laravel dingo/api添加jwt-auth認證
阿新 • • 發佈:2018-07-09
err vendor play world! mail hang 提示 verify extend
前面我們學了laravel dingo/api創建簡單的api,這樣api是開放給所有人的,如何查看和限制api的調用呢?可以用jwt-auth來驗證,JSON Web Token Authentication
1,首先安裝jwt-auth插件,在命令行中用composer安裝
composer require tymon/jwt-auth ‘0.5.*‘
2,然後發布
php artisan vendor:publish --provider="Tymon\JWTAuth\Providers\JWTAuthServiceProvider"
在/config/生成了一個jwt.php文件
3,生成key
php artisan jwt:generate
如果命令無法運行,可以在/config/jwt.php文件中修改changeme為自己設置的密匙
‘secret‘ => env(‘JWT_SECRET‘, ‘changeme‘),
4,修改/app/Api/Controllers/HelloController.php為
<?php namespace App\Api\Controllers; use Illuminate\Http\Request; use App\Http\Controllers\Controller; //添加jwt-auth認證 use JWTAuth; use Tymon\JWTAuth\Exceptions\JWTException; class HelloController extends Controller { public function index() { return ‘{content:Helloworld!}‘; } //添加jwt-auth認證 public function authenticate(Request $request) { // grab credentials from the request $credentials = $request->only(‘email‘, ‘password‘); try { // attempt to verify the credentials and create a token for the user if (! $token = JWTAuth::attempt($credentials)) { return response()->json([‘error‘ => ‘invalid_credentials‘], 401); } } catch (JWTException $e) { // something went wrong whilst attempting to encode the token return response()->json([‘error‘ => ‘could_not_create_token‘], 500); } // all good so return the token return response()->json(compact(‘token‘)); } }
5,添加路由(/routes/web.php)
$api->post(‘auth‘, ‘App\Api\Controllers\HelloController@authenticate‘);
6,測試路由:php artisan api:routes,如果出現如下提示表示正確
訪問url:***.com/api/auth顯示錯誤,因為沒加token
重新修改hellocontrol和loutes
<?php namespace App\Api\Controllers; use Illuminate\Http\Request; use App\Http\Controllers\Controller; use JWTAuth; use Tymon\JWTAuth\Exceptions\JWTException; class HelloController extends Controller { /** * Create a new controller instance. * * @return void */ /** * Show the application dashboard. * * @return \Illuminate\Http\Response */ public function index() { return ‘{content:Helloworld!}‘; } public function authenticate(Request $request) { // grab credentials from the request $credentials = $request->only(‘email‘, ‘password‘); try { // attempt to verify the credentials and create a token for the user if (! $token = JWTAuth::attempt($credentials)) { return response()->json([‘error‘ => ‘invalid_credentials‘], 401); } } catch (JWTException $e) { // something went wrong whilst attempting to encode the token return response()->json([‘error‘ => ‘could_not_create_token‘], 500); } // all good so return the token return response()->json(compact(‘token‘)); } //添加user public function user() { JWTAuth::parseToken(); $user = JWTAuth::parseToken()->authenticate(); return $user; } }
<?php Route::get(‘/‘, function () { return view(‘welcome‘); }); Auth::routes(); Route::get(‘/home‘, ‘HomeController@index‘)->name(‘home‘); $api = app(‘Dingo\Api\Routing\Router‘); $api->version(‘v1‘, function ($api) { $api->get(‘helloworld‘, ‘App\Api\Controllers\HelloController@index‘); $api->post(‘auth‘, ‘App\Api\Controllers\HelloController@authenticate‘); $api->get(‘auth‘, ‘App\Api\Controllers\HelloController@user‘); });
用谷歌瀏覽器postman插件獲取token,註意是post方法,步驟如下圖所示
將獲取的token復制,黏貼到第二步的用戶驗證token中,下圖5中就是我們剛剛註冊的用戶
laravel dingo/api添加jwt-auth認證