一、版本说明,composer.json文件如下:
二、安装lumen (https://lumen.laravel-china.org/)
1、执行命令:composer create-project --prefer-dist laravel/lumen api ,新建一个lumen api项目
2、配置nginx vhost,内容如下:
server {
listen 80;
server_name api.lumen.tangzw.com;
root D:/workspace/lumen/api/public;
index index.php;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location ~ \.php($|/){
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
include fastcgi.conf;
}
}
3、修改lumen配置文件(.env)
设置一个32位的APP_KEY,其他配置(如数据库配置)根据自己的实际情况进行配置
4、在浏览器中访问看到Lumen (5.4.3) (Laravel Components 5.4.*)的输出,说明lumen安装成功
二、整合dingo/api (https://github.com/dingo/api)
1、在composer.json中的require下添加 “dingo/api”: "1.0.*@dev",执行composer update命令安装dingo/api扩展包
2、配置dingo/api,可参照dingo/api的github上的wiki页面,我的配置如下(.env):
#dingo api
API_STANDARDS_TREE=vnd
API_PREFIX=api
API_STRICT=false
API_DEBUG=true
API_VERSION=v1
API_SUBTYPE=lumen
3、找到 文件中的Register Service Providers项,添加 $app->register(Dingo\Api\Provider\LumenServiceProvider::class);
4、到这一步dingo/api已经安装完成,我们可以写两个demo测试一下,打开路由文件(routes/web.php)添加如下路由:
//Dingo API 路由
$api = app('Dingo\Api\Routing\Router');
$api->version('v1', ['namespace' => 'App\Http\Controllers\V1'], function($api){
//测试
$api->get('test', function(){
return 'hi Evan';
});
});
$api->version('v2', ['namespace' => 'App\Http\Controllers\V2'], function($api){
//测试
$api->get('test', function(){
return 'hi Tang Zhao Wen';
});
});
使用postman访问测试,可以通过设置不同的Accept值访问不同版本的接口(Accep:tapplication/vnd.{API_SUBTYPE}.{VERSION}+json)
a、访问V1版接口
b、访问V2版接口
三、整合JWT-Auth (https://github.com/tymondesigns/jwt-auth)
1、在composer.json中的require下添加 "tymon/jwt-auth": "1.0.*@dev",执行composer update命令安装jwt-auth扩展包,目前稳定版为0.5,由于0.5对lumen5.4不太兼容,会 出现很多问题,所以这里使用最新的1.0版(非稳定版)
2、修改bootstrap/app.php文件:
a、去掉$app->withFacades();前的注释
b、去掉$app->withEloquent();前的注释
c、找到 Register Service Providers项,添加 $app->register(Tymon\JWTAuth\Providers\LumenServiceProvider::class);
6、执行php artisan jwt:secret 命令生成jwt的secret
7、在项目根目录下 新建一个config目录,复制vendor/laravel/lumen-framework/config/auth.php到config目录下,修改内容如下:
<?php
return [
/*
|--------------------------------------------------------------------------
| Authentication Defaults
|--------------------------------------------------------------------------
|
| This option controls the default authentication "guard" and password
| reset options for your application. You may change these defaults
| as required, but they're a perfect start for most applications.
|
*/
'defaults' => [
'guard' => env('AUTH_GUARD', 'api'),
'passwords' => 'users',
],
/*
|--------------------------------------------------------------------------
| Authentication Guards
|--------------------------------------------------------------------------
|
| Next, you may define every authentication guard for your application.
| Of course, a great default configuration has been defined for you
| here which uses session storage and the Eloquent user provider.
|
| All authentication drivers have a user provider. This defines how the
| users are actually retrieved out of your database or other storage
| mechanisms used by this application to persist your user's data.
|
| Supported: "token"
|
*/
'guards' => [
'api' => [
'driver' => 'jwt',
'provider' => 'users'
],
],
/*
|--------------------------------------------------------------------------
| User Providers
|--------------------------------------------------------------------------
|
| All authentication drivers have a user provider. This defines how the
| users are actually retrieved out of your database or other storage
| mechanisms used by this application to persist your user's data.
|
| If you have multiple user tables or models you may configure multiple
| sources which represent each model / table. These sources may then
| be assigned to any extra authentication guards you have defined.
|
| Supported: "database", "eloquent"
|
*/
'providers' => [
'users' => [
'driver' => 'eloquent',
'model' => \App\User::class,
],
],
/*
|--------------------------------------------------------------------------
| Resetting Passwords
|--------------------------------------------------------------------------
|
| Here you may set the options for resetting passwords including the view
| that is your password reset e-mail. You may also set the name of the
| table that maintains all of the reset tokens for your application.
|
| You may specify multiple password reset configurations if you have more
| than one user table or model in the application and you want to have
| separate password reset settings based on the specific user types.
|
| The expire time is the number of minutes that the reset token should be
| considered valid. This security feature keeps tokens short-lived so
| they have less time to be guessed. You may change this as needed.
|
*/
'passwords' => [
//
],
];
<?php namespace App; use Illuminate\Auth\Authenticatable; use Laravel\Lumen\Auth\Authorizable; use Illuminate\Database\Eloquent\Model; use Illuminate\Contracts\Auth\Authenticatable as AuthenticatableContract; use Illuminate\Contracts\Auth\Access\Authorizable as AuthorizableContract; use Tymon\JWTAuth\Contracts\JWTSubject; class User extends Model implements JWTSubject, AuthenticatableContract, AuthorizableContract { use Authenticatable, Authorizable; protected $table = 'users'; /** * The attributes that are mass assignable. * * @var array */ protected $fillable = [ 'name', 'email', ]; /** * The attributes excluded from the model's JSON form. * * @var array */ protected $hidden = [ 'password', ]; public function getJWTIdentifier() { return $this->getKey(); } public function getJWTCustomClaims() { return []; } }
9、修改app/Providers/AuthServiceProvider.php
<?php
namespace App\Providers;
use App\User;
use Illuminate\Support\Facades\Gate;
use Illuminate\Support\ServiceProvider;
class AuthServiceProvider extends ServiceProvider
{
/**
* Register any application services.
*
* @return void
*/
public function register()
{
//
}
/**
* Boot the authentication services for the application.
*
* @return void
*/
public function boot()
{
// Here you may define how you wish users to be authenticated for your Lumen
// application. The callback which receives the incoming request instance
// should return either a User instance or null. You're free to obtain
// the User instance via an API token or any other method necessary.
$this->app['auth']->viaRequest('api', function ($request) {
return \App\User::where('email', $request->input('email'))->first();
});
}
}
10、编写一个类获取token
<?php
/** * JWT权限控制 * Author: Evan <tangzwgo@gmail.com> * Since: 2017/2/9 */ namespace App\Http\Controllers\Auth; use App\Http\Controllers\BaseController; use Illuminate\Http\Request; use Tymon\JWTAuth\JWTAuth; use Tymon\JWTAuth\Exceptions\TokenExpiredException; use Tymon\JWTAuth\Exceptions\TokenInvalidException; use Tymon\JWTAuth\Exceptions\JWTException; class AuthenticateController extends BaseController { /** * @var \Tymon\JWTAuth\JWTAuth */ protected $jwt; public function __construct(JWTAuth $jwt) { $this->jwt = $jwt; } /** * 获取token * @param Request $request * @return \Illuminate\Http\JsonResponse */ public function authenticate(Request $request) { $this->validate($request, [ 'email' => 'required|email|max:255', 'password' => 'required', ]); try { if (! $token = $this->jwt->attempt($request->only('email', 'password'))) { return response()->json(['user_not_found'], 404); } } catch (TokenExpiredException $e) { return response()->json(['token_expired'], 500); } catch (TokenInvalidException $e) { return response()->json(['token_invalid'], 500); } catch (JWTException $e) { return response()->json(['token_absent' => $e->getMessage()], 500); } return response()->json(compact('token')); } }
11、添加一个路由
$api->version(['v1', 'v2'], ['namespace' => 'App\Http\Controllers\Auth'], function($api){ //获取token $api->post('auth/token', 'AuthenticateController@authenticate'); });
12、测试