tp6中用中间件全局使用jwt
1.项目前提:tp6单应用
jwt:firebase/php-jwt
composer require firebase/php-jwt
需要文件与文件夹
app/common/jwtauth.php
<?php
// jwt验证
namespace app\common;
use Firebase\JWT\JWT;
use Firebase\JWT\Key;
use Firebase\JWT\ExpiredException;
use DomainException;
use InvalidArgumentException;
use UnexpectedValueException;
class JwtAuth
{
private static $key = 'example_key';
public static function generateToken($data)
{
$payload = [
'iss' => 'http://example.org',
'aud' => 'wcxt',
'nbf' => time()-2,//在此之前不可用
'iat' => time(),//发布时间
'exp' => time()+60,//过期时间
'data' => $data, //自定义
];
// self::$key调用上面的private static $key = 'example_key';
return JWT::encode($payload, self::$key, 'HS256');
}
public static function verifyToken($token)
{
try {
$decoded = JWT::decode($token, new Key(self::$key, 'HS256'));
return ['status' => 200,'msg' => 'token有效'];
} catch (SignatureInvalidException $e) { //签名不正确
return ['status' => 204,'msg' => '签名不正确'];
} catch (BeforeValidException $e) { // 签名在某个时间点之后才能用
return ['status' => 203,'msg' => 'token未生效'];
} catch (ExpiredException $e) { // token过期
return ['status' => 202,'msg' => '登录超时,请重新登录'];
} catch (Exception $e) { //其他错误
return ['status' => 500,'msg' => $e->getMessage()];
}
}
}
app/middleware/JwtAuthMiddleware.php
<?php
namespace app\middleware;
use app\common\JwtAuth;
use think\Request;
use Closure;
class JwtAuthMiddleware
{
public function handle(Request $request, Closure $next)
{
$request_uri = $_SERVER['REQUEST_URI'];//获取url
$pathinfos = explode('?',$request_uri)[0];//以url的?来分割url并且转化成数组
$pathinfo = strtolower($pathinfos);//全部小写
$white_list = [
'/usetoken/index',
'/usetoken/auth'
]; // 白名单,不用token验证
if(!in_array($pathinfo, $white_list)){
// 用户请求Token
$token = $request->header('Access-Token');
// 验证是否存在token
if (empty($token)) {
return json(['status'=>401,'msg'=>'token为空']);
} else {
$result = JwtAuth::verifyToken($token); //调用jwtauth.php下的验证函数
if($result['status']!=200){ // token正确时,执行接口的php
return json($result);
}
}
}
return $next($request);
}
}
app/middleware.php
<?php
// 全局中间件定义文件
return [
// 全局请求缓存
// \think\middleware\CheckRequestCache::class,
// 多语言加载
// \think\middleware\LoadLangPack::class,
// Session初始化
// \think\middleware\SessionInit::class
// token全局验证
\app\middleware\JwtAuthMiddleware::class,
];
tips:使用中间件后,token会在每次发送请求时自动执行中间件验证,因此对于不需要token验证的请求:1.设置白名单,2.route路由下设置需要使用的中间件(详情请看官方文档)