ÔõÑùʹÓÃThinkPHP6¾ÙÐÐJWTÈÏÖ¤£¿
jwt£¨json web token£©ÊÇÒ»ÖÖÇáÁ¿¼¶µÄÈÏÖ¤ºÍÊÚȨ»úÖÆ£¬ËüʹÓÃjson¹¤¾ß×÷ΪÇå¾²ÁîÅÆ£¬¿ÉÒÔÔÚ¶à¸öϵͳ֮¼äÇå¾²µØ´«ÊäÓû§Éí·ÝÐÅÏ¢¡£¶øthinkphp6ÊÇÒ»ÖÖ»ùÓÚphpÓïÑԵĸßЧ¡¢ÎÞаµÄmvc¿ò¼Ü£¬ËüÌṩÁËÐí¶àÓÐÓõŤ¾ßºÍ¹¦Ð§£¬ÆäÖоͰüÀ¨jwtÈÏÖ¤»úÖÆ¡£ÔÚ±¾ÎÄÖУ¬ÎÒÃǽ«ÏÈÈÝÔõÑùʹÓÃthinkphp6¾ÙÐÐjwtÈÏÖ¤£¬ÒÔ°ü¹ÜwebÓ¦ÓóÌÐòµÄÇå¾²ÐԺͿɿ¿ÐÔ¡£
×°ÖúÍÉèÖÃJWTÀ©Õ¹
Ê×ÏÈ£¬ÎÒÃÇÐèÒªÔÚ×ðÁú¿Ê±Ó¦ÓóÌÐòÖÐ×°ÖÃJWTÀ©Õ¹¡£¿ÉÒÔͨ¹ýÔÚcomposer.jsonÎļþÖÐÌí¼ÓÒÀÀµÏîÀ´×°ÖÃËü£º
{ "require": { "firebase/php-jwt": "^5.0.0" } }
µÇ¼ºó¸´ÖÆ
È»ºóÔËÐÐÒÔÏÂÏÂÁî×°ÖÃËü£º
composer install
µÇ¼ºó¸´ÖÆ
×°ÖÃÍê³Éºó£¬ÎÒÃÇÐèÒªÔÚÉèÖÃÎļþÖÐÉèÖÃJWT¡£ÔÚconfigĿ¼Ï½¨Éèjwt.phpÎļþ£¬²¢Ìí¼ÓÒÔÏÂÄÚÈÝ£º
<?php return [ 'key' => 'your-secret-key', 'alg' => 'HS256', 'exp' => 7200, // tokenÓâÆÚʱ¼ä£¬µ¥Î»Ãë ];
µÇ¼ºó¸´ÖÆ
ÆäÖС°key¡±ÊÇÒ»¸ö×Ö·û´®£¬ÓÃÓÚÌìÉúJWTÁîÅƵÄÊðÃûÃÜÔ¿£¬¡°alg¡±ÊÇJWTÊðÃûËã·¨µÄÃû³Æ£¬ÎÒÃÇ¿ÉÒÔÑ¡Ôñ¡°HS256¡±¡¢¡°HS512¡±¡¢¡°RS256¡±µÈËã·¨£¬¡°exp¡±ÊÇJWTÁîÅƵÄÓâÆÚʱ¼ä£¬°´ÃëÊýÅÌËã¡£
Á¬Ã¦Ñ§Ï°¡°PHPÃâ·ÑѧϰÌõ¼Ç£¨ÉîÈ룩¡±£»
ʵÏÖJWTÈÏÖ¤¿ØÖÆÆ÷
½ÓÏÂÀ´£¬ÎÒÃÇÐèÒª½¨ÉèÒ»¸öJWTÈÏÖ¤¿ØÖÆÆ÷£¬ÊµÏÖJWTÈÏÖ¤¡£ÔÚapp/controllerĿ¼Ï½¨ÉèAuthController.phpÎļþ£¬²¢Ìí¼ÓÒÔÏÂÄÚÈÝ£º
<?php namespace appcontroller; use FirebaseJWTJWT; use thinkacadeDb; class AuthController { public function login() { //ÔÚÕâÀï´¦Öóͷ£Óû§ÉÏ°¶Âß¼ //... //ÉÏ°¶ÀֳɺóÌìÉúJWT token²¢·µ»Ø¸ø¿Í»§¶Ë $secretKey = config('jwt.key'); // »ñÈ¡JWTÌìÉúÊðÃûµÄÃÜÔ¿ $alg = config('jwt.alg'); // »ñÈ¡JWT¼ÓÃÜËã·¨ $payload = [ 'sub' => $user->id, // ´æ´¢Óû§ID 'exp' => time() + config('jwt.exp'), // É趨ÓâÆÚʱ¼ä ]; $jwt = JWT::encode($payload, $secretKey, $alg); // ÌìÉúJWTÁîÅÆ return ['token' => $jwt]; // ·µ»ØJWT Token¸ø¿Í»§¶Ë } public function dashboard() { //¼ì²éÇëÇóÖеÄJWTTokenÊÇ·ñÓÐÓ㬲¢·µ»ØÓû§ÐÅÏ¢ $jwtToken = request()->header('Authorization'); // »ñÈ¡JWT Token if (!$jwtToken) { // ÈôÊÇtoken²»±£´æ£¬Ö±½Ó·µ»Ø¹ýʧÐÅÏ¢ return ['msg' => 'δÑéÖ¤Éí·Ý£¬ÇëÏȵǼ']; } $jwtInfo = JWT::decode($jwtToken, config('jwt.key'), [config('jwt.alg')]); // ʹÓÃJWT½âÃÜToken $userId = $jwtInfo->sub; // »ñÈ¡tokenÖд洢µÄÓû§ID£¬ÓÃÀ´ÅÌÎÊÓû§ÐÅÏ¢ $user = Db::table('users')->where('id', $userId)->find(); // ÅÌÎÊÓû§ÐÅÏ¢ if (!$user) { // Óû§²»±£´æ£¬Ö±½Ó·µ»Ø¹ýʧÐÅÏ¢ return ['msg' => 'Óû§²»±£´æ']; } // ·µ»ØÓû§ÐÅÏ¢ return ['username' => $user['username'], 'email' => $user['email']]; } }
µÇ¼ºó¸´ÖÆ
ÔÚÉÏÃæµÄ¿ØÖÆÆ÷´úÂëÖУ¬ÎÒÃÇʵÏÖÁËÁ½¸ö¹¦Ð§£ºÒ»¸öÊÇÓû§ÉÏ°¶£¬ÁíÒ»¸öÊÇ»ñÈ¡Óû§ÐÅÏ¢¡£ÔÚÉÏ°¶Àú³ÌÖУ¬ÎÒÃÇÌìÉúÁËÒ»¸öJWTÁîÅÆ£¬²¢½«Æä·µ»Ø¸ø¿Í»§¶Ë£¬ÓÃÓÚºóÐøÇëÇóÖеÄÉí·ÝÑéÖ¤¡£ÔÚdashboardÒªÁìÖУ¬ÎÒÃǼì²éÁËÇëÇóµÄAuthorizationÍ·ÖÐÊÇ·ñ°üÀ¨JWTÁîÅÆ£¬²¢Ê¹ÓÃJWT½âÃÜÁîÅÆ£¬ÑéÖ¤Óû§µÄÉí·ÝÊÇ·ñÓÐÓá£
Ìí¼ÓJWTÈÏÖ¤ÖÐÐļþ
×îºó£¬ÎÒÃÇÐèÒªÔÚÓ¦ÓóÌÐòÖÐÌí¼ÓÒ»¸öJWTÈÏÖ¤ÖÐÐļþ£¬ÒÔ±£»¤ÐèÒªÈÏÖ¤µÄAPI½Ó¿Ú¡£ÔÚapp/middlewareĿ¼Öн¨ÉèJwtAuth.phpÎļþ£¬²¢Ìí¼ÓÒÔÏÂÄÚÈÝ£º
<?php namespace appmiddleware; use FirebaseJWTJWT; use thinkacadeConfig; class JwtAuth { public function handle($request, Closure $next) { //¼ì²éÇëÇóÖеÄJWTTokenÊÇ·ñÓÐÓà $jwtToken = $request->header('Authorization'); // »ñÈ¡JWT Token if (!$jwtToken) { // ÈôÊÇtoken²»±£´æ£¬Ö±½Ó·µ»Ø¹ýʧÐÅÏ¢ return response(['msg' => 'δÊÚȨµÄAPIÇëÇó£¡'], 401); } try { $jwtInfo = JWT::decode($jwtToken, Config::get('jwt.key'), [Config::get('jwt.alg')]); // ʹÓÃJWT½âÃÜToken $request->jwtInfo = $jwtInfo; // ½«½âÃܺóµÄJWTÐÅÏ¢´æ´¢ÔÚÇëÇ󹤾ßÖУ¬ºóÐø¿ØÖÆÆ÷¿ÉÒÔʹÓà return $next($request); // ¼ÌÐøºóÐøÇëÇó´¦Öóͷ£ } catch (Exception $e) { // JWT TokenÓâÆÚ»òÕß½âÃÜʧ°Ü£¬·µ»Ø¹ýʧÐÅÏ¢ return response(['msg' => 'JWT TokenÎÞЧ»òÒÑÓâÆÚ£¡'], 401); } } }
µÇ¼ºó¸´ÖÆ
ÔÚÉÏÃæµÄ´úÂëÖУ¬ÎÒÃǼì²éÁËÇëÇóµÄAuthorizationÍ·ÖÐÊÇ·ñ°üÀ¨ÓÐÓõÄJWTÁîÅÆ¡£ÈôÊÇJWTÁîÅÆÎÞЧ»òÕßÒÑÓâÆÚ£¬ÎÒÃÇ·µ»ØÒ»¸öδÊÚȨµÄHTTPÏìÓ¦£¬²»È»ÎÒÃǼÌÐøºóÐøÇëÇó´¦Öóͷ££¬²¢½«JWTÁîÅƵÄÐÅÏ¢´æ´¢ÔÚÇëÇ󹤾ßÖУ¬ÒÔ¹©ºóÐø¿ØÖÆÆ÷ʹÓá£
×îºó£¬ÎÒÃÇÐèÒªÔÚÓ¦ÓóÌÐòµÄ·ÓÉÖÐʹÓÃJWTÈÏÖ¤ÖÐÐļþÀ´±£»¤ÐèÒªÈÏÖ¤µÄAPI½Ó¿Ú¡£ÀýÈ磬ÎÒÃÇÔÚroutes/api.phpÎļþÖÐÌí¼ÓÒÔÏ´úÂ룺
<?php use appmiddlewareJwtAuth; // ÐèÒªJWTÈÏÖ¤µÄAPI½Ó¿Ú Route::get('dashboard', 'AuthController@dashboard')->middleware(JwtAuth::class);
µÇ¼ºó¸´ÖÆ
ÔÚÉÏÃæµÄ´úÂëÖУ¬ÎÒÃǽ«dashboardÒªÁìʹÓÃJwtAuthÖÐÐļþ¾ÙÐÐÁ˱£»¤£¬È·±£Ö»ÓдøÓÐÓÐÓÃJWTÁîÅƵÄÇëÇó²Å»ª»á¼ûËü¡£
½áÂÛ
ÔÚ±¾ÎÄÖУ¬ÎÒÃÇÏÈÈÝÁËÔõÑùʹÓÃThinkPHP6¾ÙÐÐJWTÈÏÖ¤£¬ÒÔ°ü¹ÜWebÓ¦ÓóÌÐòµÄÇå¾²ÐԺͿɿ¿ÐÔ¡£ÎÒÃÇÊ×ÏÈ×°ÖúÍÉèÖÃÁËJWTÀ©Õ¹£¬È»ºóʵÏÖÁËJWTÈÏÖ¤¿ØÖÆÆ÷ºÍJWTÈÏÖ¤ÖÐÐļþ£¬×îºóÔÚÓ¦ÓóÌÐòµÄ·ÓÉÖÐʹÓÃJWTÈÏÖ¤ÖÐÐļþÀ´±£»¤ÐèÒªÈÏÖ¤µÄAPI½Ó¿Ú¡£Í¨¹ýÕâЩ°ì·¨£¬ÎÒÃÇ¿ÉÒÔÔÚThinkPHP6Ó¦ÓóÌÐòÖÐÇáËÉʵÏÖJWTÈÏÖ¤»úÖÆ£¬È·±£WebÓ¦ÓóÌÐòµÄÇå¾²ÐԺͿɿ¿ÐÔ¡£
ÒÔÉϾÍÊÇÔõÑùʹÓÃThinkPHP6¾ÙÐÐJWTÈÏÖ¤£¿µÄÏêϸÄÚÈÝ£¬¸ü¶àÇë¹Ø×¢±¾ÍøÄÚÆäËüÏà¹ØÎÄÕ£¡