- 安装composer包
composer require tymon/jwt-auth- 发布配置文件
php artisan vendor:publish --provider="Tymon\JWTAuth\Providers\LaravelServiceProvider"- 生成加密密钥
php artisan jwt:secret- 更新UserModel
<?php
namespace App\Models;
use Illuminate\Foundation\Auth\User as Authenticatable;
use Illuminate\Database\Eloquent\SoftDeletes;
use Illuminate\Notifications\Notifiable;
use Tymon\JWTAuth\Contracts\JWTSubject;
class UserModel extends Authenticatable implements JWTSubject
{
use Notifiable;
//软删除
use SoftDeletes;
protected $table = 'user';
protected $dateFormat = 'U';
const CREATED_AT = 'create_time';
const UPDATED_AT = 'update_time';
const DELETED_AT = 'delete_time';
//允许入库的字段,数组形式
// protected $fillable = [''];
//设置不允许入库字段
protected $guarded = [];
/**
* Get the identifier that will be stored in the subject claim of the JWT.
*
* @return mixed
*/
public function getJWTIdentifier()
{
return $this->getKey();
}
/**
* Return a key value array, containing any custom claims to be added to the JWT.
*
* @return array
*/
public function getJWTCustomClaims()
{
return [];
}
}-
注册 Facade(config/app.php)
'JWTAuth' => \Tymon\JWTAuth\Facades\JWTAuth::class,
'JWTFactory' => \Tymon\JWTAuth\Facades\JWTFactory::class,-
修改 auth.php(config/auth.php)
'guards' => [
'web' => [
'driver' => 'session',
'provider' => 'users',
],
'api' => [
'driver' => 'jwt', //这改成jwt
'provider' => 'apiUser',
'hash' => false,
],
],
'providers' => [
//名字与上面对应
'apiUser' => [
'driver' => 'eloquent',
'model' => \App\Models\UserModel::class,//模型改成自己使用的
],
// 'users' => [
// 'driver' => 'database',
// 'table' => 'users',
// ],
],- 创建Middleware
<?php
namespace App\Http\Middleware;
use Closure;
use Illuminate\Cookie\Middleware\EncryptCookies as Middleware;
use Illuminate\Support\Facades\Log;
use Tymon\JWTAuth\Exceptions\JWTException;
use Tymon\JWTAuth\Facades\JWTAuth;
class CheckLogin extends Middleware
{
public function handle($request, Closure $next)
{
try {
#检验 token 的有效性。
if(JWTAuth::parseToken()->check()) {
#token是有效的
#token 解析
$user = JWTAuth::parseToken()->toUser();
if ($user){
$data = $user->toArray();
}else{
return response()->json(['code' => 401, 'message' => MESSAGE_NEEDLOGIN]);
}
}else{
return response()->json(['code' => 401, 'message' => MESSAGE_NEEDLOGIN]);
}
$request->attributes->add(['user_info' => $data]);//后续请求 $request->get('user_info') 获取
return $next($request);
} catch (JWTException $e) {
Log::info($e->getMessage());
return response()->json(['code' => 401, 'message' => MESSAGE_NEEDLOGIN]);
}
// 在响应头中返回新的 token
//return $this->setAuthenticationHeader($next($request), $token);
}
}- App\Http\Kernel(配置check.login)
protected $routeMiddleware = [
'auth' => \App\Http\Middleware\Authenticate::class,
'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
'bindings' => \Illuminate\Routing\Middleware\SubstituteBindings::class,
'cache.headers' => \Illuminate\Http\Middleware\SetCacheHeaders::class,
'can' => \Illuminate\Auth\Middleware\Authorize::class,
'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class,
'password.confirm' => \Illuminate\Auth\Middleware\RequirePassword::class,
'signed' => \Illuminate\Routing\Middleware\ValidateSignature::class,
'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class,
'verified' => \Illuminate\Auth\Middleware\EnsureEmailIsVerified::class,
'check.login' => CheckLogin::class,
'switch_lang'=>\Illuminate\Session\Middleware\StartSession::class,//这里开启session
'lang'=>\App\Http\Middleware\LanguageMiddleware::class, //自己定义的切换语言包
];- 配置路由
Route::prefix('v1')->middleware(['check.login'])->group(function () {
Route::get('get/token',[TestController::class,'getToken']);
Route::get('get/user-info',[UserController::class,'userInfo']);
});© 版权声明
文章版权归作者所有,未经允许请勿转载。
THE END
