ThinkPHP6 JWT封装
首先composer引入JWT安装
composer require firebase/php-jwt
<?php
namespace app\api\business;
use app\BaseController;
use Firebase\JWT\ExpiredException;
use Firebase\JWT\JWT as JWTUtil;
use Firebase\JWT\Key;
class Jwt extends BaseController
{
/**
* 根据json web token设置的规则生成token
* @return \think\response\Json
*/
public static function createjwt($id)
{
//jwt的签发密钥,验证token的时候需要用到
$key = md5('pyg');
//签发时间
$time = time();
//过期时间
$expire = $time + 14400;
$token = array(
"user_id" => $id,
"iss" => "http://www.pyg.com/",//签发组织
"aud" => "thinkphp", //签发作者
"iat" => $time,
"nbf" => $time,
"exp" => $expire
);
$jwt = JWTUtil::encode($token,$key,'HS256');
return $jwt;
}
/**
* 验证token
* @return \think\response\Json
*/
public static function verifyjwt($token)
{
$key = md5('pyg'); //jwt的签发密钥,验证token的时候需要用到
try{
$jwtAuth = json_encode(JWTUtil::decode($token, new Key($key, 'HS256')));
$authInfo = json_decode($jwtAuth,true);
if (!$authInfo['user_id']){
return "用户不存在";
}
return "ok";
}catch (ExpiredException $e){
return "token过期";
}catch (\Exception $e){
return $e->getMessage();
}
}
// 从请求信息中获取token令牌
public static function getRequestToken()
{
if (empty($_SERVER['HTTP_AUTHORIZATION'])) {
return false;
}
$header = $_SERVER['HTTP_AUTHORIZATION'];
$method = 'bearer';
//去除token中可能存在的bearer标识
return trim(str_ireplace($method, '', $header));
}
}如果获取不到头信息
在public下的.htaccess中加入以下代码
<IfModule mod_rewrite.c>
Options +FollowSymlinks -Multiviews
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
#增加如下内容
SetEnvIf Authorization .+ HTTP_AUTHORIZATION=$0
</IfModule>
浙公网安备 33010602011771号