转载:laravel 5.4 + dingo api + jwt 代替Passport
本文只是介绍了api接口开发的规范和生成token,后期还需要完成old_token和refresh_token的互换,还有一个就是这里的是基于json的web接口开发,如果需要做app的api接口开发这里应当在头部加上一个sign校验签的功能,至于web,加密是可见的,所以我想也不用加一个sign,如果前端web可以做一个不可见加密传输的话,放在这里可以大大提高网站安全性能
项目地址:https://github.com/645614085/jwt_dingo
具体方法按照下面的一步一步做出来的:
新装一个laravel
composer create-project --prefer-dist laravel/laravel myApiProject
安装dingo api
composer require dingo/api:1.0.x@dev
在config/app.php添加服务
'providers' => [
//前面很多
Dingo\Api\Provider\LaravelServiceProvider::class,
]
发布:
php artisan vendor:publish --provider="Dingo\Api\Provider\LaravelServiceProvider"
配置 .env
API_STANDARDS_TREE=vnd
API_SUBTYPE=emall
API_PREFIX=api
API_VERSION=v1
上面就是安装dingo的步骤,比较简单,现在在规定的路由里面开发,请求返回的数据就是规范格式的json输出内容
配置jwt(json web token)
composer require "tymon/jwt-auth: 1.0.*@dev"
在config/api.php中添加
'auth' => [
'jwt' => Dingo\Api\Auth\Provider\JWT::class
]
在config/app.php中添加:
'providers' => [
// 前面很多
Tymon\JWTAuth\Providers\LaravelServiceProvider::class
],
'aliases' => [
// 前面很多
'JWTAuth' => Tymon\JWTAuth\Facades\JWTAuth::class
]
在终端运行:
php artisan vendor:publish --provider="Tymon\JWTAuth\Providers\LaravelServiceProvider"
生成jwt secret
php artisan jwt:secret
路由:
在routers/api.php
//这句接管路由
$api = app('Dingo\Api\Routing\Router');
$api->version('v1', function ($api) {
$api->post('login', 'App\Http\Controllers\Api\Auth\LoginController@login');
$api->post('register', 'App\Http\Controllers\Api\Auth\RegisterController@register');
});
在终端输入(生成两个控制器,这里原文少了controller):
php artisan make:controller App\Http\Controller\Api\Auth\LoginController
php artisan make:controller App\Http\Controller\Api\Auth\RegisterController
数据库配置、、、
添加迁移文件:
php artisan make:model User -m
public function up()
{
Schema::create('users', function (Blueprint $table) {
$table->increments('id');
$table->string('name')->unique();
$table->string('email')->unique();
$table->string('password');
$table->rememberToken();
$table->timestamps();
});
}
终端运行:php artisan migrate
修改user.php的model,要implement JWTSubject
use Illuminate\Notifications\Notifiable;
use Illuminate\Foundation\Auth\User as Authenticatable;
use Tymon\JWTAuth\Contracts\JWTSubject;
class User extends Authenticatable implements JWTSubject
{
use Notifiable;
/**
* The attributes that are mass assignable.
*
* @var array
*/
protected $fillable = [
'name', 'email', 'password',
];
/**
* The attributes that should be hidden for arrays.
*
* @var array
*/
protected $hidden = [
'password', 'remember_token',
];
/**
* Get the identifier that will be stored in the subject claim of the JWT.
*
* @return mixed
*/
public function getJWTIdentifier()
{
return $this->getKey();
}
/**
* Return a key value array, containing any custom claims to be added to the JWT.
*
* @return array
*/
public function getJWTCustomClaims()
{
return [];
}
}
实现注册功能:
在之前建的App/Http/Controller/Api/Auth/RegisterController.php
添加如下内容
use App\Http\Controllers\Controller;
use App\User;
use Dingo\Api\Exception\StoreResourceFailedException;
use Dingo\Api\Routing\Helpers;
use Illuminate\Foundation\Auth\RegistersUsers;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Validator;
use Tymon\JWTAuth\Facades\JWTAuth;
class RegisterController extends Controller
{
use RegistersUsers;
use Helpers;
public function register(Request $request){
$validator = $this->validator($request->all());
if($validator->fails()){
throw new StoreResourceFailedException("Validation Error", $validator->errors());
}
$user = $this->create($request->all());
if($user){
$token = JWTAuth::fromUser($user);
return $this->response->array([
"token" => $token,
"message" => "User created",
"status_code" => 201
]);
}else{
return $this->response->error("User Not Found...", 404);
}
}
protected function validator(array $data)
{
return Validator::make($data, [
'name' => 'required|unique:users',
'email' => 'required|email|max:255|unique:users',
'password' => 'required|min:6',
]);
}
protected function create(array $data)
{
return User::create([
'name' => $data['name'],
'email' => $data['email'],
'password' => bcrypt($data['password']),
]);
}
}
实现登陆功能
在之前建的App/Http/Controller/Api/Auth/LoginController.php
use App\User;
use Dingo\Api\Routing\Helpers;
use Illuminate\Foundation\Auth\AuthenticatesUsers;
use Illuminate\Http\Request;
use App\Http\Controllers\Controller;
use Illuminate\Support\Facades\Hash;
use Symfony\Component\HttpKernel\Exception\UnauthorizedHttpException;
use Tymon\JWTAuth\Facades\JWTAuth;
class LoginController extends Controller
{
use AuthenticatesUsers;
use Helpers;
public function login(Request $request){
$user = User::where('email', $request->email)->orWhere('name', $request->email)->first();
if($user && Hash::check($request->get('password'), $user->password)){
$token = JWTAuth::fromUser($user);
return $this->sendLoginResponse($request, $token);
}
return $this->sendFailedLoginResponse($request);
}
public function sendLoginResponse(Request $request, $token){
$this->clearLoginAttempts($request);
return $this->authenticated($token);
}
public function authenticated($token){
return $this->response->array([
'token' => $token,
'status_code' => 200,
'message' => 'User Authenticated'
]);
}
public function sendFailedLoginResponse(){
throw new UnauthorizedHttpException("Bad Credentials");
}
public function logout(){
$this->guard()->logout();
}
}
拉取用户信息
在routers/api.php添加
$api->group(['middleware' => 'api.auth'], function ($api) {
$api->get('user', 'App\Http\Controllers\Api\UsersController@index');
});
终端运行:
php artisan make:controller App\\Http\\Controllers\\Api\\UsersController
namespace App\Http\Controllers\Api;
use Dingo\Api\Routing\Helpers;
use Illuminate\Routing\Controller;
class UsersController extends Controller
{
use Helpers;
public function __construct()
{
$this->middleware('api.auth');//这里我没有把这个controller放在中间件里面,所以放了这个,如果放在中间件的话,我想这个构造函数就多余了
}
public function index(){
// return User::all();
$user = $this->auth->user();
return $user;
}
}
乐趣公园 , 版权所有丨如未注明 , 均为原创丨本网站采用BY-NC-SA协议进行授权 , 转载请注明Laravel 结合dingo和JWT快速搭建api!
