henrik/token-auth

此包是为基于令牌的授权而创建的

维护者

详细信息

github.com/HenrikKarapetyan/token-auth

源代码

问题

安装: 1

依赖项: 0

建议者: 0

安全: 0

星标: 1

关注者: 2

分支: 0

开放问题: 0

1.1.10 2019-09-05 12:33 UTC

Requires

MIT 47190816452442ac614493dd4b03d7cde7cc7601

  • Henrik Karapetyan <henrikkarapetyan.woop@gmail.com>

This package is auto-updated.

Last update: 2024-09-15 17:30:37 UTC

README

如何安装

composer require henrik/token-auth

为 Laravel 框架配置。

  • 创建一个辅助文件 app\Helpers\TokenManagerHelper.php
<?php
namespace App\Helpers;
use HashAuth\TokenManager;

/**
 * Class TokenManagerHelper * @package App\Helpers
 */
 class TokenManagerHelper {
	  /**
	 * @return TokenManager
	 * @throws \Exception
	 */
	 public static function getManagerInstance()
	 {
		 return new TokenManager(
		  config('hash_auth.token_private_key'),
		  config('hash_auth.token_private_iv'),
		  config('hash_auth.signature_private_key')
		 );
	 }
 }
  • 然后在你的 Laravel 配置文件夹中创建 hash_auth.config 文件。
<?php

return [
  'token_private_key' => env('TOKEN_PRIVATE_KEY', ''),
  'token_private_iv' => env('TOKEN_PRIVATE_IV', ''),
  'signature_private_key' => env('SIGNATURE_PRIVATE_KEY', '')
];
  • 然后在你的 .env 文件中添加以下行
SIGNATURE_PRIVATE_KEY="secret_line1"
TOKEN_PRIVATE_IV="secret_line2"
TOKEN_PRIVATE_KEY="secret_line3"

  • 在控制台中输入

    php artisan make:middleware HashAuthFilterMiddleware

  • 然后将此代码粘贴到创建的文件中

<?php

	namespace App\Http\Middleware;
	use App\Helpers\TokenManagerHelper;
	use Carbon\Carbon;
	use Closure;
	use HashAuth\Exceptions\HashAuthException;
	use Illuminate\Http\Request;
	use Illuminate\Http\Response;


    class HashAuthFilterMiddleware{
     /**
     * @param $request
     * @param Closure $next
     * @return mixed
     * @throws \Exception
     */
     public function handle(Request $request, Closure $next)  {
	     try {
			 $unparsed_token = $request->header("Authorization");
			 if (empty($unparsed_token)) {
			       $unparsed_token = $request->input('token');
		     } else {
			       $unparsed_token = str_replace('Bearer ', '', $unparsed_token);
		     }
		     $tokenManager = TokenManagerHelper::getManagerInstance();
		     $parsed_token = $tokenManager->parseToke($unparsed_token, [
			      'exp' => Carbon::now()->timestamp,
			      'sessId' => 0,
			      'browserId' => $request->header('User-Agent')
		      ]);
		      // $parsed_token  it's a  data which  is  saved into token
	      } catch (HashAuthException $e) {
		      return response(
		      [
			      'message' => 'You dont has access for this action'
		      ],
		      Response::HTTP_FORBIDDEN
		      );
	     }
	     return $next($request);
	 }
   }

打开 Kernel.php 文件,并将中间件添加到 $routeMiddleware 如下所示

protected $routeMiddleware = [
	'auth' => \App\Http\Middleware\Authenticate::class,
	// ...
	'hash.auth' => \App\Http\Middleware\HashAuthFilterMiddleware::class,
	// ...
];
  • 将此函数添加到你的 User.php 模型中
	 /**
	 * @param $request
	 * @return mixed
	 * @throws \Exception
	 */
	 public function createNewAccessToken($request, $user)
	 {
		  $tokenManager = TokenManagerHelper::getManagerInstance();
		  $claims = $this->getClaims($request);
		  $token = $tokenManager->makeToken($user, $claims);
		  return $token;
	 }
	 private function getClaims(Request $request)
	 {
		 $claims = [
			 'exp' => Carbon::now()->timestamp + (2 * 60 * 60),
			 'browserId' => $request->header('User-Agent'),
		 ];
		 return $claims;
	 }

示例登录操作(必须以 json 格式返回令牌字符串)

 public function Login(User $user, Request $resuest){
	$token = $user->createNewAccessToken($request, $user);
	// ...
}

你可以用于路由的注册中间件。例如

	Route::group(['middleware' => ['hash.auth']], function () {
		// your routes here
	}
	Route::get('your-route', 'Controller@Action')->middleware('hash.auth');

请求生命周期的图表表示。