[开发测试]ThinkPhp6集成JWT的方法

第一步：

引入 php-jwt 包

composer require firebase/php-jwt

第二步：

控制器文件代码：app\controller\JWT.php

<?php
namespace app\controller;
use Firebase\JWT\ExpiredException;
use Firebase\JWT\JWT as JWTUtil;
use think\Exception;

class JWT
{
    /**
     * 根据json web token设置的规则生成token
     * @return \think\response\Json
     */
    static public function createjwt()
    {            
        $key = md5('dd'); //jwt的签发密钥，验证token的时候需要用到
        $time = time(); //签发时间
        $expire = $time + 14400; //过期时间
        $token = array(
            "user_id" => 1,
            "iss" => "http://www.najingquan.com/",//签发组织
            "aud" => "zz", //签发作者
            "iat" => $time,
            "nbf" => $time,
            "exp" => $expire
        );
        return JWTUtil::encode($token,$key);
    }

    /**
     * 验证token
     * @return \think\response\Json
     */
    static public function verifyjwt()
    {
        $jwt= input("jwt");
        $key = md5('dd'); //jwt的签发密钥，验证token的时候需要用到
        try {
            $jwtAuth = json_encode(JWTUtil::decode($jwt, $key, array("HS256")));
            $authInfo = json_decode($jwtAuth, true);
            if (!$authInfo['user_id']) {
                return json([
                    'msg'=>'失败',
                    'code'=>'600',
                    'data'=>'',
                ]);
            }
            return  json([
               'msg'=>'OK',
               'code'=>'200',
               'data'=>'',
            ]);
        } catch (ExpiredException $e) {
            throw new Exception('token过期');
        } catch (\Exception $e) {
            throw new Exception($e->getMessage());
        }
    }
    public static function getRequestToken()
    {
        if (empty($_SERVER['HTTP_AUTHORIZATION']))
        {
            return false;
        }
        $header = $_SERVER['HTTP_AUTHORIZATION'];
        $method = 'bearer';
        //去除token中可能存在的bearer标识
        return trim(str_ireplace($method,'',$header));
    }

}

第三步：

获取到请求头的 Authorization

<IfModule mod_rewrite.c>
  Options +FollowSymlinks -Multiviews
  RewriteEngine On
 
  RewriteCond %{REQUEST_FILENAME} !-d
  RewriteCond %{REQUEST_FILENAME} !-f
  RewriteRule ^(.*)$ index.php/?s=$1 [QSA,PT,L]
  #增加下面这项
  SetEnvIf Authorization .+ HTTP_AUTHORIZATION=$0
</IfModule>

第四步：

进行书写路由

<?php
use think\facade\Route;
Route::rule("jwt","jwt/createjwt","get");
Route::rule("verifyjwt","jwt/verifyjwt","post");

第五步：

生成 token

$token = JWT::createjwt();

第六步：

验证是否成功

//取出token
$token=JWT::getRequestToken();
 try {
       //校验token
       $data=JWT::verifyjwt($token);
     }catch (\Exception $exception){
      return json([
                'code'=>600,
                'msg'=>$exception->getMessage(),
                'data'=>'',
            ]);
     }