1.使用composer安装laravel里面的jwt工具包
composer require lcobucci/jwt
对应laravel里面安装包
2.jwt工具类
<?php
/**
* Created by PhpStorm.
* User: season
* Date: 2019/4/7
* Time: 15:33
*/
namespace App\Lib;
use Lcobucci\JWT\Builder;
use Lcobucci\JWT\Parser;
use Lcobucci\JWT\Signer\Hmac\Sha256;
use Lcobucci\JWT\ValidationData;
/**
*
* 单例模式 一次请求只针对一个用户.
* Class JwtAuth
* @package App\Lib
*/
class JwtAuth
{
private static $instance;
// 加密后的token
private $token;
// 解析JWT得到的token
private $decodeToken;
// 用户ID
private $uid;
// jwt密钥
private $secrect = 'cSWI7BXwInlDsvdSxSQjAXcE32STE6kD';
// jwt参数
private $iss = 'http://example.com';//该JWT的签发者
private $aud = 'http://example.org';//配置听众
private $id = '4f1g23a12aa';//配置ID(JTI声明)
/**
* 获取token
* @return string
*/
public function getToken()
{
return (string)$this->token;
}
/**
* 设置类内部 $token的值
* @param $token
* @return $this
*/
public function setToken($token)
{
$this->token = $token;
return $this;
}
/**
* 设置uid
* @param $uid
* @return $this
*/
public function setUid($uid)
{
$this->uid = $uid;
return $this;
}
/**
* 得到 解密过后的 uid
* @return mixed
*/
public function getUid()
{
return $this->uid;
}
/**
* 加密jwt
* @return $this
*/
public function encode()
{
$time = time();
$this->token = (new Builder())
->setIssuer($this->iss)// Configures the issuer (iss claim)
->setAudience($this->aud)// Configures the audience (aud claim)
->setId($this->id, true)// Configures the id (jti claim), replicating as a header item
->setIssuedAt($time)// Configures the time that the token was issued (iat claim)
->setNotBefore($time + 60)// Configures the time that the token can be used (nbf claim)
->setExpiration($time + 3600)// Configures the expiration time of the token (exp claim)
->set('uid', $this->uid)// Configures a new claim, called "uid"
->sign(new Sha256(), $this->secrect)// creates a signature using secrect as key
->getToken(); // Retrieves the generated token
return $this;
}
/**
* 解密token
* @return \Lcobucci\JWT\Token
*/
public function decode()
{
if (!$this->decodeToken) {
$this->decodeToken = (new Parser())->parse((string)$this->token);
$this->uid = $this->decodeToken->getClaim('uid');
}
return $this->decodeToken;
}
/**
* 验证令牌是否有效
* @return bool
*/
public function validate()
{
$data = new ValidationData();
$data->setAudience($this->aud);
$data->setIssuer($this->iss);
$data->setId($this->id);
return $this->decode()->validate($data);
}
/**
* 验证令牌在生成后是否被修改
* @return bool
*/
public function verify()
{
$res = $this->decode()->verify(new Sha256(), $this->secrect);
return $res;
}
/**
* 该类的实例
* @return JwtAuth
*/
public static function getInstance()
{
if (is_null(self::$instance)) {
self::$instance = new self();
}
return self::$instance;
}
/**
* 单例模式 禁止该类在外部被new
* JwtAuth constructor.
*/
private function __construct()
{
}
/**
* 单例模式 禁止外部克隆
*/
private function __clone()
{
// TODO: Implement __clone() method.
}
}
3.使用compoer自动加载机制加载jwt类
D:\laravel>composer dump-autoload
控制器层使用
$jwtAuth = JwtAuth::getInstance();
$uid=109;
$token = $jwtAuth->setUid($uid)->encode()->getToken();
验签
$jwtAuth = JwtAuth::getInstance();
$jwtAuth->setToken($token);
if ($jwtAuth->validate() && $jwtAuth->verify()){
echo 11111;
}else{
echo 333;
}
