该博客主要围绕PHP Laravel项目展开JWT认证的配置与测试。内容涵盖安装JWT、配置.env文件、新增JWT配置文件和密钥,还涉及修改相关模型和配置文件。此外,生成测试用户,创建控制器和中间件,添加路由,最后用Postman测试请求,使用登录的access_token获取用户信息。
1.安装jwt
composer require tymon/jwt-auth
2.配置.env
3.打开config/app.php
分别在providers数组、aliases数组新增以下配置
Tymon\JWTAuth\Providers\LaravelServiceProvider::class,
'JWTAuth' => Tymon\JWTAuth\Facades\JWTAuth::class,
'JWTFactory' => Tymon\JWTAuth\Facades\JWTFactory::class,
如图:
4.新增jwt配置文件
php artisan vendor:publish --provider="Tymon\JWTAuth\Providers\LaravelServiceProvider"
5.生成jwt密钥
php artisan jwt:secret
6.在.env文件新增jwt密钥
7.打开app\Models\User文件,设字段情况更改成以下代码
<?php
namespace App\Models;
use DateTimeInterface;
use Illuminate\Contracts\Auth\MustVerifyEmail;
use Illuminate\Database\Eloquent\Factories\HasFactory;
use Illuminate\Foundation\Auth\User as Authenticatable;
use Illuminate\Notifications\Notifiable;
use Laravel\Sanctum\HasApiTokens;
use Tymon\JWTAuth\Contracts\JWTSubject;
class User extends Authenticatable implements JWTSubject
{
use HasApiTokens, HasFactory, Notifiable;
use HasApiTokens, HasFactory, Notifiable;
const UPDATED_AT = 'updated_date';
/**
* The attributes that are mass assignable.
*
* @var array<int, string>
*/
protected $fillable = [
'username',
'phone',
'password',
];
/**
* The attributes that should be hidden for serialization.
*
* @var array<int, string>
*/
protected $hidden = [
'password',
'remember_token',
];
/**
* The attributes that should be cast.
*
* @var array<string, string>
*/
protected $casts = [
'updated_date' => 'datetime'
];
//实现 JWTSubject接口 两个函数
public function getJWTIdentifier(){
return $this->getKey();
}
public function getJWTCustomClaims(){
return [];
}
protected function serializeDate(DateTimeInterface $date)
{
return $date->format('Y-m-d H:i:s');
}
}
8.打开config/auth.php文件,在providers、guards数组新增api数组
'guards' => [
'web' => [
'driver' => 'session',
'provider' => 'users',
],
'api' => [
'driver' => 'jwt',//token修改成jwt
'provider' => 'users',
'hash' => false,
],
],
'providers' => [
'users' => [
'driver' => 'eloquent',
'model' => App\Models\User::class,
],
'api' => [
'driver' => 'jwt',
'provider' => 'users',
'hash' => false,
],
],
9.打开app\Providers\RouteServiceProvider文件,将$namespace注释去掉
10.生成demo测试用户,在app\Console目录下新增Commands的目录,并创建CreateDemoUser 类
<?php
namespace App\Console\Commands;
use App\Models\User;
use Illuminate\Console\Command;
use Illuminate\Support\Facades\DB;
use \Illuminate\Support\Facades\Hash;
class CreateDemoUser extends Command
{
protected $signature = 'create:demouser {--phone=} {--pwd=} {--username=}';
protected $description = '创建测试用户';
public function __construct()
{
parent::__construct();
}
public function handle(){
//$param1 = $this->argument('param1');
$phone = $this->option('phone');
$pwd = $this->option('pwd');
$username = $this->option('username');
if(empty($phone)){
echo "phone参数不能为空"; exit;
}
if(empty($pwd)) {
echo "pwd参数不能为空"; exit;
}
$info = DB::table("users")->where("phone",$phone)->first();
if(!empty($info)){
echo $phone."手机号码存在"; exit;
}
$data = [
'phone' => $phone,
'username' => $username ?? "管理员",
'status' => 100,
'created_date' => date("Y-m-d HH:i:s"),
'updated_date' => date("Y-m-d HH:i:s"),
'password' => Hash::make($pwd),
];
DB::table("users")->insert($data);
echo "添加成功";
}
}
11.查看命令是否成功,执行CreateDemoUser 命令
php artisan list
执行生成用户命令
php artisan create:demouser --phone=13811121112 --pwd=123456
12.创建LoginController
<?php
namespace App\Http\Controllers\UserCenter;
use App\Http\Utils\PhoneUtils;
use App\Http\Utils\SmsUtils;
use App\Http\Utils\UserUtils;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\DB;
class LoginController
{
const all_users = "api";
public static function login(Request $request){
$data=$request->all()
try {
$messages = [
'phone.required' => '手机号不能为空!',
'phone.max' => '手机号最长11-13位!',
'password.required' => '密码不能为空!',
'password.min' => '密码最短为6位!',
'password.max' => '密码最长16位!',
// 'smscode.required' => '验证码不能为空!',
// 'smscode.size' => '验证码是六位数字!',
];
$validateData=Validator::make($data,[
'phone' => 'required|max:13',
'password' => 'required|min:6|max:20',
// 'smscode' => 'required|size:6',
],$messages);
if($validateData->fails()) throw new \Exception($validateData->errors()->first(),400);
$phone = $data['phone'] ?? '';
$smscode = $data['smscode'] ?? '';
// $ret = SmsUtils::VerifyCode($phone,$smscode,0);
// if(!$ret) return ['code' => 400,'msg' => '手机验证码错误'];
$users_info = User::query()->selectRaw("id,phone,password,remember_token,status
,store_4s_id,username")->where('phone','=',$phone)->first();
if(!$users_info) throw new \Exception("请添加账号!",400);
if($users_info->status!=100)throw new \Exception("登录失败,账号已经被停用!",400);
$token = Auth::guard(self::all_users)->fromUser($users_info);
if ($token) {
$data = [
'access_token' => $token,
'token_type' => 'bearer',
'expires_in' => auth(self::all_users)->factory()->getTTL()
];
return ['code' => 200,'data' =>$data ];
}
return ['code' => 400,'msg' => "登录异常" ];
}catch (\Exception $exception){
return ["code" => 400,"msg" => $exception->getMessage()];
}
}
/**
* 获取手机验证码
* @return void
*/
public function get_sms_code(Request $request){
$phone = $request->phone;
if(!$phone) return ['code' => 400,'msg' => '手机号码不能为空'];
if(!PhoneUtils::VerifyPhone($phone)){
return ['code' => 400,'msg' => '手机号码格式不正确'];
}
$users_info=DB::table('users')->where([['phone','=',$phone]])->exists ();
if( !$users_info){
return ['code' => 400,'msg' => '该手机号码还未注册'];
}
return SmsUtils::send_phone_code($phone,0);
}
}
13.打开routes/api.php文件,添加
Route::any('/login', 'UserCenter\LoginController@login');
14.postman 请求成功
15.新增登录拦截中间件,在app\Http\Middleware 目录下新增 ApiCheckLogin
<?php
namespace App\Http\Middleware;
use Closure;
use Illuminate\Http\Request;
use Symfony\Component\HttpKernel\Exception\UnauthorizedHttpException;
use Tymon\JWTAuth\Http\Middleware\BaseMiddleware;
use Tymon\JWTAuth\Exceptions\TokenExpiredException;
use Tymon\JWTAuth\Exceptions\JWTException;
use Illuminate\Support\Facades\Auth;
class ApiCheckLogin extends BaseMiddleware
{
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure(\Illuminate\Http\Request): (\Illuminate\Http\Response|\Illuminate\Http\RedirectResponse) $next
* @return \Illuminate\Http\Response|\Illuminate\Http\RedirectResponse
*/
public function handle(Request $request, Closure $next)
{
try {
// 检查此次请求中是否带有 token,如果没有则抛出异常。
$this->checkForToken($request);
}catch (UnauthorizedHttpException $e){
throw new \Exception("请登录!",401);
}catch (\Exception $exception) {
// 如果捕获到此异常,即代表 refresh 也过期了,用户无法刷新令牌,需要重新登录。
throw new \Exception("请登录!",401);
}
// 使用 try 包裹,以捕捉 token 过期所抛出的 TokenExpiredException 异常
try {
// 检测用户的登录状态,如果正常则通过
if ($this->auth->parseToken()->authenticate()) {
return $next($request);
}
throw new \Exception("请登录!",401);
} catch (TokenExpiredException $exception) {
// 此处捕获到了 token 过期所抛出的 TokenExpiredException 异常,我们在这里需要做的是刷新该用户的 token 并将它添加到响应头中
try {
// 刷新用户的 token
$token = $this->auth->refresh();
// 使用一次性登录以保证此次请求的成功
Auth::guard('api')->onceUsingId($this->auth->manager()->getPayloadFactory()->buildClaimsCollection()->toPlainArray()['sub']);
} catch (\Exception $exception) {
// 如果捕获到此异常,即代表 refresh 也过期了,用户无法刷新令牌,需要重新登录。
throw new \Exception("请登录!",401);
}
}catch (\Exception $exception) {
// 其他异常,需要重新登录。
throw new \Exception("请登录!",401);
}
// 在响应头中返回新的 token
return $this->setAuthenticationHeader($next($request), $token);
// 获取用户信息
// $user = auth()->user();
// // 判断用户没有登录
// if (!$user) {
// // 提示登录
// return response()->json(['code' => 400, 'msg' => '请先登录']);
// }
// return $next($request);
}
}
16.新增UsersController,获取登录后的用户信息
class UsersController
{
/**
* 获取用户信息
* @return void
*/
const all_users = "api";
public function get_user_info(){
$user_info = Auth::guard(self::all_users)->user();
if(!$user_info) throw new \Exception("获取用户信息异常!",401);
return ['code' => 200,'data' => $user_info ];
}
}
17.打开routes/api.php文件,添加路由
//登录后
Route::middleware([ApiCheckLogin::class])->group(function () {
Route::any('/get_user_info', 'UserCenter\UsersController@get_user_info');
});
18.用登录的access_token去获取用户信息
bearer和access_token中间有一个空格
扫一扫
1万+
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
