installcomposercreate-project--prefer-distlaravel/laravelsample"5.5.*"安装依赖composerinstallinstalljwt-authcomposerrequiretymon/jwt-author添加`"tymon/jwt-auth":"^1.0.0-rc.2"incomposer.json,`terminal:composerupdateintheprovidersofconfig/app.php'providers'=>[...Tymon\JWTAuth\Providers\LaravelServiceProvider::class,]终端运行:phpartisanvendor:publish--provider="Tymon\JWTAuth\Providers\LaravelServiceProvider"会生成config/jwt的配置文件。php再次运行:phpartisanjwt:secret生成构建模型的密钥运行:phpartisanmake:modelModels/Admin-mphpartisanmake:models/User-mdatabase/migrations在迁移文件中**admins:**Schema::create('admins',function(Blueprint$table){$table->increments('id');$table->string('name');$table->string('email')->unique()复制代码;$table->string('密码');$table->string('头像')->可空();$表->时间戳();});**用户:**Schema::create('users',function(Blueprint$t能够){$table->increments('id');$table->string('名字');$table->string('email')->unique();$table->string('密码');$table->string('avatar')->nullable();$table->timestamps();});修改Model(USer和Admin是一样的)getKey();}}/***返回一个键值数组,包含要添加到JWT的任何自定义声明。**@return数组*/publicfunctiongetJWTCustomClaims(){return[];}}在config/auth.php中配置,找到对应的修改自己的'guards'=>['web'=>['driver'=>'session','provider'=>'users',],'api'=>['driver'=>'jwt','provider'=>'users',],'admin'=>['driver'=>'jwt','provider'=>'admins',],],'providers'=>['users'=>['driver'=>'eloquent','model'=>App\Models\User::class,'table'=>'users',],'admins'=>['driver'=>'eloquent','model'=>App\Models\Admin::类,'table'=>'admin_users'],],路由在routes/api.phpRoute::group(['middleware'=>'api','prefix'=>'auth'],function($router){Route::post('login','AuthController@login');Route::post('logout','AuthController@logout');Route::post('refresh','AuthController@refresh');Route::post('我','AuthController@me');});controller(key)运行:phpartisanmake:controllerAdminController创建controller注意:这里主要使用guard('admin')来区分这里要调用的table和Model配置在auth.phpmiddleware('myauth',['except'=>['login']]);}/***通过给定的凭据获取JWT。**@return\Illuminate\Http\JsonResponse*/publicfunctionlogin(){$credentials=request(['email','password']);}if(!$token=auth()->guard('admin')->attempt($credentials)){returnresponse()->json(['error'=>'Unauthorized'],401);}返回$this->respondWithToken($token);}/***获取经过身份验证的用户。**@return\Illuminate\Http\JsonResponse*/publicfunctionme(){returnresponse()->guard('admin')->json(auth()->user());}/***注销用户(使令牌无效)。**@return\Illuminate\Http\JsonResponse*/publicfunctionlogout(){auth()->guard('admin')->logout();returnresponse()->json(['message'=>'成功注销']);}/***刷新令牌。**@return\Illuminate\Http\JsonResponse*/publicfunctionrefresh(){return$this->respondWithToken(auth()->guard('admin')->refresh());}}/***获取令牌数组结构。**@paramstring$token**@return\Illuminate\Http\JsonResponse*/保护函数respondWithToken($token){returnresponse()->json(['access_token'=>$token,'token_type'=>'bearer','expires_in'=>auth()->factory()->getTTL()*60]);}}使用多表认证无法使用中间密钥jwt自带的中间密钥auth:api或者jwt.auth,我建了一个中间密钥[myauth]用于路由验证在app/Http/MiddlewareApp\Http\Middleware;useClosure;useIlluminate\Support\Facades\Auth;classAuthMiddleware下新建命名空间{publicfunctionhandle($request,Closure$next){try{$user=auth()->guard('admin')->userOrFail();if(!$user){returnresponse()->json(['message'=>'jwtinvalid'],401);}}catch(\Tymon\JWTAuth\Exceptions\UserNotDefinedException$e){returnresponse()->json(['message'=>'jwtinvalid'],401);}返回$next($request);}}然后在app/Http/中添加protected$routeMiddleware=[...'cors'=>\App\Http\Middleware\ClientRequestCors::class在Kernel的$routeMiddleware下,//自定义跨域中间键'myauth'=>\App\Http\Middleware\AuthMiddleware::class,...];调用路由和Controller下的构造函数。免责声明由于时间关系,PostMan中没有截图。参考本文的朋友自行测试。下面例子的源码大量使用了jwt-auth文档代码
