Laravel - JWT登录与验证

参考文献：

/articles/10885/full-use-of-jwt

安装jwt-auth

# 建议使用1.0以上版本composer require tymon/jwt-auth 1.*@rc

发布配置

# 这条命令会在 config 下增加一个 jwt.php 的配置文件php artisan vendor:publish --provider="Tymon\JWTAuth\Providers\LaravelServiceProvider"

生成加密秘钥

# 这条命令会在 .env 文件下生成一个加密密钥，如：JWT_SECRET=foobarphp artisan jwt:secret

更新模型

<?phpnamespace App\Models;use Tymon\JWTAuth\Contracts\JWTSubject;use Illuminate\Notifications\Notifiable;use Illuminate\Foundation\Auth\User as Authenticatable;class User extends Authenticatable implements JWTSubject # 这里别忘了加{use Notifiable;// Rest omitted for brevity/*** Get the identifier that will be stored in the subject claim of the JWT.** @return mixed*/public function getJWTIdentifier(){return $this->getKey();}/*** Return a key value array, containing any custom claims to be added to the JWT.** @return array*/public function getJWTCustomClaims(){return [];}}

注册两个 Facade

这两个 Facade 并不是必须的，但是使用它们会给你的代码编写带来一点便利。

config/app.php

'aliases' => [...// 添加以下两行'JWTAuth' => 'Tymon\JWTAuth\Facades\JWTAuth','JWTFactory' => 'Tymon\JWTAuth\Facades\JWTFactory',],

修改 auth.php

'guards' => ['web' => ['driver' => 'session','provider' => 'users',],'api' => ['driver' => 'jwt', // 原来是 token 改成jwt'provider' => 'users',],],'providers' => ['users' => ['driver' => 'eloquent',//'model' => App\User::class,'model' => App\Models\User::class,],],

用户注册与登录

注意：创建用户的时候，需要对密码进行Hash::make()加密

<?phpnamespace App\Http\Controllers\Backend;use App\Dao\UsersDao;use App\Models\User;use Illuminate\Http\Request;use App\Http\Controllers\ApiResponse;use App\Http\Controllers\Controller;use Illuminate\Support\Facades\Validator;use Illuminate\Support\Facades\Hash;use Symfony\Component\HttpKernel\Exception\BadRequestHttpException;use Tymon\JWTAuth\Exceptions\JWTException;use Tymon\JWTAuth\Facades\JWTAuth;class LoginController extends Controller{use ApiResponse;protected $usersDao;public function __construct(){$this->usersDao = new UsersDao();}/*** 登录接口* @param Request $request* @return \Illuminate\Http\JsonResponse* @throws \GuzzleHttp\Exception\GuzzleException*/public function Login(Request $request){try{$account = $request->account;$password = $request->password;$credentials['account'] = $account;$credentials['password'] = $password;$token = JWTAuth::attempt($credentials);if (!$token) {throw new BadRequestHttpException('用户名或密码错误');}$user_name = $this->usersDao->getUserInfo($account,$password)->value('user_name');return $this->success(compact('user_name','account','token'));}catch (\Exception $e){return $this->failed($e->getMessage());}}/*** Get the authenticated User.** @return \Illuminate\Http\JsonResponse*/public function userInfo(Request $request){try {//检测会员是否已登录$token = $request->token = $request->header('X-API-Key');$request->headers->set('Authorization',"Bearer {$token}");$user = JWTAuth::parseToken()->touser();return $this->success($user);} catch (JWTException $e) {return $this->failed($e->getMessage());}}/*** 刷新token* @param Request $request* @return \Illuminate\Http\JsonResponse*/public function refreshToken(Request $request){try {//检测会员是否已登录$token = $request->token = $request->header('X-API-Key');$request->headers->set('Authorization',"Bearer {$token}");$newToken = JWTAuth::parseToken()->refresh();return $this->success($newToken);} catch (JWTException $e) {return $this->failed($e->getMessage());}}/*** 创建与编辑用户* @param $user_name* @param $account* @param $password*/public function updateOrCreateUser(Request $request){try{$validator = Validator::make($request->all(),['user_name' => 'bail|required|string|min:3|max:50','account' => 'bail|required|alpha_num|min:6|max:30','password' => 'bail|required|alpha_num|min:6|max:30']);if($error = $validator->errors()->first()){return $this->failed($error);}$input = $request->all();extract($input);$condition = ['account' => $account];$data = ['user_name'=> $user_name,'password'=> Hash::make($password),'show_password' => $password,];User::query()->updateOrCreate($condition,$data);return $this->success('操作成功');}catch (\Exception $e){return $this->failed($e->getMessage());}}}

创建中间件进行Token解析

<?phpnamespace App\Http\Middleware;use Closure;use App\Http\Controllers\ApiResponse;use Tymon\JWTAuth\Exceptions\JWTException;use Tymon\JWTAuth\Facades\JWTAuth;class Authenticate{use ApiResponse;/*** @param null* @param \Closure $scope* @param \Closure $next* @param \Illuminate\Http\Request $request* @throws \GuzzleHttp\Exception\GuzzleException* @return mixed*/public function handle($request, Closure $next){//检测会员是否已登录$token = $request->token = $request->header('X-API-Key');if (!$token) {return $this->failed('请求token缺失');}try {//重新设置请求头把token修改成j$request->headers->set('Authorization',"Bearer {$token}");$user = JWTAuth::parseToken()->touser();} catch (JWTException $e) {if($e->getMessage() == 'Wrong number of segments') {return $this->failed('签名令牌不合法,请重新登录',401);}if($e->getMessage() == 'Token has expired') {return $this->failed('令牌已过期,请重新登录',402);}if($e->getMessage() == 'Token Signature could not be verified.') {return $this->failed('无法验证令牌签名,请重新登录',403);}return $this->failed('token验证意外错误：' . $e->getMessage());}$request->setUserResolver(function () use ($user) {return $user;});return $next($request);}}