Part1安装JWTStep1.使用Composer安装tymon/jwt-auth:`composerrequiretymon/jwt-auth1.0.0-rc.3Step2.添加服务提供者(Laravel5.4及以下,5.5及以上无需添加),在config/app.php文件的providers数组中添加如下行:[//其他代码Tymon\JWTAuth\Providers\LaravelServiceProvider::class,]步骤三、发布配置文件,运行如下命令发布jwt-auth配置文件:phpartisanvendor:publish--provider="Tymon\JWTAuth\Providers\LaravelServiceProvider"Step4.Generatethesecret,此命令将在您的.env文件中添加新行JWT_SECRET=secret。phpartisanjwt:secret第二部分开始配置第五步。配置Authguard,`在config/auth.php文件中,需要将guards/driver更新为jwt,只在使用Laravel5.2及以上版本时使用。['guard'=>'api','passwords'=>'users',]//其他代码'guards'=>['api'=>['driver'=>'jwt','provider'=>'users',]],步骤6.改变UserModel,在UserModel上实现TymonJWTAuthContractsJWTSubject接口,实现getJWTIidentifier()和getJWTCustomClaims()这两个方法。getKey();}}/***返回一个键值数组,包含要添加到JWT的任何自定义声明。**@return数组*/publicfunctiongetJWTCustomClaims(){return[];}}Part3快速创建DEMO测试Step7.添加一些基本的认证路由:'api','prefix'=>'auth'],function($router){Route::post('login','AuthController@login');Route::post('register','AuthController@register');Route::post('logout','AuthController@logout');路线::post('refresh','AuthController@refresh');Route::post('me','AuthController@me');});第8步。创建AuthController=>phpartisanmake:controllerAuthController:middleware('auth:api',['except'=>['login','register']]);}/***用户使用邮箱密码获取JWTToken。**@return\Illuminate\Http\JsonResponse*/publicfunctionlogin(){$credentials=request(['email','password']);}如果(!$token=auth()->attempt($credentials)){returnresponse()->json(['error'=>'Unauthorized'],401);}返回$this->respondWithToken($token);}/***注册一个新用户*/publicfunctionregister(Request$request){//数据验证//数据验证$validator=Validator::make($request->all(),['name'=>'required','email'=>'required|email','password'=>'required','c_password'=>'required|same:password']);如果($validator->fails()){returnresponse()->json(['error'=>$validator->errors()],401);}//读取参数并保存数据$input=$request->all();$input['密码']=bcrypt($input['密码']);$user=User::create($input);//创建令牌并返回return$user;}/***获取经过身份验证的用户。**@return\Illuminate\Http\JsonResponse*/publicfunctionme(){returnresponse()->json(auth()->user());}}/***刷新令牌。**@return\Illuminate\Http\JsonResponse*/publicfunctionrefresh(){return$this->respondWithToken(auth()->refresh());}}/***获取令牌数组结构。**@param字符串$token**@return\Illuminate\Http\JsonResponse*/保护函数respondWithToken($token){returnresponse()->json(['access_token'=>$token,'token_type'=>'bearer','expires_in'=>auth()->factory()->getTTL()*60]);}}Step9.使用Postman测试API:测试API数据获取,需要在headers中添加Token;formatkey=Authorization,value=BearerspacetokenToken刷新:
