laravel jwt-auth的使用,和本站api原生登陆
2018年11月12日1安装组件
1 2 |
$ composer require tymon/jwt-auth:1.0.0-rc.2 $ php artisan jwt:secret |
修改config/auth.php
,将的 driver
改为 jwt
1 2 3 4 |
'api' => [ 'driver' => 'jwt', 'provider' => 'users', ], |
修改config/api.php
添加内容
1 2 3 4 5 6 7 8 9 10 11 12 |
/* |-------------------------------------------------------------------------- | Authentication Providers |-------------------------------------------------------------------------- | | The authentication providers that should be used when attempting to | authenticate an incoming API request. | */ 'auth' => [ 'jwt' => 'Dingo\Api\Auth\Provider\JWT', ], |
2.编辑模型
user 模型需要继承 Tymon\JWTAuth\Contracts\JWTSubject
接口,并实现接口的两个方法 getJWTIdentifier() 和 getJWTCustomClaims()。
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 |
<?php namespace App\Models; use Tymon\JWTAuth\Contracts\JWTSubject; #引入 use Illuminate\Notifications\Notifiable; use Illuminate\Foundation\Auth\User as Authenticatable; class User extends Authenticatable implements JWTSubject #继承 { public function getJWTIdentifier() #实现 { return $this->getKey(); } public function getJWTCustomClaims() #实现 { return []; } } |
测试一下
1 2 3 |
php artisan tinker $user = App\Models\User::first(); Auth::guard('api')->fromUser($user); |
3编辑路由routes/api.php
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 |
<?php use Illuminate\Http\Request; $api = app('Dingo\Api\Routing\Router'); /** * 设置命名空间和路由版本 */ $api->version('v1', ['namespace' => 'App\Http\Controllers\Api'], function ($api) { /** * 设置中间件和访问限制一分钟30次 */ $api->group(['middleware' => 'api.throttle', 'limit' => 30, 'expires' => 1], function ($api) { $api->post('/authorizations', 'AuthorizationsController@store')->name('api.authorizations.store'); /** * 需要登录才能访问的路由 */ $api->group(['middleware' => 'api.auth'], function ($api) { $api->post('/test', 'AuthorizationsController@test')->name('api.authorizations.test'); }); }); }); |
4创建控制器和,验证类
1 2 |
$ php artisan make:request Api/AuthorizationRequest $ php artisan make:controller Api/AuthorizationsController |
编辑验证类app/Http/Requests/Api/AuthorizationRequest.php
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 |
<?php namespace App\Http\Requests\Api; use Dingo\Api\Http\FormRequest; class AuthorizationRequest extends FormRequest { /** * Determine if the user is authorized to make this request. * * @return bool */ public function authorize() { return true; } /** * Get the validation rules that apply to the request. * * @return array */ public function rules() { return [ 'username' => 'required|string', 'password' => 'required|string|min:6', ]; } } |
编辑app/Http/Controllers/Api/AuthorizationsController.php
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 |
<?php namespace App\Http\Controllers\Api; use App\Models\User; use Illuminate\Http\Request; use App\Http\Requests\Api\AuthorizationRequest; class AuthorizationsController extends Controller { /** * 本地登陆 * @param AuthorizationRequest $request * @return mixed */ public function store(AuthorizationRequest $request) { $username = $request->username; filter_var($username, FILTER_VALIDATE_EMAIL) ? #是不是邮箱 $credentials['email'] = $username : $credentials['phone'] = $username; $credentials['password'] = $request->password; if (!$token = \Auth::guard('api')->attempt($credentials)) { #开始登陆,如果成功返回token return $this->response->errorUnauthorized('用户名或密码错误'); } return $this->respondWithToken($token); } /** * 返回用户数据Token的方法 * @param $token * @return mixed */ protected function respondWithToken($token) { return $this->response->array([ 'access_token' => $token, 'token_type' => 'Bearer', 'expires_in' => \Auth::guard('api')->factory()->getTTL() * 60 ]); } } |
刷新Token
添加路由
1 2 |
$api->put('authorizations/current', 'AuthorizationsController@update') ->name('api.authorizations.update'); #刷新用户token的路由 $api->delete('authorizations/current', 'AuthorizationsController@destroy') ->name('api.authorizations.destroy'); #删除用户token的路由 |
添加方法
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 |
/** * 更新token的方法 * @return mixed */ public function update() { $token = Auth::guard('api')->refresh(); return $this->respondWithToken($token); } /** * 删除token的方法 * @return mixed */ public function destroy() { Auth::guard('api')->logout(); return $this->response->noContent(); } |
测试