通过 
搜索
搜索soluble / wallit
PSR-15 JWT 中间件
0.5.1
2018-10-26 15:01 UTC
Requires
- php: ^7.1
- fig/http-message-util: ^1.1.2
- lcobucci/jwt: ^3.2.2
- psr/container: ^1.0
- psr/http-factory: ^1.0
- psr/http-message: ^1.0.1
- psr/http-server-middleware: ^1.0
- zendframework/zend-diactoros: ^1.8 || ^2.0
Requires (Dev)
- dflydev/fig-cookies: ^1.0 || ^2.0
- filp/whoops: ^2.2
- friendsofphp/php-cs-fixer: ^2.13
- guzzlehttp/guzzle: ^6.2.3
- infection/infection: ^0.10
- jangregor/phpstan-prophecy: ^0.2
- mockery/mockery: ^1.0.0
- phpstan/phpstan: ^0.10
- phpstan/phpstan-phpunit: ^0.10
- phpstan/phpstan-strict-rules: ^0.10
- phpunit/phpunit: ^7.3
- ramsey/uuid: ^3.7
- roave/security-advisories: dev-master
- zendframework/zend-servicemanager: ^3.3
Suggests
- zendframework/zend-expressive: Zend expressive 3, PSR-7/15 framework
Conflicts
README
PSR-15 中间件,用于处理 JWT 生成和检查。
状态: 实验性。尚未在生产环境中使用,如有兴趣,请查看问题并欢迎提出建议或打开 P/R :)
需求
- PHP 7.1
推荐
- zend-expressive 3.0(或任何 PSR-7 & PSR-15 兼容框架)
对于 zend-expressive 2.0,请使用 0.3 版本。
安装
$ composer require soluble-wallit
配置
将 soluble-wallit.config.php.dist 复制到您的自动加载目录中。
cp ./vendor/soluble/wallit/config/soluble-wallit.config.php.dist ./config/autoload/soluble-wallit.config.local.php
编辑配置文件并添加您的令牌密钥
注册(zend-expressive 3.0)
确保 Soluble\Wallit\Config\ConfigProvider::class 已在 ./config/config.php 文件中注册。
<?php use Zend\ConfigAggregator\ArrayProvider; use Zend\ConfigAggregator\ConfigAggregator; use Zend\ConfigAggregator\PhpFileProvider; $cacheConfig = [ 'config_cache_path' => 'data/config-cache.php', ]; $aggregator = new ConfigAggregator([ new ArrayProvider($cacheConfig), // Register the Soluble Wallit ConfigProvider Soluble\Wallit\Config\ConfigProvider::class, new PhpFileProvider('config/autoload/{{,*.}global,{,*.}local}.php'), new PhpFileProvider('config/development.config.php'), ], $cacheConfig['config_cache_path']); return $aggregator->getMergedConfig();
使用(zend-expressive 3.0)
要快速浏览示例,请查看 smoke tests 目录。
示例 1
创建一个 PSR-15 处理程序,在认证成功后生成 JWT 令牌
<?php declare(strict_types=1); namespace App\Handler; use Psr\Http\Message\{ResponseInterface, ServerRequestInterface}; use Psr\Http\Server\RequestHandlerInterface; use Fig\Http\Message\StatusCodeInterface; use Ramsey\Uuid\Uuid; use Soluble\Wallit\Service\JwtService; use Soluble\Wallit\Token\Jwt\JwtClaims; use Zend\Diactoros\Response\JsonResponse; class AuthHandler implements RequestHandlerInterface { /** * @var JwtService */ protected $jwtService; public function __construct(JwtService $jwtService) { $this->jwtService = $jwtService; } public function handle(ServerRequestInterface $request): ResponseInterface { $method = $request->getMethod(); if ($method !== 'POST') { throw new \RuntimeException('TODO - Handle error your way ;)'); } $body = $request->getParsedBody(); $login = $body['login'] ?? ''; $password = $body['password'] ?? ''; if ($login === 'demo' && $password === 'demo') { $token = $this->jwtService->createToken([ JwtClaims::ID => Uuid::uuid1(), 'login' => $login ]); return new JsonResponse([ 'access_token' => (string) $token, 'token_type' => 'example', ]); } return (new JsonResponse([ 'success' => false ]))->withStatus(StatusCodeInterface::STATUS_UNAUTHORIZED); } }
其相关工厂可以是
<?php declare(strict_types=1); namespace App\Handler; use Psr\Container\ContainerInterface; use Soluble\Wallit\Service\JwtService; class AuthHandlerFactory { public function __invoke(ContainerInterface $container): AuthHandler { return new AuthHandler( $container->get(JwtService::class) ); } }
在 ./config/routes.php 中添加路由
<?php //.... $app->post('/auth', App\Handler\AuthHandler::class, 'auth');
示例 2:检查 JWT
简单地将 JwtAuthMiddleware::class 管道或添加到所需的路由中。
例如,在 ./config/routes.php 文件中
<?php declare(strict_types=1); use Soluble\Wallit\Middleware\JwtAuthMiddleware; // ... $app->get('/admin', [ JwtAuthMiddleware::class, App\Handler\AdminHandler::class ], 'admin');
示例 3:检索令牌
令牌作为请求属性可用: $request->getAttribute(JwtAuthMiddleware::class)。
<?php declare(strict_types=1); namespace App\Handler; use Psr\Http\Message\{ResponseInterface, ServerRequestInterface}; use Psr\Http\Server\RequestHandlerInterface; use Soluble\Wallit\Middleware\JwtAuthMiddleware; use Zend\Diactoros\Response\HtmlResponse; use Zend\Expressive\Template\TemplateRendererInterface; use Lcobucci\JWT\Token; class AdminHandler implements RequestHandlerInterface { /** * @var TemplateRendererInterface */ private $template; public function __construct(TemplateRendererInterface $template) { $this->template = $template; } public function handle(ServerRequestInterface $request): ResponseInterface { $token = $this->getTokenFromRequest($request); return new HtmlResponse($this->template->render('pages::admin', [ 'token' => $token, 'login' => $token->getClaim('login') ])); } protected function getTokenFromRequest(ServerRequestInterface $request): Token { return $request->getAttribute(JwtAuthMiddleware::class); } }
标准
- fig/http-message-util 用于 PSR-7(psr/http-message)的实用类和常量
- psr/http-message HTTP 信息的通用接口(PHP FIG PSR-7)
- psr/container 通用容器接口(PHP FIG PSR-11)
- PSR 4 自动加载器
- PSR 2 编码风格指南