✨ 目录
🎈 安装 jwt 库🎈 修改文件🎈 修改配置文件🎈 生成Secret🎈 模型修改🎈 门卫验证🎈 登录退出验证🎈 路由守卫🎈 路由配置
🎈 安装 jwt 库
首先需要安装jwt-auth
库composer require tymon/jwt-auth
🎈 修改文件
打开bootstrap/app.php
文件,进行以下修改// 1、解除注释$app->withFacades();$app->withEloquent();// 2、解除注释,之后用该中间件进行用户认证$app->routeMiddleware(['auth' => App\Http\Middleware\Authenticate::class,]);// 3、注册AUTH服务$app->register(App\Providers\AuthServiceProvider::class);// 4、注册JWT服务$app->register(Tymon\JWTAuth\Providers\LumenServiceProvider::class);
🎈 修改配置文件
打开config/auth.php
文件,进行修改如果没有config
文件夹,可以将vendor/laravel/lumen-framework/config
文件夹复制一份,放到根目录下主要修改两个地方,第一个是guards.api.driver
中的值修改为jwt
,第二个是将providers.users.model
修改成用来验证用户的模型<?phpreturn ['defaults' => ['guard' => env('AUTH_GUARD', 'api')],'guards' => ['api' => ['driver' => 'jwt', // 将api改成jwt,更改为JWT驱动'provider' => 'users']],'providers' => ['users' => ['driver' => 'eloquent','model' => App\Models\User::class // 修改成用来验证用户的Model]],'passwords' => [ // Lumen默认无session,所以该字段无意义],];
🎈 生成Secret
执行php artisan jwt:secret
命令,将会在.env
文件中随机生成JWT_SECRET
参数如果想配置JWT
其他参数,可以在.env
文件中进行如下参数编辑// 上面命令随机生成JWT_SECRET=5jFaYn*******************axtMwuo9k//有效时间 单位:分钟JWT_TTL = 60//刷新时间 单位:分钟 默认 14天 JWT_REFRESH_TTL = 0//宽限时间 单位:秒JWT_BLACKLIST_GRACE_PERIOD = 60
🎈 模型修改
上面修改配置文件中,修改了providers.users.model
值用来作为用户验证,根据自己修改的模型来进行下列修改打开App\Models\User
文件进行下列修改<?phpnamespace App\Models;use Illuminate\Auth\Authenticatable;use Illuminate\Database\Eloquent\Model;use Illuminate\Contracts\Auth\Authenticatable as AuthenticatableContract;use Illuminate\Contracts\Auth\Access\Authorizable as AuthorizableContract;use Laravel\Lumen\Auth\Authorizable;use Tymon\JWTAuth\Contracts\JWTSubject;class UserModel extends Model implements AuthenticatableContract, AuthorizableContract, JWTSubject{use Authenticatable, Authorizable;// 自定义表名protected $table = 'tinygeeker_user';// 不维护时间戳public $timestamps = false;protected $fillable = ['username', 'password'];protected $hidden = ['password'];/*** @inheritDoc* 获取jwt中的用户标识*/public function getJWTIdentifier(){return $this->getKey();}/*** @inheritDoc* 获取jwt中的用户自定义字段*/public function getJWTCustomClaims(){return [];}}
🎈 门卫验证
由于上面在bootstrap/app.php
文件中,注册了权限验证服务$app->register(App\Providers\AuthServiceProvider::class)
所以打开app/Providers/AuthServiceProvider.php
,进行如下设置,使用auth
中间件的api
门卫的时候验证请求体<?phpnamespace App\Providers;use App\User;use Illuminate\Support\Facades\Gate;use Illuminate\Support\ServiceProvider;use Illuminate\Support\Facades\Auth;class AuthServiceProvider extends ServiceProvider{public function register(){}public function boot(){$this->app['auth']->viaRequest('api', function ($request) {return app('auth')->setRequest($request)->user();});}}
🎈 登录退出验证
打开 UserController 控制器,编写登录退出的逻辑首先需要在构造函数__construct
中,排除login
验证$this->middleware('auth:api', ['except' => ['login']]);
,因为登录是不用进行用户认证的<?phpnamespace App\Http\Controllers;use App\Http\Controllers\Controller;use Illuminate\Http\Request;use App\Models\UserModel;// 需要引入 Auth 门面use Illuminate\Support\Facades\Auth;use Illuminate\Support\Facades\Validator;class UserController extends Controller{/*** 认证中间件, 排除登录*/public function __construct(){$this->middleware('auth:api', ['except' => ['login']]);}public function login(Request $request){$input = $request->only(['username', 'password']);$validator = Validator::make($input, ['username' => 'bail|required|min:5','password' => 'bail|required|min:6'], ['username.required' => '账号不能为空','password.required' => '密码不能为空',]);if ($validator->fails()) {return response()->json(['code' => 10000,'message' => $validator->errors()->first()]);}$user = AdminUserModel::where('username', $input['username'])->first();// 进行用户账号的状态和密码等验证....// 验证成功后,获取JWT的token$token = Auth::guard('api')->login($user);return response()->json(['code' => 20000,'message' => '获取token成功','data' => ['token' => $token]]);}// 获取用户信息public function info(Request $request){$user = Auth::user();return response()->Json(['code' => 20000,'message' => '获取用户信息成功','data' => compact('user')]);}// 退出登录的两种方法public function logout(Request $request){// Auth::invalidate(true); // 方法一Auth::logout(); // 方法二return response()->Json(['code' => 20000,'message' => '退出成功']);}public function refresh(){// 刷新用户的tokenAuth::refresh();return response()->Json(['code' => 20000,'message' => '刷新成功']);}}
🎈 路由守卫
如果想要在路由中使用权限认证,请在bootstrap/app.php
中打开$app->routeMiddleware([ 'auth' => App\Http\Middleware\Authenticate::class ]);
因为在上面已经开启,所以只需要在App\Http\Middleware\Authenticate.php
中进行验证即可<?phpnamespace App\Http\Middleware;use Closure;use Illuminate\Contracts\Auth\Factory as Auth;class Authenticate{protected $auth;public function __construct(Auth $auth){$this->auth = $auth;}public function handle($request, Closure $next, $guard = null){if ($this->auth->guard($guard)->guest()) {return response()->Json(['code' => 10000,'message' => '无效的令牌']);}return $next($request);}}
🎈 路由配置
在路由配置文件routes/web.php
中,将需要进行验证的路由包裹起来即可// 权限登录使用的验证服务,所以不用再次验证$router->group(['prefix' => 'user'], function () use ($router) {$router->post('login', '\App\Http\Controllers\UserController@login');$router->post('info', '\App\Http\Controllers\UserController@info');$router->post('logout', '\App\Http\Controllers\UserController@logout');});// 路由中间件验证$router->group(['middleware' => 'auth:api'], function () use ($router) {$router->group(['prefix' => 'geeker'], function () use ($router) {$router->post('list', '\App\Http\Controllers\TinygeekerController@list');$router->post('add', '\App\Http\Controllers\TinygeekerController@add');});$router->group(['prefix' => 'museum'], function () use ($router) {// ...});});