測(cè)試使用的是Laravel5.5版本。
安裝
composer require tymon/jwt-auth=1.0.0-rc.5
配置
生成配置
php artisan vendor:publish --provider="Tymon\JWTAuth\Providers\LaravelServiceProvider" php artisan jwt:secret
auth配置
?php return [ ... 'defaults' => [ 'guard' => 'web', 'passwords' => 'users', ], 'guards' => [ 'web' => [ 'driver' => 'session', 'provider' => 'users', ], // 使用jwt 'api' => [ 'driver' => 'jwt', 'provider' => 'apiUser', ], ], 'providers' => [ ... // 指定model 'apiUser' => [ 'driver' => 'eloquent', 'model' => App\ApiUser::class, ], ], ];
編碼
控制器:
?php namespace App\Http\Controllers\Api; use App\ApiUser; use App\Http\Controllers\Controller; use Illuminate\Http\Request; use Tymon\JWTAuth\Facades\JWTAuth; class AuthController extends Controller { /** * 中間件去除login和refresh * * @return void */ public function __construct() { $this->middleware('auth:api', ['except' => ['login','refresh']]); } /** * Get a JWT via given credentials. * * @return \Illuminate\Http\JsonResponse */ public function login(Request $request) { $credentials = $request->only('phone', 'password'); if (count($credentials) 2) { return response()->json(['error' => 'Unauthorized'], 401); } $user = ApiUser::where('phone', $credentials['phone']) ->where('password', md5($credentials['password'])) ->first(); if (empty($user) || !$token = JWTAuth::fromUser($user)) { return response()->json(['error' => 'Unauthorized'], 401); } // dd($token); return $this->respondWithToken($token); } /** * Get the authenticated User. * * @return \Illuminate\Http\JsonResponse */ public function me() { return response()->json(auth('api')->user()); } /** * Log the user out (Invalidate the token). * * @return \Illuminate\Http\JsonResponse */ public function logout() { auth()->logout(); return response()->json(['message' => 'Successfully logged out']); } /** * Refresh a token. * * @return \Illuminate\Http\JsonResponse */ public function refresh() { return $this->respondWithToken(auth('api')->refresh()); } /** * Get the token array structure. * * @param string $token * * @return \Illuminate\Http\JsonResponse */ protected function respondWithToken($token) { return response()->json([ 'access_token' => $token, 'token_type' => 'bearer', 'expires_in' => auth('api')->factory()->getTTL() * 60 ]); } }
路由:
此處注意,我為了方便測(cè)試,使用了get方法,生產(chǎn)環(huán)境不建議使用get。
// routes/api.php Route::middleware('api')->prefix('auth')->namespace('Api')->group(function () { Route::get('login', 'AuthController@login'); Route::post('logout', 'AuthController@logout'); Route::get('refresh', 'AuthController@refresh'); Route::get('me', 'AuthController@me'); });
測(cè)試一下:
unauthenticated處理
這里需要注意下,unauthenticated處理一下比較好,否則會(huì)默認(rèn)跳轉(zhuǎn)login登錄頁(yè)面。
?php namespace App\Exceptions; use Exception; use Illuminate\Foundation\Exceptions\Handler as ExceptionHandler; use Illuminate\Auth\AuthenticationException; class Handler extends ExceptionHandler { ... protected function unauthenticated($request, AuthenticationException $exception) { return response()->json(['message' => 'Unauthenticated.'], 401); /*非api可以這么處理 return $request->expectsJson() ? response()->json(['message' => 'Unauthenticated.'], 401) : redirect()->guest(route('login')); */ } }
加入token refresh
加入中間件代碼:
?php namespace App\Http\Middleware; use Closure; use Tymon\JWTAuth\Facades\JWTAuth; use Tymon\JWTAuth\Exceptions\JWTException; use Illuminate\Auth\AuthenticationException; use Tymon\JWTAuth\Exceptions\TokenExpiredException; use Illuminate\Http\Exceptions\HttpResponseException; use Tymon\JWTAuth\Http\Middleware\BaseMiddleware; class RefreshToken extends BaseMiddleware { /** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { try{ //檢查請(qǐng)求中是否帶有token 如果沒有token值則拋出異常 $this->checkForToken($request); if ($request->user = JWTAuth::parseToken()->authenticate()) { return $next($request); } throw new AuthenticationException('Unauthorized', []); }catch (TokenExpiredException $exception){ //返回特殊的code throw new HttpResponseException(response()->json([ 'message' => 'token expired' ])); } catch (\Exception $exception) { throw new AuthenticationException('Unauthorized', []); } } }
注冊(cè):
?php namespace App\Http; use Illuminate\Foundation\Http\Kernel as HttpKernel; class Kernel extends HttpKernel { ... protected $routeMiddleware = [ 'token.refresh' => \App\Http\Middleware\RefreshToken::class, 'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class, 'bindings' => \Illuminate\Routing\Middleware\SubstituteBindings::class, 'can' => \Illuminate\Auth\Middleware\Authorize::class, 'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class, 'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class, ]; }
相應(yīng)的控制器構(gòu)造函數(shù)修改:
public function __construct() { $this->middleware('token.refresh', ['except' => ['login','refresh']]); }
把token時(shí)間設(shè)置成1分鐘,測(cè)試一下。
可以根據(jù)api返回,去調(diào)用刷新接口。
簡(jiǎn)單使用就是這樣啦。
總結(jié)
到此這篇關(guān)于Laravel配合jwt使用的文章就介紹到這了,更多相關(guān)Laravel配合jwt使用內(nèi)容請(qǐng)搜索腳本之家以前的文章或繼續(xù)瀏覽下面的相關(guān)文章希望大家以后多多支持腳本之家!
標(biāo)簽:孝感 那曲 濟(jì)源 哈密 阿里 北京 日照 池州
巨人網(wǎng)絡(luò)通訊聲明:本文標(biāo)題《Laravel配合jwt使用的方法實(shí)例》,本文關(guān)鍵詞 Laravel,配合,jwt,使,用的,;如發(fā)現(xiàn)本文內(nèi)容存在版權(quán)問題,煩請(qǐng)?zhí)峁┫嚓P(guān)信息告之我們,我們將及時(shí)溝通與處理。本站內(nèi)容系統(tǒng)采集于網(wǎng)絡(luò),涉及言論、版權(quán)與本站無關(guān)。