记一次 laravel JWT 鉴权

基于docker

一、安装 JWT 扩展包

在 Laravel 中使用 JWT 进行鉴权，最常用的方式是通过社区推荐的包 tymon/jwt-auth。

docker-compose run --rm composer require tymon/jwt-auth

Using version ^2.2 for tymon/jwt-auth
安装拓展成功

 

二、发布配置文件并生成密钥

Desktop\docker\laravel10> docker-compose exec app bash       --进入容器  
root@7475a1b46999:/var/www/src# php artisan vendor:publish --provider="Tymon\JWTAuth\Providers\LaravelServiceProvider"   --执行命令

 结果：Copying file [vendor/tymon/jwt-auth/config/config.php] to [config/jwt.php] ..

php artisan jwt:secret

结果 ：jwt-auth secret [kylPHDtLwyMaPjdpcDTOnHppjdJhlpxWcCRdq8JW9iNWIpRQVX04nY1EH1xSHHZu] set successfully.

 

之后 .env 文件会生成

JWT_SECRET=你的密钥

 

三、修改 config/auth.php 配置

'defaults' => [
    'guard' => 'api',
    'passwords' => 'users',
],

'guards' => [
    'api' => [
        'driver' => 'jwt',
        'provider' => 'users',
    ],
],

 四、生成一个user模型 （laravel-app   为容器名）

docker exec -it laravel-app php artisan make:model Admin/User/User

protected $table = 'users'; // ✅ 指定你的表名（如果不是默认 users）

    protected $fillable = ['name','phone', 'password', 'email']; // 根据你的表结构设置
    public function getJWTIdentifier()
    {
        return $this->getKey();
    }

    public function getJWTCustomClaims()
    {
        return []; // 可返回自定义数据（可选）
    }

    protected function serializeDate(\DateTimeInterface $date)
    {
        return $date->format('Y-m-d H:i:s');
    }

五、创建登录和注册接口

docker exec -it laravel-app php artisan make:controller users/userController

namespace App\Http\Controllers\users;

use App\Http\Controllers\Controller;
use App\Models\Admin\User\User;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Hash;
use Tymon\JWTAuth\Facades\JWTAuth;

class userController extends Controller
{
    public function register(Request $request)
    {

        $user = User::create([
            'name'     => $request->name,
            'email'    => $request->email,
            'password' => Hash::make($request->password),
        ]);

        return response()->json(['user' => $user], 201);
    }

    public function login(Request $request)
    {
        $credentials = $request->only('email', 'password');

        if (!$token = JWTAuth::attempt($credentials)) {
            return response()->json(['error' => 'Unauthorized'], 401);
        }

        return response()->json(['token' => $token]);
    }


    public function me()
    {
        return response()->json(auth()->user());
    }

    public function logout()
    {
        auth()->logout();
        return response()->json(['message' => 'Successfully logged out']);
    }


    public function refresh()
    {
        return response()->json(['token' => auth()->refresh()]);
    }
}

六、定义 API 路由

Route::post('register', [userController::class, 'register']);
Route::post('login',    [userController::class, 'login']);

Route::middleware('auth:api')->group(function () {
    Route::get('me',     [userController::class, 'me']);
    Route::post('logout',[userController::class, 'logout']);
    Route::post('refresh',[userController::class, 'refresh']);//当token快要过期的时候 来获取新的token
});

七、使用测试工具测试接口（Apifox）

　　登录后返回token

{"token":"eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJodHRwOi8vbG9jYWxob3N0OjgwMDEvYXBpL2xvZ2luIiwiaWF0IjoxNzUwMTQ2NjA1LCJleHAiOjE3NTAxNTAyMDUsIm5iZiI6MTc1MDE0NjYwNSwianRpIjoiUnFXY0l1cVRVdmlYYndabiIsInN1YiI6IjgiLCJwcnYiOiI0OGY3ZTRjNTg0YmYwNTBkMmYzZmU2ODJjMGE2OTM0ZWMyODkxMThlIn0.QAJhi7gzqvn2IgpPwbNE_f_c8ceQ_hsAewZpFjAsNLk"}

 

 

八、后续数据Header操作携带token

参数名:Authorization

参数值：Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJodHRwOi8vbG9jYWxob3N0OjgwMDEvYXBpL2xvZ2luIiwiaWF0IjoxNzUwMTQ0MDUxLCJleHAiOjE3NTAxNDc2NTEsIm5iZiI6MTc1MDE0NDA1MSwianRpIjoiOWJBNmhmczNkYzNiWkhMQiIsInN1YiI6IjYiLCJwcnYiOiI0OGY3ZTRjNTg0YmYwNTBkMmYzZmU2ODJjMGE2OTM0ZWMyODkxMThlIn0.tV_r3bs5DNFJtGyS9hzf5tA-WpVhce1jbX1yc1-SCaU