通过
搜索
搜索sametsahindogan / laravel-jwtredis
此包允许使用JWT进行认证的用户及其角色、权限、状态等信息在Redis中存储和管理。
v1.2.0
2021-02-25 12:22 UTC
Requires
- php: >=7.2.5
- sametsahindogan/response-object-creator: 1.0.2
- spatie/laravel-permission: ^4.0
- tymon/jwt-auth: ^1.0.2
README
此包允许使用JWT进行认证的用户及其角色、权限、状态等信息在Redis中存储和管理。
此外,此包还包含一个观察器,用于监听和更新Redis中的用户模型。此观察器在您为用户分配角色和权限,或更新和删除用户模型时触发。
要求
此包与tymondesigns/jwt-auth和spatie/laravel-permission包协同工作。
!请确保安装并配置这些依赖项。您必须发布、迁移等所有包。!
- 如果您的PHP设置没有Redis扩展,或者Laravel的Redis驱动器未选为phpredis,您必须安装nrk/predis >= 1.1 (推荐1.1)
- PHP >= 7.2.5
- Laravel >= 6.0
- tymondesigns/jwt-auth >= 1.0 (推荐1.0.2)
- spatie/laravel-permission >= 4.0 (推荐4.0.0)
- sametsahindogan/response-object-creator >= 1.0 (推荐1.0.2)
安装
composer require sametsahindogan/laravel-jwtredis
完成此步骤后,您需要在.env文件中添加和更改以下值
CACHE_DRIVER=redis REDIS_CLIENT=predis
接下来,您需要更改您的config/auth.php配置中的guards和providers数组,如下所示
'guards' => [ 'api' => [ 'driver' => 'jwt_redis_guard', 'provider' => 'users' ], ], 'providers' => [ 'users' => [ 'driver' => 'jwt_redis_user_provider', 'model' => App\User::class, // Your User Model ], ],
此包使用自动发现来注册服务提供者,但如果您希望手动进行,服务提供者是:将以下内容添加到config/app.php配置中的providers数组
Sametsahindogan\JWTRedis\JWTRedisServiceProvider::class,
您可以使用以下命令发布配置
php artisan vendor:publish --provider='Sametsahindogan\JWTRedis\JWTRedisServiceProvider'
配置
完成所有操作后,别忘了将此特性添加到您的用户模型中。
use JWTRedisHasRoles;
您需要在app/Http/Kernel.php中添加$routeMiddleware数组
'auth' => \Sametsahindogan\JWTRedis\Http\Middleware\Authenticate::class, 'refreshable' => \Sametsahindogan\JWTRedis\Http\Middleware\Refreshable::class, 'role' => \Sametsahindogan\JWTRedis\Http\Middleware\RoleMiddleware::class, 'permission' => \Sametsahindogan\JWTRedis\Http\Middleware\PermissionMiddleware::class, 'role_or_permission' => \Sametsahindogan\JWTRedis\Http\Middleware\RoleOrPermissionMiddleware::class,
用法
您没有使用说明。此包仅影响后台,功能与Laravel会话认证几乎相同,有一些例外。您只需更改中间件即可。(我在下面提到这一点)您可以使用Laravel的Auth外观、Tymon的JWTAuth外观以及所有spatie/laravel-permission包方法。
- 对于通过令牌进行用户认证;
(如果用户身份不重要,请使用此中间件。此中间件仅检查令牌是否有效。不向任何数据库查询发送。)
Route::get("/example", "ExampleController@example")->middleware('auth');
- 要检查用户授权,您需要使用以下中间件之一;
(如果用户身份很重要,请使用此中间件。此中间件从Redis获取用户并将其标记为已授权到Laravel的Request对象。您将到达所有默认Auth外观的方法。只需调用Laravel的Auth外观即可。)
Route::get("/example", "ExampleController@example")->middleware('role:admin|user'); Route::get("/example", "ExampleController@example")->middleware('permissions:get-user|set-user'); Route::get("/example", "ExampleController@example")->middleware('role_or_permission:admin|get-user');
- 要刷新令牌,您可以将
refreshable中间件添加到所需的路由。您不需要对此路由的控制器执行任何操作;
(如果需要,此中间件还可以从Redis刷新用户。)
Route::get("/example", "ExampleController@example")->middleware('refreshable');
如果您想执行不同的操作,可以覆盖所提到的中间件。
使用上述方法后,您在应用程序中创建的每个授权,如 Auth::user() 或 $user->can('permission'),都会始终从 Redis 检查,而不是从数据库中检查。
选项
您可以在该包中自定义一些选项。检查 config/jwtredis.php 文件。
- 用户模型
/* |-------------------------------------------------------------------------- | Your User Model |-------------------------------------------------------------------------- | | You can set specific user model. | */ 'user_model' => \App\Models\User::class,
- 观察者
/* |-------------------------------------------------------------------------- | JWTRedis User Model Observer |-------------------------------------------------------------------------- | | This observer class, listening all events on your user model. Is triggered | when you assign roles & permissions to user, or update and delete to | your user model. | */ 'observer' => \Sametsahindogan\JWTRedis\Observers\UserRedisObserver::class,
- 事件队列
/* |-------------------------------------------------------------------------- | Observer Events Are Queued |-------------------------------------------------------------------------- | | If this option is true, model's events are processed as a job on queue. | The job will be executed after the database transactions are commit. | | * ~ Don't forget to run Queue Worker if this option is true. ~ * | */ 'observer_events_queue' => env('JWTREDIS_OBSERVER_EVENTS_QUEUE', false),
- 缓存时间
/* |-------------------------------------------------------------------------- | Cache on Redis up to jwt_ttl value. |-------------------------------------------------------------------------- | | If it's option is true, user stored in Redis up to jwt_ttl value time. | */ 'redis_ttl_jwt' => true, /* |-------------------------------------------------------------------------- | Cache on Redis up to specific time |-------------------------------------------------------------------------- | | If you don't want to store user in Redis until JWT expire time, | you can set this value as minute. | */ 'redis_ttl' => env('JWTREDIS_REDIS_TTL', 60),
- 缓存前缀
/* |-------------------------------------------------------------------------- | Cache Prefix |-------------------------------------------------------------------------- | | If it's user id is 1, this user stored in Redis as auth_1. | */ 'redis_auth_prefix' => env('JWTREDIS_REDIS_AUTH_PREFIX', 'auth_'),
- 序列化
/* |-------------------------------------------------------------------------- | Igbinary Serialization |-------------------------------------------------------------------------- | | Igbinary Serialization provides a better performance and lower memory | usage than PHP Serialization. | | * ~ Don't forget to enable igbinary extension if this option is true. ~ * | */ 'igbinary_serialization' => env('JWTREDIS_IGBINARY_SERIALIZATION', false),
- 禁用用户检查
/* |-------------------------------------------------------------------------- | Banned User Checking |-------------------------------------------------------------------------- | | If the check_banned_user option is true, that users cannot access | the your application. | */ 'check_banned_user' => env('JWTREDIS_CHECK_BANNED_USER', false), /* |-------------------------------------------------------------------------- | Status Column For Banned User Checking |-------------------------------------------------------------------------- | | You can set your specific column name of your user model. | */ 'status_column_title' => 'status', /* |-------------------------------------------------------------------------- | Restricted statuses For Banned User Checking |-------------------------------------------------------------------------- | | If the user has one of these statuses and trying to reach your application, | JWTRedis throws AccountBlockedException. | You can set the message (check it errors array) that will return in this | exception. | */ 'banned_statuses' => [ 'banned', 'deactivate' ],
- 关系缓存
/* |-------------------------------------------------------------------------- | Cache This Relations When User Has Authenticated |-------------------------------------------------------------------------- | | You can add this array to your own relations, anything you want to store | in Redis. We recommend caching only roles and permissions here as much as | possible. | */ 'cache_relations' => [ 'roles.permissions', 'permissions' ],
- 自定义异常
/* |-------------------------------------------------------------------------- | Customize All Exception Messages and Codes |-------------------------------------------------------------------------- | | You can customize error code,message,title for your application. | */ 'errors' => [ 'TokenNotProvidedException' => [ 'title' => 'Your custom title', 'message' => 'Your custom error message.', 'code' => 99999 ] ]
示例项目
这是一个使用 laravel-jwtredis 的示例。您可以详细检查。
性能提升技巧
您可能可以通过 PECL 安装 PhpRedis PHP 扩展。扩展安装较为复杂,但可能为大量使用 Redis 的应用程序带来更好的性能。Predis 是 PhpRedis 的纯 PHP 替代品,默认不需要任何额外的 C 扩展。
"PhpRedis 比其他方式快 6 倍。使用 igbinary 序列化可以减少存储数据的大小约 3 倍。如果 Redis 安装在单独的机器上,减少网络流量可以非常显著地提高速度。"
在我看来,在生产环境中使用 PhpRedis 和 igbinary 序列化(Laravel 不支持 Redis 上的 igbinary 序列化。但是,此包为 Laravel 提供了 igbinary 序列化支持。请检查 config/jwtredis.php 文件。)可以获得很好的性能。
您可以查看这篇文章,比较 PhpRedis 与 Predis 的性能。
与 Laravel Swoole 包 集成
此包完全兼容 Laravel Swoole 包。如果您想一起使用,您只需将您的 config/swoole_http.php 配置中的 instances 和 providers 数组更改如下
/* |-------------------------------------------------------------------------- | Instances here will be cleared on every request. |-------------------------------------------------------------------------- */ 'instances' => [ 'auth' ], /* |-------------------------------------------------------------------------- | Providers here will be registered on every request. |-------------------------------------------------------------------------- */ 'providers' => [ \Sametsahindogan\JWTRedis\JWTRedisServiceProvider::class, ],
许可证
MIT © Samet Sahindogan