atlance / jwt-auth
Symfony JWT 身份验证
    dev-main
    2024-01-25 19:48 UTC
Requires
- php: ^8.2
- atlance/jwt-core: ^0.3
- symfony/clock: ^7.0
- symfony/security-bundle: ^7.0
- symfony/yaml: ^7.0
Requires (Dev)
- brianium/paratest: @dev
- ergebnis/composer-normalize: @dev
- fakerphp/faker: @dev
- friendsofphp/php-cs-fixer: @dev
- overtrue/phplint: @dev
- phpstan/extension-installer: @dev
- phpstan/phpstan: @dev
- phpstan/phpstan-deprecation-rules: @dev
- phpstan/phpstan-phpunit: @dev
- phpstan/phpstan-strict-rules: @dev
- phpstan/phpstan-symfony: @dev
- psalm/plugin-symfony: @dev
- rector/rector: @dev
- squizlabs/php_codesniffer: @dev
- symfony/browser-kit: @dev
- symfony/framework-bundle: ^7.0
- symfony/validator: @dev
- vimeo/psalm: @dev
This package is auto-updated.
Last update: 2024-09-25 21:13:14 UTC
README
安装
- 生成密钥。
- 通过 composer 安装包:composer require atlance/jwt-auth ^7.0。
- 配置
使用场景
创建
- 实现: Atlance\JwtAuth\Security\UseCase\Create\Token\Handler.
- 示例:
<?php declare(strict_types=1); namespace App\Controller\Login; use Atlance\JwtAuth\Security\UseCase; use Symfony\Bundle\FrameworkBundle\Controller\AbstractController; use Symfony\Component\HttpFoundation\JsonResponse; use Symfony\Component\HttpFoundation\Request; use Symfony\Component\HttpFoundation\Response; use Symfony\Component\PasswordHasher\Hasher\UserPasswordHasherInterface; use Symfony\Component\Routing\Annotation\Route; use Symfony\Component\Security\Core\Exception\UserNotFoundException; use Symfony\Component\Security\Core\User\UserProviderInterface; #[Route('/login', methods: ['POST'])] final class Controller extends AbstractController { public function __invoke( Request $request, UserProviderInterface $provider, UserPasswordHasherInterface $hasher, UseCase\Create\Token\HandlerInterface $handler, ): JsonResponse { /** @var array{username:string,password:string} $dataset */ $dataset = json_decode($request->getContent(), true); try { $user = $provider->loadUserByIdentifier($dataset['username']); $hasher->isPasswordValid($user, $hasher->hashPassword($user, $dataset['password'])); return new JsonResponse(['token' => $handler->handle($user)]); } catch (UserNotFoundException) { return new JsonResponse(status: Response::HTTP_BAD_REQUEST); } } }
访问
实现
- Atlance\JwtAuth\Security\UseCase\Access\Token\Handler
- Atlance\JwtAuth\Security\Factory\UserBadgeFactory
# config/packages/security.yaml security: firewalls: main: access_token: token_handler: Atlance\JwtAuth\Security\Factory\UserBadgeFactory
- 并且 Symfony 自动使用了 JWT 进行身份验证.
- 更多: 如何使用访问令牌进行身份验证.
- 示例:
<?php declare(strict_types=1); namespace App\Controller\Profile; use Symfony\Bundle\FrameworkBundle\Controller\AbstractController; use Symfony\Component\HttpFoundation\JsonResponse; use Symfony\Component\Routing\Annotation\Route; use Symfony\Component\Security\Core\User\UserInterface; use Symfony\Component\Security\Http\Attribute\CurrentUser; use Symfony\Component\Security\Http\Attribute\IsGranted; #[IsGranted('ROLE_USER')] #[Route('/profile', methods: ['GET'])] class ProfileController extends AbstractController { public function __invoke(#[CurrentUser] ?UserInterface $user = null): JsonResponse { return new JsonResponse(['username' => $user->getUserIdentifier()]); } }