我的github博客:
dingo api 中文文档: Laravel中使用JWT: 辅助文章:
参考https://www.jianshu.com/p/62b0c4d75e59 这篇文章基本就能搭建出环境,我使用的版本跟他一样 "dingo/api": "2.0.0-alpha1","tymon/jwt-auth": "^1.0.0-rc.1",不知道别的版本有啥大的区别,但是网上找的其他一些文章使用的是旧的版本,jwt封装的东西路径可能不一样,可能会保错,有些文档还说要手动添加Tymon\JWTAuth\Providers\LaravelServiceProvider::class和Dingo\Api\Provider\LaravelServiceProvider::class,其实新版本不需要。
1. composer.json引入包,执行composer update:
"require": { ...... "dingo/api": "2.0.0-alpha1", "tymon/jwt-auth": "^1.0.0-rc.1" },复制代码 2. 执行下面两个语句自动生成dingo和jwt的配置文件:
php artisan vendor:publish --provider="Dingo\Api\Provider\LaravelServiceProvider"//config文件夹中生成dingo配置文件---> api.php复制代码
php artisan vendor:publish --provider="Tymon\JWTAuth\Providers\LaravelServiceProvider"//config文件夹中生成dingo配置文件---> jwt.php复制代码
3. 配置 .env
具体配置可参考 文档https://www.bookstack.cn/read/dingo-api-wiki-zh/Configuration.md ,我的配置是
API_STANDARDS_TREE=vndAPI_PREFIX=apiAPI_VERSION=v1API_DEBUG=trueAPI_SUBTYPE=myapp 复制代码
还需在命令行执行 php artisan jwt:secret,会在.env自动添加JWT_SECRET,其他若需要,可以到各种的配置文件中看,在.env添加即可
4. 关键处理
'defaults' => [ 'guard' => 'web', 'passwords' => 'users', ], 'guards' => [ 'web' => [ 'driver' => 'session', 'provider' => 'users', ], 'api' => [ 'driver' => 'jwt', 'provider' => 'users', ], ],复制代码
这里需要把api原本的driver => session 改为使用jwt机制,provider对应你要用的用户认证表,一般就是登录注册那张表
getKey(); } /** * Return a key value array, containing any custom claims to be added to the JWT. * * @return array */ public function getJWTCustomClaims() { return []; }}复制代码 5. 设置控制器
考虑到可能后面需要开发不同版本api,所以在app/Http/Controller下建立了V1,V2目录,根据你自己的需求来,只要写好命名空间就ok
middleware('refresh', ['except' => ['login','register']]); } public function test(){ echo "test!!"; } public function register(Request $request) { $rules = [ 'name' => ['required'], 'email' => ['required'], 'password' => ['required', 'min:6', 'max:16'], ]; $payload = $request->only('name', 'email', 'password'); $validator = Validator::make($payload, $rules); // 验证格式 if ($validator->fails()) { return $this->response->array(['error' => $validator->errors()]); } // 创建用户 $result = User::create([ 'name' => $payload['name'], 'email' => $payload['email'], 'password' => bcrypt($payload['password']), ]); if ($result) { return $this->response->array(['success' => '创建用户成功']); } else { return $this->response->array(['error' => '创建用户失败']); } } /** * Get a JWT token via given credentials. * * @param \Illuminate\Http\Request $request * * @return \Illuminate\Http\JsonResponse */ public function login(Request $request) { $credentials = $request->only('email', 'password'); if ($token = $this->guard()->attempt($credentials)) { return $this->respondWithToken($token); } return $this->response->errorUnauthorized('登录失败'); } /** * Get the authenticated User * * @return \Illuminate\Http\JsonResponse */ public function me() { //return response()->json($this->guard()->user()); return $this->response->array($this->guard()->user()); } /** * Log the user out (Invalidate the token) * * @return \Illuminate\Http\JsonResponse */ public function logout() { $this->guard()->logout(); //return response()->json(['message' => 'Successfully logged out']); return $this->response->array(['message' => '退出成功']); } /** * Refresh a token. * * @return \Illuminate\Http\JsonResponse */ public function refresh() { return $this->respondWithToken($this->guard()->refresh()); } /** * Get the token array structure. * * @param string $token * * @return \Illuminate\Http\JsonResponse */ protected function respondWithToken($token) { return response()->json([ 'access_token' => $token, 'token_type' => 'bearer', 'expires_in' => $this->guard()->factory()->getTTL() * 60 ]); } /** * Get the guard to be used during authentication. * * @return \Illuminate\Contracts\Auth\Guard */ public function guard() { return Auth::guard($this->guard); }}复制代码 控制器中命名空间namespace需要设置好,路由的时候需要用到,
$this->middleware('refresh', ['except' => ['login','register']]);这里的中间件使用的是网上找的,用于无痛刷新jwt的token,具体可以参考这篇文章:
6. refresh中间件
checkForToken($request); // 使用 try 包裹,以捕捉 token 过期所抛出的 TokenExpiredException 异常 try { // 检测用户的登录状态,如果正常则通过 if ($this->auth->parseToken()->authenticate()) { return $next($request); } throw new UnauthorizedHttpException('jwt-auth', '未登录'); } catch (TokenExpiredException $exception) { // 此处捕获到了 token 过期所抛出的 TokenExpiredException 异常,我们在这里需要做的是刷新该用户的 token 并将它添加到响应头中 try { // 刷新用户的 token $token = $this->auth->refresh(); // 使用一次性登录以保证此次请求的成功 \Auth::guard('api')->onceUsingId($this->auth->manager()->getPayloadFactory()->buildClaimsCollection()->toPlainArray()['sub']); } catch (JWTException $exception) { // 如果捕获到此异常,即代表 refresh 也过期了,用户无法刷新令牌,需要重新登录。 throw new UnauthorizedHttpException('jwt-auth', $exception->getMessage()); } } return $next($request)->withHeaders([ 'Authorization'=> 'Bearer '.$token, ]); }}复制代码 写好中间件后需要在app/Http/Kernel.php中注入 protected $routeMiddleware = [ ...... 'refresh' => RefreshToken::class, ];
7. routes/api.php 设置路由
$api = app('Dingo\Api\Routing\Router');$api->version('v1', ['namespace' => 'App\Http\Controllers\V1'], function ($api) { $api->post('register', 'AuthController@register'); $api->post('login', 'AuthController@login'); $api->post('logout', 'AuthController@logout'); $api->post('refresh', 'AuthController@refresh'); $api->post('me', 'AuthController@me'); $api->get('test', 'AuthController@test');});复制代码 这里有个坑,不要这样写
next(
api->post('me',, 'AuthController@me')->middleware('refresh');
根据以上几个步骤就可以建立起简单的api后台基础,获取api路由列表可以使用命令行: php artisan api:routes routes:list貌似无法显示以上api路由,需要在api.php那里再写一遍原始的laravel路由定义才可以显示:比如这样Route::post('api/test', 'AuthController@test');后续会用另一篇幅来记录postman和小程序相关知识