Laravel5.3 集成 jwt

• 安装jwt包

"tymon/jwt-auth":"1.0.0-alpha.3"

• 修改app.php

"providers"=>[
    Tymon\JWTAuth\Providers\LaravelServiceProvider::class,
]

"aliases"=>[
    'JWTAuth' => 'Tymon\JWTAuth\Facades\JWTAuth',
]

• 发布配置文件

php artisan vendor:publish

• 修改auth.php

我没有使用user表作为登录的表，因此下面的写法更具有普遍性。

    'guards' => [
        'api' => [
            'driver' => 'jwt',
            'provider' => 'members',
        ],
    ],

    'providers' => [
        'members' => [
            'driver' => 'eloquent',
            'model' => App\Models\Member::class,
        ],
    ],

• 不使用默认的登录控制器，新建控制器并重写AuthenticatesUsers的方法。因为laravel自带的用于后台了。

class AuthController extends ApiController
{
    use AuthenticatesUsers;

    protected function guard()
    {
        return Auth::guard("api");
    }

    public function __construct()
    {
        $this->middleware('guest', ['except' => 'logout']);
    }

    protected function validateLogin(Request $request)
    {
        $this->validate($request, [
            $this->username() => 'required', 'password' => 'required',
        ],[
            "required"=>"msg"
        ]);
    }

    protected function sendFailedLoginResponse(Request $request)
    {
        throw new AuthenticationException("msg");
    }

    protected function sendLoginResponse(Request $request)
    {
        $this->clearLoginAttempts($request);

        return $this->authenticated($request, $this->guard()->user());
    }

    public function username()
    {
        return 'mobile';
    }

    public function authenticated(Request $request, $user)
    {
        $token = JWTAuth::fromUser($user);
        return response()->json([
            'token' => $token,
        ]);
    }

    public function login(Request $request)
    {
        $this->validateLogin($request);
        if ($this->hasTooManyLoginAttempts($request)) {
            $this->fireLockoutEvent($request);

            return $this->sendLockoutResponse($request);
        }

        $credentials = $this->credentials($request);

        if ($this->guard()->attempt($credentials)) {
            return $this->sendLoginResponse($request);
        }
        $this->incrementLoginAttempts($request);

        return $this->sendFailedLoginResponse($request);
    }
    public function logout()
    {
        $this->guard()->logout(); 
    }
}

• 中间件以及routes/api.php

api使用了dingo/api构建

 $v2_namespace = "自己定义";
$api->version("v2",['prefix' => 'api/v2', 'namespace' => $v2_namespace],function(\Dingo\Api\Routing\Router $api){
    /**
     * 登录和退出登录
     */
    $api->post("login","AuthController@login");
    $api->post("logout","AuthController@logout");

    /**
     * 测试
     */
    $api->group(["middleware"=>"auth:api"],function (\Dingo\Api\Routing\Router $api){
        $api->get("test/token","TestController@testToken");
    });
});

备注

TestController实现

class TestController extends ApiController 
{
    public function testToken()
    {
        $user = JWTAuth::parseToken()->authenticate();

        return $user->toArray();
    }
}

url

http://localhost/api/v2/test/token

header

Authorization Bearer {token}

更多请参考

https://github.com/tymondesigns/jwt-auth/issues/860  
https://github.com/tymondesigns/jwt-auth/issues/260#issuecomment-143683226

谢谢观看。