Laravel使用JWT来建立用户认证API

时间  2019-11-29
标签 laravel 使用 jwt 建立 用户 认证 api 繁體版
原文   原文链接

本文来自pilishen.com----原文连接; 欢迎做客咱们的php&Laravel学习群:109256050php

这个例子将引导你在laravel中使用JWT来建立用户登陆和注册的API。JWTJson Web Token的简称,能够帮助咱们建立用户认证,以此链接先后端。前端

(一)安装tymon/jwt-auth组件

composer require tymon/jwt-auth
复制代码

修改config/app.phplaravel

'providers' => [
	....
	'Tymon\JWTAuth\Providers\JWTAuthServiceProvider',
],
'aliases' => [
	....
	'JWTAuth' => 'Tymon\JWTAuth\Facades\JWTAuth'
],
复制代码

发布JWT的配置文件,用以修改token过时时间等:ajax

php artisan vendor:publish --provider="Tymon\JWTAuth\Providers\JWTAuthServiceProvider"
复制代码

生成jwt的秘钥:json

php artisan jwt:generate
复制代码

(二)建立api路由

app/Http/routes.php中(示例用的是laravel 5.2,你也能够放到后期版本的api.php中)后端

Route::group(['middleware' => ['api','cors'],'prefix' => 'api'], function () {
    Route::post('register', 'APIController@register');
    Route::post('login', 'APIController@login');
    Route::group(['middleware' => 'jwt-auth'], function () {
    	Route::post('get_user_details', 'APIController@get_user_details');
    });
});
复制代码

(三)建立CORS Middleware

这里的cors中间件,这是用来解决跨域请求默认被拦截的问题,若是不加就会有下面这个常见报错:api

Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at //test.com/api/register. (Reason: CORS header 'Access-Control-Allow-Origin' missing).
复制代码

因此:跨域

php artisan make:middleware CORS
复制代码

而后在app/Http/Middleware/CORS.php中:bash

namespace App\Http\Middleware;
use Closure;
class CORS
{
    public function handle($request, Closure $next)
    {
        header('Access-Control-Allow-Origin: *');
        
        $headers = [
            'Access-Control-Allow-Methods'=> 'POST, GET, OPTIONS, PUT, DELETE',
            'Access-Control-Allow-Headers'=> 'Content-Type, X-Auth-Token, Origin'
        ];
        if($request->getMethod() == "OPTIONS") {
            return Response::make('OK', 200, $headers);
        }
        
        $response = $next($request);
        foreach($headers as $key => $value)
            $response->header($key, $value);
        return $response;
    }
}
复制代码

注册中间件app/Http/Kernel.phpapp

namespace App\Http;
use Illuminate\Foundation\Http\Kernel as HttpKernel;
class Kernel extends HttpKernel
{
	...
	...
    protected $routeMiddleware = [
        ...
        'cors' => \App\Http\Middleware\CORS::class,
    ];
}
复制代码

(四)建立jwt-auth Middleware

php artisan make:middleware authJWT
复制代码

而后app/Http/Middleware/authJWT.php

namespace App\Http\Middleware;
use Closure;
use JWTAuth;
use Exception;
class authJWT
{
    public function handle($request, Closure $next)
    {
        try {
            $user = JWTAuth::toUser($request->input('token'));
        } catch (Exception $e) {
            if ($e instanceof \Tymon\JWTAuth\Exceptions\TokenInvalidException){
                return response()->json(['error'=>'Token is Invalid']);
            }else if ($e instanceof \Tymon\JWTAuth\Exceptions\TokenExpiredException){
                return response()->json(['error'=>'Token is Expired']);
            }else{
                return response()->json(['error'=>'Something is wrong']);
            }
        }
        return $next($request);
    }
}
复制代码

而后app/Http/Kernel.php

namespace App\Http;
use Illuminate\Foundation\Http\Kernel as HttpKernel;
class Kernel extends HttpKernel
{
	...
	...
    protected $routeMiddleware = [
        ...
        'jwt-auth' => \App\Http\Middleware\authJWT::class,
    ];
}
复制代码

(五)建立相应的Controller

app/Http/Controllers/APIController.php中:

namespace App\Http\Controllers;
use Illuminate\Http\Request;
use App\User;
use Hash;
use JWTAuth;
class APIController extends Controller
{
	
    public function register(Request $request)
    {        
    	$input = $request->all();
    	$input['password'] = Hash::make($input['password']);
    	User::create($input);
        return response()->json(['result'=>true]);
    }
    
    public function login(Request $request)
    {
    	$input = $request->all();
    	if (!$token = JWTAuth::attempt($input)) {
            return response()->json(['result' => 'wrong email or password.']);
        }
        	return response()->json(['result' => $token]);
    }
    
    public function get_user_details(Request $request)
    {
    	$input = $request->all();
    	$user = JWTAuth::toUser($input['token']);
        return response()->json(['result' => $user]);
    }
    
}
复制代码

(六)前端测试API

这里你彻底能够使用postman或者rest client等其余工具。

测试Register API:

$.ajax({
	url: "//learnl52.hd/api/register",
	dataType: "json",
	type: "POST",
	data: {"name":"HD","email":"test@gmail.com","password":"123456"},
	success: function (data) {
		alert("user created successfully")
	}
});
复制代码

测试Login API:

$.ajax({
	url: "//learnl52.hd/api/login",
	dataType: "json",
	type: "POST",
	data: {"email":"test@gmail.com","password":"123456"},
	success: function (data) {
		alert(data.result)
	}
});
复制代码

测试User Details API(这里的token是你Login api返回的token)

$.ajax({
	url: "//learnl52.hd/api/get_user_details",
	dataType: "json",
	type: "POST",
	data: {"token":your toke here},
	success: function (data) {
		console.log(data)
	}
});
复制代码
相关文章
相关标签/搜索
每日一句
    每一个你不满意的现在,都有一个你没有努力的曾经。
本站公众号
   欢迎关注本站公众号,获取更多信息
联系我们 最近搜索 最新文章 沪ICP备13005482号-10 MyBatis教程 SQL 教程 MySQL教程 Java 教程 Thymeleaf 教程 Hibernate教程 Spring教程 Redis教程