一、安装
1
| composer require tymon/jwt-auth
|
二、发布配置文件
1
| php artisan vendor:publish --provider="Tymon\JWTAuth\Providers\LaravelServiceProvider"
|
三、生成密钥
四、修改config的配置
在config/auth.php
中修改:
然后把providers
的users
模型类改成你的
五、生成中间件
1
| php artisan make:middleware JWTRoleAuth
|
六、配置中间件
白名单中值为路由的name,默认laravel
不给路由设置名字,比如:
1
| Route::get('student/list','\App\Http\Controllers\StudentController@getStudentList')->name('studentList');
|
api_response()
方法请看上一期
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45
| <?php
namespace App\Http\Middleware;
use Closure; use Tymon\JWTAuth\Facades\JWTAuth; use Tymon\JWTAuth\Exceptions\JWTException; use Tymon\JWTAuth\Exceptions\TokenExpiredException; use Tymon\JWTAuth\Exceptions\TokenInvalidException;
class JWTRoleAuth {
protected $except = [ 'login', 'register', 'logout' ];
public function handle($request, Closure $next) { $key = \Illuminate\Support\Facades\Route::currentRouteName(); if (!empty($key) && in_array($key, $this->except)) { return $next($request); }
try { if (!$user = JWTAuth::parseToken()->authenticate()) { return response(api_response(false, 1004, '无此用户')); } return $next($request); } catch (TokenExpiredException $e) { return response(api_response(false, 1003, 'token 过期')); } catch (TokenInvalidException $e) { return response(api_response(false, 1002, 'token 无效')); } catch (JWTException $e) { return response(api_response(false, 1001, '缺少token')); } } }
|
七、注册控制器
编辑App\Http\Kernel.php
文件
在api中间件注册:
八、修改控制器
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62
| <?php
namespace App\Http\Controllers;
use App\Models\User; use Illuminate\Support\Facades\Validator;
class UserController extends Controller { public function register() { $data = request()->only(['username', 'password']); $validator = Validator::make($data, [ 'username' => 'required', 'password' => 'required' ], [ 'username' => '用户名', 'password' => '密码' ]); if ($validator->fails()) { return api_response(false, 10001, $validator->errors()->first()); } $user = User::create($data); if($user){ return api_response(true, 0, '注册成功',$user); } return api_response(false, 30001, '注册失败');
}
public function login() { $credentials = request(['username', 'password']); if ($token = auth("api")->attempt($credentials)) { return api_response(false, 1000, '登录失败'); } return api_response(true, 0, '登录成功', $this->respondWithToken($token)); }
public function logout() { auth('api')->logout(); return api_response(true, 0, '注销登录成功'); }
protected function respondWithToken($token) { return response()->json([ 'access_token' => $token, 'token_type' => 'bearer', 'expires_in' => auth('api')->factory()->getTTL() * 60 ]); }
}
|