pierresilva/laravel-jwt-auth

Laravel JWT auth API

维护者

详细信息

github.com/pierresilva/laravel-jwt-auth

源代码

问题

安装: 96

依赖项: 0

建议者: 0

安全性: 0

星标: 0

关注者: 2

分支: 0

开放问题: 0

类型:

dev-master 2020-09-07 04:13 UTC

Requires

MIT a3df946a0b4e5da80a387fff016e1a48c6e1d20d

  • Pierre Silva <pierremichelsilva.woop@gmail.com>

Authenticationlaraveljwt

This package is auto-updated.

Last update: 2024-09-07 13:17:19 UTC

README

Laravel JWTAuth 是一个用于简化在新的 Laravel 项目中安装 tymon/jwt-auth 的包。

安装

让我们通过 Composer 安装这个包

composer require pierresilva/laravel-jwt-auth

之后,将服务提供者添加到你的 config/app.php 文件中的 Providers 数组

'providers' => [
     ...
    /*
     * Package Service Providers...
     */

    'Tymon\JWTAuth\Providers\LaravelServiceProvider',


    /*
     * Application Service Providers...
     */
     ...

],

接下来,也在 config/app.php 文件中,将 JWTAuth 和 JWTFactory 门面添加到别名数组。

'aliases' => [
    ...
    'JWTAuth' => 'Tymon\JWTAuth\Facades\JWTAuth',
    'JWTFactory' => 'Tymon\JWTAuth\Facades\JWTFactory'
],

之后,使用以下命令发布包的配置

php artisan vendor:publish --provider="Tymon\JWTAuth\Providers\LaravelServiceProvider"

最后,让我们生成一个这个包将用于加密我们的令牌的密钥

php artisan jwt:secret

上述命令生成一个加密密钥,并将其设置为 .env 文件中的类似 JWT_SECRET=keystring 的内容。

我们将使用现有的 User 模型进行身份验证,因此,我们需要将我们的用户模型与 jwt-auth 包集成。为此,我们将在用户模型上实现 Tymon\JWTAuth\Contracts\JWTSubject 接口,并定义两个必需的方法,getJWTIdentifier()getJWTCustomClaims()

app/User.php 文件中修改如下

<?php

namespace App;

use Illuminate\Contracts\Auth\MustVerifyEmail;
use Illuminate\Foundation\Auth\User as Authenticatable;
use Illuminate\Notifications\Notifiable;
use Tymon\JWTAuth\Contracts\JWTSubject;

class User extends Authenticatable implements JWTSubject
{
    use Notifiable;

    /**
     * The attributes that are mass assignable.
     *
     * @var array
     */
    protected $fillable = [
        'name', 'email', 'password',
    ];

    /**
     * The attributes that should be hidden for arrays.
     *
     * @var array
     */
    protected $hidden = [
        'password', 'remember_token',
    ];

    /**
     * The attributes that should be cast to native types.
     *
     * @var array
     */
    protected $casts = [
        'email_verified_at' => 'datetime',
    ];

    /**
     * Get the identifier that will be stored in the subject claim of the JWT.
     *
     * @return mixed
     */
    public function getJWTIdentifier()
    {
        return $this->getKey();
    }

    /**
     * Return a key value array, containing any custom claims to be added to the JWT.
     *
     * @return array
     */
    public function getJWTCustomClaims()
    {
        return [];
    }
}

现在我们需要让 Laravel 总是使用 jwt-auth 进行身份验证,而不是传统的 session 驱动。

config/auth.php 中将默认守卫设置为 api,并将 API 守卫的驱动设置为 jwt,如下所示

...
'defaults' => [
        'guard' => 'api',
        'passwords' => 'users',
    ],

    'guards' => [
        'web' => [
            'driver' => 'session',
            'provider' => 'users',
        ],

        'api' => [
            'driver' => 'jwt',
            'provider' => 'users',
            'hash' => false,
        ],
    ],
    ...

API

api/jwt-auth/register

注册新用户

方法:POST

示例请求

{
    "name": "User Name",
    "email": "user@name.com",
    "password": "password",
    "password_confirmation": "password"
}

示例响应

{
    "message": "Successfully registered",
    "user": {
        "name": "User Name",
        "email": "user@name.com",
        "updated_at": "2020-06-18T14:27:05.000000Z",
        "created_at": "2020-06-18T14:27:05.000000Z",
        "id": 2
    }
}

api/jwt-auth/login

用户登录

方法:POST

示例请求

{
    "email": "user@name.com",
    "password": "password"
}

示例响应

{
    "message": "Logged in successfully",
    "data": {
        "access_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJodHRwOlwvXC9sYXJhbmctYmFzZWxpbmUudGVzdFwvYXBpXC9qd3QtYXV0aFwvbG9naW4iLCJpYXQiOjE1OTI0OTA2MjQsImV4cCI6MTU5MjQ5NDIyNCwibmJmIjoxNTkyNDkwNjI0LCJqdGkiOiJjRkQ5WU96cFNpTGZiU1FQIiwic3ViIjoyLCJwcnYiOiI4N2UwYWYxZWY5ZmQxNTgxMmZkZWM5NzE1M2ExNGUwYjA0NzU0NmFhIn0.aEklNmy7Qt1kGv9WmNkZvo0u8bXTyty2zLrgyuTAXpM",
        "token_type": "bearer",
        "expires_in": 3600
    }
}

api/jwt-auth/logout

用户登出

头部: "Authorization: Bearer token_string"

方法:POST

示例请求:无

示例响应

{
    "message": "Successfully logged out"
}

api/jwt-auth/refresh

刷新令牌

头部: "Authorization: Bearer token_string"

方法:POST

示例请求:无

示例响应

{
    "message": "Token refreshed successfully",
    "data": {
        "access_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJodHRwOlwvXC9sYXJhbmctYmFzZWxpbmUudGVzdFwvYXBpXC9qd3QtYXV0aFwvcmVmcmVzaCIsImlhdCI6MTU5MjQ4NzY1MiwiZXhwIjoxNTkyNDkxNjI1LCJuYmYiOjE1OTI0ODgwMjUsImp0aSI6ImptNEh3UnNwVnpsdTV1TDEiLCJzdWIiOjEsInBydiI6Ijg3ZTBhZjFlZjlmZDE1ODEyZmRlYzk3MTUzYTE0ZTBiMDQ3NTQ2YWEifQ.fuw1EL6wi5nqWWu0eVs7pVUsh3d1dVoxT3NgaG-tCfk",
        "token_type": "bearer",
        "expires_in": 3600
    }
}

api/jwt-auth/profile

获取用户资料

头部: "Authorization: Bearer token_string"

方法:GET

示例请求:无

示例响应

{
    "message": "Profile obtained successfully",
    "data": {
        "id": 2,
        "name": "User Name",
        "email": "user@name.com",
        "email_verified_at": null,
        "created_at": "2020-06-18T14:27:05.000000Z",
        "updated_at": "2020-06-18T14:27:05.000000Z"
    }
}