1. 安裝類庫
<code> composer require firebase/php-jwt
/<code>
2. 登錄接口。
引入類庫(use Firebase\\JWT\\JWT; )->查詢數據庫用戶名、密碼正確->生成Token並返回
<code>public function login(Request $request)
{
$user_name = $request->get('username','');
$password = $request->get('password','');
$user = Users::where(['username' => $user_name,'password' => $password])->first();
if(!$user)
{
return response()->json('用戶名或密碼錯誤!');
}
unset($user['password']);
//登錄成功token
$token = $this->getJWTToken($user);
cache('user-'.$user['id'],$user);
return response()->json(['token' => $token]);
}
public function getJWTToken($value)
{
$time = time();
$payload = [
'iat' => $time,
'nbf' => $time,
'exp' => $time+7200,
'data' => [
'id' => $value['id'],
'username' => $value['user_name']
]
];
$key = env('JWT_SECRET');
$alg = 'HS256';
$token = JWT::encode($payload,$key,$alg);
return $token;
}/<code>
配置路由:
<code>Route::post('/login', 'Auth\\LoginController@login');/<code>結果如下:
3.創建驗證token是否合法的中間件 php artisan make:middleware AuthToken
文件代碼如下:
<code> public function handle($request, Closure $next)
{
$alg =
[
"typ" => "JWT", //聲明類型為jwt
"alg" => "HS256" //聲明簽名算法為SHA256
];
$jwt = $request->header('token');
$key = env('JWT_SECRET');
try{
JWT::decode($jwt,$key,$alg);
}
catch (\\Exception $e)
{
return response()->json('token無效:'.$e);
}
return $next($request);
}/<code>
在kernel.php文件中$routeMiddleware加入中間件
4.創建測試接口
路由配置:
<code>Route::get('/user', 'UsersController@index')->middleware('auth.token');/<code>
用登錄接口生成的token,寫入/user接口的header位置進行測試
如果token不正確,結果如下:具體的返回錯誤可以查看類庫中的JWT.php中decode方法中返回錯誤,然後自己改寫。
分享到:
閱讀更多 青春俠客 的文章
