安装与配置
1.安装
composer require tymon/jwt-auth
2.发布配置
config中生成一个jwt的配置文件
php artisan vendor:publish --provider="Tymon\JWTAuth\Providers\LaravelServiceProvider"
3.生成密钥
这是将用于签署您的令牌的密钥
php artisan jwt:secret
使用
1.更新用户模型
<?php
namespace App\Models;
use Illuminate\Foundation\Auth\User as Authenticatable;
use Illuminate\Notifications\Notifiable;
use Spatie\Permission\Traits\HasRoles;
use Tymon\JWTAuth\Contracts\JWTSubject;
class ApiUserData extends Authenticatable implements JWTSubject
{
use Notifiable, HasRoles;
protected $table = "apiuser";
protected $guarded = [];
public function getJWTIdentifier()
{
return $this->getKey();
}
public function getJWTCustomClaims()
{
return [];
}
}
2.配置身份验证保护
在该config/auth.php文件中,您需要进行一些更改以配置 Laravel 以使用jwt防护来支持您的应用程序身份验证。
'guards' => [
'web' => [
'driver' => 'session',
'provider' => 'users',
],
'api' => [
'driver' => 'jwt',
'provider' => 'apiuser',
],
],
'providers' => [
'users' => [
'driver' => 'eloquent',
'model' => App\Models\User::class,
],
'apiuser' => [
'driver' => 'eloquent',
'model' => App\Models\ApiUserData::class,
],
],
3.路由的使用
Route::group(['namespace'=>'Api'], function ($router) {
Route::get('test/token', 'LoginController@testToken');
Route::post('refresh', 'LoginController@refresh');
});
Route::group(['namespace'=>'Api', 'middleware'=>'jwt.auth'], function ($router) {
Route::post('me', 'LoginController@me');
});
4.controller
<?php
namespace App\Http\Controllers\Api;
use App\Models\ApiUserData;
use App\Repositories\Api\LoginRepository;
use App\Util\ReturnCode;
use Illuminate\Http\Request;
class LoginController extends ApiController
{
protected $login;
public function __construct(LoginRepository $login)
{
$this->login = $login;
}
/**
* Notes: 生成测试token
* @param Request $request
* @return \Illuminate\Http\JsonResponse
*/
public function testToken(Request $request)
{
$user = ApiUserData::find(1);
return $this->buildResponse(ReturnCode::SUCCESS, ReturnCode::errorCode(ReturnCode::SUCCESS), ['token' => $this->login->login($user)]);
}
public function me()
{
return $this->buildResponse(ReturnCode::SUCCESS, ReturnCode::errorCode(ReturnCode::SUCCESS), Auth('api')->user());
}
/**
* Refresh a token.
*
* @return \Illuminate\Http\JsonResponse
*/
/**
* Refresh a token.
* 刷新token,如果开启黑名单,以前的token便会失效。
* 值得注意的是用上面的getToken再获取一次Token并不算做刷新,两次获得的Token是并行的,即两个都可用。
* @return \Illuminate\Http\JsonResponse
*/
public function refresh()
{
return $this->respondWithToken(auth('api')->refresh());
}
/**
* Get the token array structure.
*
* @param string $token
*
* @return \Illuminate\Http\JsonResponse
*/
protected function respondWithToken($token)
{
$return_data = [
'token' => 'bearer ' . $token,
'token_type' => 'bearer',
'expires_in' => auth('api')->factory()->getTTL() * 60
];
return $this->buildResponse(ReturnCode::SUCCESS, '成功!', $return_data);
}
}
5.实体类
<?php
namespace App\Repositories\Api;
use App\Repositories\BaseRepository;
use Tymon\JWTAuth\Facades\JWTAuth;
class LoginRepository extends BaseRepository
{
public function login($user)
{
return "bearer " . JWTAuth::fromUser($user);
}
}
测试
1.测试生成token
2.使用token访问接口
