' => ['login']]);
}
public function login(Request $request)
{
$credentials = $request->only('email', 'password');
if (! $token = JWTAuth::attempt($credentials)) {
return response()->json(['error' => '用户不存在或密码错误'], 401);
}
return $this->respondWithToken($token);
}
public function userInfo()
{
return response()->json(auth('api')->user());
}
public function logout()
{
auth('api')->logout();
return response()->json(['message' => 'Successfully logged out']);
}
public function refresh()
{
return $this->respondWithToken(auth('api')->refresh());
}
protected function respondWithToken($token)
{
return response()->json([
'access_token' => $token,
'token_type' => 'bearer',
'expires_in' => auth('api')->factory()->getTTL() * 60
]);
}
}
控制器创建完之后在postman等工具请求/index.php/api/auth/login方法即可返回access_token等数据
需要注意的是请求的Header需要添加参数Accept,值为application/json,不然的话如果不登录或者token失效情况下请求获取用户信息等接口会出现Route [login] not defined的报错。
9.路由中间件
如果你希望接口需要经过登录验证后才可以访问,那么可以在route/api.php设置路由使用中间件auth:api,这样每次接口被访问就会自动判断是否登录,未登录的接口会返回Unauthenticated,示例:
Route::group(['namespace' => 'Api','middleware'=>'auth:api'], function(){
Route::get('getUserId','UserController@getUserId');
});
|