有时候项目是前后端分离的时候,需要进行接口校验,这里JWT是一个很好的工具,方便快捷。
- 思路:用户登录拿到token,之后需要登录的请求拿着token,并使用中间件解密,我这里在中间件同时进行了无痛刷新token,前端比对token值后进行替换存储下来,这样的好处就是不需要前端进行手动刷新token,方便业务流程。
- 安装JWT扩展包 https://github.com/lcobucci/jwt
composer require lcobucci/jwt
- 安装完成后 创建新的工具类 JwtAuth.php (方便操作token),放在App\Lib下,这里注意命名空间
<?php
namespace App\Lib;
use Lcobucci\JWT\Builder;
use Lcobucci\JWT\Parser;
use Lcobucci\JWT\Signer\Hmac\Sha256;
use Lcobucci\JWT\ValidationData;
class JwtAuth
{
private static $instance;
private $token;
private $decodeToken;
private $uid;
private $secrect = 'mBC5v1sOKVvbdEitdSBenu59nfNfhwkedkJVNabosTw';
private $iss = 'http://example.com';
private $aud = 'http://example.org';
private $id = '4f1g23a12aa';
public function getToken()
{
return (string)$this->token;
}
public function setToken($token)
{
$this->token = $token;
return $this;
}
public function setUid($uid)
{
$this->uid = $uid;
return $this;
}
public function getUid()
{
return $this->uid;
}
public function encode()
{
$time = time();
$this->token = (new Builder())
->setIssuer($this->iss)
->setAudience($this->aud)
->setId($this->id, true)
->setIssuedAt($time)
->setNotBefore($time + 1)
->setExpiration($time + 60)
->set('uid', $this->uid)
->sign(new Sha256(), $this->secrect)
->getToken(</