[tymon]JWT-AUTO 翻译 [tymon]JWT-AUTO 翻译参考链接：jwt官网 https://jwt-auth.readthedocs.io/en/develop/laravel加载jwt参考 https://learnku.com/laravel/t/27760拉起最新版本：composer require tymon/jwt-auth注意：laravel-5.4版本以下将服务提供者添加到配置文件中的providers数组中config/app.php，如下所示：'providers' => [ ... Tymon\JWTAuth\Providers\LaravelServiceProvider::class, ]发布配置php artisan vendor:publish --provider="Tymon\JWTAuth\Providers\LaravelServiceProvider"此时自动生成一个config/jwt.php文件，允许配置此包的基础知识。生成密钥php artisan jwt:secret此步会更新.env文件JWT_SECRET={}laravel配置jwt更新用户模型需要在原本的User模型上实现getJWTIdentifier()和 getJWTCustomClaims()<?php namespace App; use Tymon\JWTAuth\Contracts\JWTSubject; use Illuminate\Notifications\Notifiable; use Illuminate\Foundation\Auth\User as Authenticatable; class User extends Authenticatable implements JWTSubject { use Notifiable; // Rest omitted for brevity /** * Get the identifier that will be stored in the subject claim of the JWT. * * @return mixed */ public function getJWTIdentifier() { return $this->getKey(); } /** * Return a key value array, containing any custom claims to be added to the JWT. * * @return array */ public function getJWTCustomClaims() { return []; } }配置身份验证保护注意此项需要laravel5.2及更高版本是时才有效。在该config/auth.php文件中，您需要进行一些更改来配置 Laravel 以使用jwt防护来支持您的应用程序身份验证。对文件进行下述更改：'defaults' => [ 'guard' => 'api', 'passwords' => 'users', ], ... 'guards' => [ 'api' => [ 'driver' => 'jwt', 'provider' => 'users', ], ],这里我们告诉api守卫使用jwt驱动程序，我们将api守卫设置为默认值。我们现在可以使用 Laravel 内置的 Auth 系统，而 jwt-auth 在幕后工作！添加一些基本的认证路由routes/api.phpRoute::group([ 'middleware' => 'api', 'prefix' => 'auth' ], function ($router) { Route::post('login', 'AuthController@login'); Route::post('logout', 'AuthController@logout'); Route::post('refresh', 'AuthController@refresh'); Route::post('me', 'AuthController@me'); });创建AuthController命令创建php artisan make:controller AuthController添加以下内容<?php namespace App\Http\Controllers; use Illuminate\Http\Request; use Illuminate\Support\Facades\Auth; use App\Http\Controllers\Controller; class AuthController extends Controller { /** * Create a new AuthController instance. * * @return void */ public function __construct() { $this->middleware('auth:api', ['except' => ['login']]); } /** * Get a JWT via given credentials. * * @return \Illuminate\Http\JsonResponse */ public function login() { $credentials = request(['email', 'password']); if (! $token = auth('api')->attempt($credentials)) { return failed('账号或者密码错误'); //return response()->json(['error' => 'Unauthorized'], 401); } $data = array( 'access_token' => $token, 'token_type' => 'bearer', 'expires_in' => auth('api')->factory()->getTTL() * 60 ); return success($data,'登录成功'); //return $this->respondWithToken($token); } /** * Get the authenticated User. * * @return \Illuminate\Http\JsonResponse */ public function me() { return response()->json(auth()->user()); } /** * Log the user out (Invalidate the token). * * @return \Illuminate\Http\JsonResponse */ public function logout() { auth()->logout(); return success([],'已成功注销'); //return response()->json(['message' => 'Successfully logged out']); } /** * Refresh a token. * * @return \Illuminate\Http\JsonResponse */ public function refresh() { return $this->respondWithToken(auth('api')->refresh()); } /** * Get the token array structure. * * @param string $token * * @return \Illuminate\Http\JsonResponse */ protected function respondWithToken($token) { return response()->json([ 'access_token' => $token, 'token_type' => 'bearer', 'expires_in' => auth('api')->factory()->getTTL() * 60 ]); } } 注意上面代码中使用了自动封装的助手函数 success() 和 failed()封装方式详见这篇文章测试最后就可以直接访问一下http://{HOST}/auth/login会得到类似参数：{ "access_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiYWRtaW4iOnRydWV9.TJVA95OrM7E2cBab30RMHrHDcEfxjoYZgeFONFh7HgQ", "token_type": "bearer", "expires_in": 3600 }验证身份有多种方式通过授权头方式Authorization: Bearer eyJhbGciOiJIUzI1NiI...通过查询字符串参数http://example.dev/me?token=eyJhbGciOiJIUzI1NiI...补充关于测试环境和开发模式切换引发报错Auth guard driver [api] is not defined 尝试使用composer install 或者 composer update补全丢失依赖文件