laravel5.5 dingo/api+jwt-auth
由於laravel5.5 具備發現包功能,只要包作了兼容laravel5.5就能夠不用在config/app.php添加額外代碼了。php
集成dingo/api
github:https://github.com/dingo/apicss
添加laravel
"dingo/api": "2.0.0-alpha1",
到項目下的composer.json文件的require配置項,而後git
composer update
生成配置文件到config/api.php:github
php artisan vendor:publish --provider="Dingo\Api\Provider\LaravelServiceProvider"
在.env配置文件中,設置dingo/api相關配置:web
API_STANDARDS_TREE=vnd // 環境 API_SUBTYPE=myapp // 子類型 API_PREFIX=api // 前綴 API_DOMAIN=api.myapp.com //子域名 (前綴和子域名只能存在一個) API_VERSION=v1 // 版本 API_NAME="My API" // 名字(使用API Blueprint命令纔會用到) API_CONDITIONAL_REQUEST=false // 帶條件的請求 API_STRICT=false // Strict模式 API_DEFAULT_FORMAT=json // 響應格式 API_DEBUG=true // 調試模式
注意:.env配置文件是不能有空格和註釋的!算法
dingo/api集成就完成json
集成jwt教程
添加api
"tymon/jwt-auth": "^1.0.0-rc.1"
到項目下的composer.json文件的require配置項,而後安全
composer update
而後發佈微調配置文件
php artisan vendor:publish --provider="Tymon\JWTAuth\Providers\LaravelServiceProvider"
將會在config文件夾生成jwt.php文件
在config/jwt.php中,你能夠配置如下選項:
- ttl:token有效期(分鐘)
- refresh_ttl:刷新token時間(分鐘)
- algo:token簽名算法
- user:指向User模型的命名空間路徑
- identifier:用於從token的sub中獲取用戶
- require_claims:必須出如今token的payload中的選項,不然會拋出
TokenInvalidException異常 - blacklist_enabled:若是該選項被設置爲false,那麼咱們將不能廢止token,即便咱們刷新了token,前一個token仍然有效
- providers:完成各類任務的具體實現,若是須要的話你能夠重寫他們
- User —— providers.user:基於sub獲取用戶的實現
- JWT —— providers.jwt:加密/解密token
- Authentication —— providers.auth:經過證書/ID獲取認證用戶
- Storage —— providers.storage:存儲token直到它們失效
而後運行:
php artisan jwt:secret
github :https://github.com/tymondesigns/jwt-auth
jwt.php配置詳解以下:
ttl:token有效期(分鐘)
refresh_ttl:刷新token時間(分鐘)
algo:token簽名算法
user:指向User模型的命名空間路徑
identifier:用於從token的sub中獲取用戶
require_claims:必須出如今token的payload中的選項,不然會拋出TokenInvalidException異常
blacklist_enabled:若是該選項被設置爲false,那麼咱們將不能廢止token,即便咱們刷新了token,前一個token仍然有效 providers:完成各類任務的具體實現,若是須要的話你能夠重寫他們 User —— providers.user:基於sub獲取用戶的實現 JWT —— providers.jwt:加密/解密token Authentication —— providers.auth:經過證書/ID獲取認證用戶 Storage —— providers.storage:存儲token直到它們失效
至此,jwt集成就完成了。
建立Token
建立用戶token最經常使用的方式就是經過登陸實現用戶認證,若是成功則返回相應用戶的token。這裏假設咱們有一個AuthenticateController:
use JWTAuth;
use Tymon\JWTAuth\Exceptions\JWTException;
class AuthenticateController extends Controller
{
public function authenticate(Request $request)
{
// grab credentials from the request
$credentials = $request->only('email', 'password');
try {
// attempt to verify the credentials and create a token for the user
if (! $token = JWTAuth::attempt($credentials)) {
return response()->json(['error' => 'invalid_credentials'], 401);
}
} catch (JWTException $e) {
// something went wrong whilst attempting to encode the token
return response()->json(['error' => 'could_not_create_token'], 500);
}
// all good so return the token
return response()->json(compact('token'));
}
}
有時候咱們還能夠直接經過用戶對象實例建立token:
// grab some user $user = User::first(); $token = JWTAuth::fromUser($user);
此外,還能夠使用Tymon\JWTAuth\PayloadFactory實例(或者JWTFactory門面)基於任意數據建立token:
$customClaims = ['foo' => 'bar', 'baz' => 'bob']; $payload = JWTFactory::make($customClaims); $token = JWTAuth::encode($payload);
還能夠使用方法鏈的方式:
// add a custom claim with a key of `foo` and a value of ['bar' => 'baz']
$payload = JWTFactory::sub(123)->aud('foo')->foo(['bar' => 'baz'])->make();
$token = JWTAuth::encode($payload);
用戶認證
用戶登陸成功以後,下一步就是發送一個包含token的請求來獲取用戶信息。
要經過http發送一個須要認證經過的請求,須要設置Authorization頭:
Authorization: Bearer {yourtokenhere}
若是用戶名/密碼沒有進行base64編碼那麼Apache彷佛會摒棄Authorization頭,要修復這一問題你能夠添加以下代碼到Apache配置文件:
RewriteEngine On
RewriteCond %{HTTP:Authorization} ^(.*)
RewriteRule .* - [e=HTTP_AUTHORIZATION:%1]
或者將token信息包含到URL中:
http://api.mysite.com/me?token={yourtokenhere}
要從請求中獲取token,你能夠這麼作:
// this will set the token on the object JWTAuth::parseToken();// and you can continue to chain methods $user = JWTAuth::parseToken()->authenticate();
要獲取該token值,你能夠這麼調用:
$token = JWTAuth::getToken();
若是token被設置則會返回,不然會嘗試使用方法從請求中解析token,若是token未被設置或不能解析最終返回false。
固然若是須要的話你還能夠手動設置token:
JWTAuth::setToken('foo.bar.baz');
從Token中獲取認證用戶:
// somewhere in your controller
public function getAuthenticatedUser()
{
try {
if (! $user = JWTAuth::parseToken()->authenticate()) {
return response()->json(['user_not_found'], 404);
}
} catch (Tymon\JWTAuth\Exceptions\TokenExpiredException $e) {
return response()->json(['token_expired'], $e->getStatusCode());
} catch (Tymon\JWTAuth\Exceptions\TokenInvalidException $e) {
return response()->json(['token_invalid'], $e->getStatusCode());
} catch (Tymon\JWTAuth\Exceptions\JWTException $e) {
return response()->json(['token_absent'], $e->getStatusCode());
}
// the token is valid and we have found the user via the sub claim
return response()->json(compact('user'));
}
jwt-auth擴展還提供了兩個中間件GetUserFromToken和RefreshToken,前者用於在請求頭和參數中檢查是否包含token,並嘗試對其解碼,後者會再次從請求中解析token,並順序刷新token(同時廢棄老的token)並將其做爲下一個響應的一部分。要使用這兩個中間件,須要到app/Http/Kernel.php下的$routeMiddleware屬性中註冊它們:
protected $routeMiddleware = [ ... 'jwt.auth' => 'Tymon\JWTAuth\Middleware\GetUserFromToken', 'jwt.refresh' => 'Tymon\JWTAuth\Middleware\RefreshToken', ];
JWT讓用戶認證變得簡單和安全,token會被保存到本地的storage/web或Cookie中,使用JWT,基於API的用戶認證將再也不困難。
測試dingo/api 和 jwt:
在routes/api.php文件添加:
// 接管路由 $api = app('Dingo\Api\Routing\Router'); // 配置api版本和路由 $api->version('v1', ['namespace' => 'App\Http\Api\V1\Controllers'], function ($api) { // 受權組 $api->group(['prefix' => 'auth'], function ($api) { //$api->post('register', 'AuthenticateController@register')->name('auth.register'); $api->post('register', 'AuthController@register'); $api->post('login', 'AuthController@login'); $api->post('logout', 'AuthController@logout'); $api->post('refresh', 'AuthController@refresh'); $api->post('me', 'AuthController@me'); $api->get('test', 'AuthController@test'); }); $api->get('test/testapi', 'UserController@test')->name('test'); $api->get('test/testjwt', 'UserController@testjwt')->name('testjwt'); $api->get('users/{id}', 'UserController@getUserInfo')->name('getUserInfo'); });
文件路徑:App\Http\Api\V1\Controllers\AuthController.php
<?php /** * Date: 17/10/12 * Time: 01:07 */ namespace App\Http\Api\V1\Controllers; use Illuminate\Http\Request; use Illuminate\Support\Facades\Auth; use Validator; use App\User; class AuthController extends BaseController { protected $guard = 'api';//設置使用guard爲api選項驗證,請查看config/auth.php的guards設置項,重要! /** * Create a new AuthController instance. * * @return void */ public function __construct() { $this->middleware('auth:api', ['except' => ['login','register']]); } public function test(){ echo "test!!"; } public function register(Request $request) { $rules = [ 'name' => ['required'], 'email' => ['required'], 'password' => ['required', 'min:6', 'max:16'], ]; $payload = $request->only('name', 'email', 'password'); $validator = Validator::make($payload, $rules); // 驗證格式 if ($validator->fails()) { return $this->response->array(['error' => $validator->errors()]); } // 建立用戶 $result = User::create([ 'name' => $payload['name'], 'email' => $payload['email'], 'password' => bcrypt($payload['password']), ]); if ($result) { return $this->response->array(['success' => '建立用戶成功']); } else { return $this->response->array(['error' => '建立用戶失敗']); } } /** * Get a JWT token via given credentials. * * @param \Illuminate\Http\Request $request * * @return \Illuminate\Http\JsonResponse */ public function login(Request $request) { $credentials = $request->only('email', 'password'); if ($token = $this->guard()->attempt($credentials)) { return $this->respondWithToken($token); } return $this->response->errorUnauthorized('登陸失敗'); } /** * Get the authenticated User * * @return \Illuminate\Http\JsonResponse */ public function me() { //return response()->json($this->guard()->user()); return $this->response->array($this->guard()->user()); } /** * Log the user out (Invalidate the token) * * @return \Illuminate\Http\JsonResponse */ public function logout() { $this->guard()->logout(); //return response()->json(['message' => 'Successfully logged out']); return $this->response->array(['message' => '退出成功']); } /** * Refresh a token. * * @return \Illuminate\Http\JsonResponse */ public function refresh() { return $this->respondWithToken($this->guard()->refresh()); } /** * Get the token array structure. * * @param string $token * * @return \Illuminate\Http\JsonResponse */ protected function respondWithToken($token) { return response()->json([ 'access_token' => $token, 'token_type' => 'bearer', 'expires_in' => $this->guard()->factory()->getTTL() * 60 ]); } /** * Get the guard to be used during authentication. * * @return \Illuminate\Contracts\Auth\Guard */ public function guard() { return Auth::guard($this->guard); } }
文件路徑:App\User.php 須要implements JWTSubject
<?php namespace App; use Tymon\JWTAuth\Contracts\JWTSubject; use Illuminate\Notifications\Notifiable; use Illuminate\Foundation\Auth\User as Authenticatable; class User extends Authenticatable implements JWTSubject { use Notifiable; /** * The attributes that are mass assignable. * * @var array */ protected $fillable = [ 'name', 'email', 'password', ]; /** * The attributes that should be hidden for arrays. * * @var array */ protected $hidden = [ 'password', 'remember_token', ]; // Rest omitted for brevity /** * Get the identifier that will be stored in the subject claim of the JWT. * * @return mixed */ public function getJWTIdentifier() { return $this->getKey(); } /** * Return a key value array, containing any custom claims to be added to the JWT. * * @return array */ public function getJWTCustomClaims() { return []; } }
記得要在config/auth.php修改
//設置默認使用的guard,此處設置爲api時,laravel 默認的auth登陸則沒法登陸成功哦,設置爲web才行 'defaults' => [ 'guard' => 'web', 'passwords' => 'users', ], 'guards' => [ 'web' => [ 'driver' => 'session', 'provider' => 'users', ], 'api' => [ 'driver' => 'jwt', 'provider' => 'users', ], ],
好了本身慢慢消化,我也是經歷好久的測試才得出的結果,未經容許請勿轉載!
參考:https://github.com/tymondesigns/jwt-auth/blob/docs/docs/quick-start.md
參考:https://github.com/tymondesigns/jwt-auth/issues/1316
參考:https://moell.cn/article/37
相關文章
- 1. laravel5.5
- 2. Laravel5.5+vue+elementUI
- 3. Laravel5.5 安裝 JWT
- 4. laravel5.5 後臺
- 5. laravel5.5更新到laravel5.7
- 6. Laravel5.5 數據填充
- 7. laravel5.5 文件上傳
- 8. Laravel5.5 新特性 preset
- 9. laravel5.5 視圖共享數據
- 10. laravel5.5之中間件詳解
- 更多相關文章...
相關標籤/搜索
每日一句
-
每一个你不满意的现在,都有一个你没有努力的曾经。
歡迎關注本站公眾號,獲取更多信息
相關文章