1、安装JWT扩展包:
composer require tymon/jwt-auth ^1.0
2、发布配置文件:
php artisan vendor:publish --provider="Tymon\JWTAuth\Providers\LaravelServiceProvider"
3、生成JWT密钥:
php artisan jwt:secret
4、设置超时时间
修改 env 文件,新增:
JWT_TTL=525600 // 单位为秒
5、修改config/auth.php文件:
'defaults' => [
'guard' => 'api', // 将 web 修改为 api
'passwords' => 'users',
],
'guards' => [
'web' => [
'driver' => 'session',
'provider' => 'users',
],
'api' => [
'driver' => 'jwt', // 将 token 修改为 jwt
'provider' => 'users',
'hash' => false,
],
],
5、新增中间件:
<?php
namespace App\Http\Middleware;
use Closure;
class AuthMiddleware
{
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
try {
$user = auth()->guard('api')->userOrFail();
if (!$user) {
return response()->json(['code' => 401,'msg' => 'token invalid','data' => new \stdClass()], 401);
}
} catch (\Tymon\JWTAuth\Exceptions\UserNotDefinedException $e) {
return response()->json(['code' => 401,'msg' => 'token invalid','data' => new \stdClass()], 401);
}
return $next($request);
}
}
6、注册中间件:
在 app/Http/Kernel.php 中,修改数组 $routeMiddleware:
'myauth' => \App\Http\Middleware\AuthMiddleware::class,
7、更新User模型:
<?php
namespace App\Models;
use Tymon\JWTAuth\Contracts\JWTSubject;
use Illuminate\Notifications\Notifiable;
class User extends JwtUser implements JWTSubject
{
use Notifiable;
protected $collection = 'users'; //文档名
protected $primaryKey = '_id'; //设置id
/**
* Get the identifier that will be stored in the subject claim of the JWT.
*
* @return mixed
*/
public function getJWTIdentifier()
{
return $this->getKey();
}
/**
* Return a key value array, containing any custom claims to be added to the JWT.
*
* @return array
*/
public function getJWTCustomClaims()
{
return [];
}
}
<?php
namespace App\Models;
use Illuminate\Auth\Authenticatable;
use Illuminate\Auth\MustVerifyEmail;
use Illuminate\Auth\Passwords\CanResetPassword;
use Illuminate\Foundation\Auth\Access\Authorizable;
use Illuminate\Contracts\Auth\Authenticatable as AuthenticatableContract;
use Illuminate\Contracts\Auth\Access\Authorizable as AuthorizableContract;
use Illuminate\Contracts\Auth\CanResetPassword as CanResetPasswordContract;
use Jenssegers\Mongodb\Eloquent\Model as Eloquent;
class JwtUser extends Eloquent implements
AuthenticatableContract,
AuthorizableContract,
CanResetPasswordContract
{
use Authenticatable, Authorizable, CanResetPassword, MustVerifyEmail;
}
7、设置路由:
Route::group(['middleware'=>['myauth']],function(){
//获取用户信息
Route::get('/user-info', [AuthController::class, 'info']);
});
8、控制器获取登录 token 示例:
$respon_token = auth('api')->fromUser($user);
return $this->success(['token' => $respon_token]);
