laravel8配合jwt

1. composer 安装包

composer require tymon/jwt-auth
1

2. config/app.php 注册服务提供者

'providers' => [
    Tymon\JWTAuth\Providers\LaravelServiceProvider::class,
]
1
2
3

'aliases' => [
    'JWTAuth' => Tymon\JWTAuth\Facades\JWTAuth::class,
    'JWTFactory' => Tymon\JWTAuth\Facades\JWTFactory::class,
]
1
2
3
4

3. 发布生成配置文件

php artisan vendor:publish --provider="Tymon\JWTAuth\Providers\LaravelServiceProvider"
1

执行后 会在config 下自动生成 jwt.php 文件

4. 生成 JWT_SECRE

php artisan jwt:secret
1

执行后会在.env 中自动生成：
JWT_SECRET=IVYIoZuMhB2vUE6HQQOinyYhSL2DMhuVxsRNVAqkEzO3W3Qe9nG3G5SIH6GQG1Bd

5. config/auth.php 中配置 guards

'guards' => [
        'web' => [
            'driver' => 'session',
            'provider' => 'users',
        ],
        'api' => [
            'driver' => 'jwt',
            'provider' => 'user',
        ],
    ],
1
2
3
4
5
6
7
8
9
10

'providers' => [
		//这里的users就是上面api中的provider的值users
        'user' => [
            'driver' => 'eloquent',
            'model' => App\Models\Api\User::class,
            //注意这里的路径，我的api在Api目录下
        ],
    ],
1
2
3
4
5
6
7
8

6. 新建 App\Models\Api\User 模型类
   注意要继承 Authenticatable 并且 是JWTSubject 接口的实现

namespace App\Models\Api;

use DateTimeInterface;
use Illuminate\Database\Eloquent\Factories\HasFactory;
use Illuminate\Foundation\Auth\User as Authenticatable;
use Illuminate\Notifications\Notifiable;
use Tymon\JWTAuth\Contracts\JWTSubject;

class User extends Authenticatable implements JWTSubject
{
    use HasFactory, Notifiable;
    /**
     * 关联到模型的数据表
     *
     * @var string
     */
    protected $table = 'user';
    /**
     * 表明模型是否应该被打上时间戳
     *
     * @var bool
     */
    public $timestamps = true;
    const CREATED_AT = 'createtime';
    const UPDATED_AT = null;//不需要updatetime 可以设为null即可关闭
    /**
     * 模型日期列的存储格式默认是Y-m-d H:i:s，使用U改为时间戳
     *
     * @var string
     */
    //protected $dateFormat = 'U';

    /**
     * 可以被批量赋值的属性.
     *
     * @var array
     */
    protected $fillable = ['username','phone','part_id','group','account','password','salt'];

    /**
     * 在数组中隐藏的属性
     *
     * @var array
     */
    protected $hidden = ['password','salt'];

    //格式化输出时间
    protected function serializeDate(DateTimeInterface $date)
    {
        return $date->format('Y-m-d H:i:s');
    }

    public function getJWTIdentifier()
    {
        return $this->getKey();
    }

    /**
     * Return a key value array, containing any custom claims to be added to the JWT.
     *
     * @return array
     */
    public function getJWTCustomClaims()
    {
        return [];
    }


}

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72

7. 注册路由
   JWT 认证扩展包附带了允许我们使用的中间件。在 app/Http/Kernel.php 中注册 auth.jwt 中间件

protected $routeMiddleware = [
    ....
    'auth.jwt' => \Tymon\JWTAuth\Http\Middleware\Authenticate::class,
];
1
2
3
4

8. 创建api路由

Route::post('login', 'ApiController@login');
Route::post('register', 'ApiController@register');
Route::group(['middleware' => 'auth.jwt'], function () {
    Route::get('user', 'ApiController@user');
    Route::get('logout', 'ApiController@logout');
    Route::get('refresh', 'ApiController@refresh');
});
1
2
3
4
5
6
7

9. 控制器使用

namespace App\Http\Controllers\Api;

use App\Http\Controllers\Controller;
use App\Http\Requests\Api\RegisterAuthRequest;
use App\Models\Api\User;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
use JWTAuth;
use Illuminate\Support\Str;



class ApiController extends Controller
{
    public $loginAfterSignUp = true;

    public function register(RegisterAuthRequest $request)
    {
        $data=$request->all();
        $data['salt']=Str::random(4);
        $data['password']=md5($data['password'].$data['salt']);
        User::create($data);

        /*if ($this->loginAfterSignUp) {
            return $this->login($request);
        }*/

        return response()->json([
            'success' => true,
            'data' => []
        ], 200);
    }

    public function login(Request $request)
    {
        $input = $request->only('account', 'password');
        //此处可以自己查数据库，判断是否用户名和密码正确
        
        $user = User::query()->where(['account' => $input['account']])->firstOrFail();
        //生成token两种方式
        //$token = Auth::guard('api')->fromUser($user);
        $token = JWTAuth::fromUser($user);
        //dd($token);die;
        return response()->json([
            'success' => true,
            'token' => $token,
            'user' => $user,
        ]);
    }

    public function logout(Request $request)
    {
        Auth::guard('api')->invalidate();
        return response()->json([
            'success' => true,
            'msg' => "退出成功"
        ]);
    }

    public function refresh(Request $request)
    {

        $newtoken=Auth::guard('api')->refresh();
        return response()->json([
            'success' => true,
            'msg' => "token已刷新",
            "token"=>$newtoken
        ]);
    }

    public function user(Request $request)
    {
        //两种方式都行
        $user = Auth::guard('api')->user();
        //$user = JWTAuth::authenticate();
        return response()->json([
            'success' => true,
            'user' => $user,
        ]);
    }
}

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84

10. 测试