亚洲国产日韩欧美一区二区三区,精品亚洲国产成人av在线,国产99视频精品免视看7,99国产精品久久久久久久成人热,欧美日韩亚洲国产综合乱

目錄
1. Install the JWT Package
2. Publish the Configuration File
3. Generate the Secret Key
4. Configure the User Model
5. Set Up Authentication Guards
6. Create Authentication Controllers
7. Define API Routes
8. Test the Flow
Optional: Customize Token Expiry
Notes & Security Tips
首頁 php框架 Laravel 如何在Laravel中實(shí)施JWT身份驗(yàn)證?

如何在Laravel中實(shí)施JWT身份驗(yàn)證?

Jul 26, 2025 am 09:32 AM

安裝tymon/jwt-auth 包;2. 發(fā)布JWT 配置文件;3. 生成JWT 密鑰並配置.env;4. 用戶模型實(shí)現(xiàn)JWTSubject 接口;5. 在auth 配置中設(shè)置JWT guard;6. 創(chuàng)建包含登錄、登出、刷新和獲取用戶信息的控制器;7. 在api.php 中定義路由並應(yīng)用auth:api 中間件;8. 通過Authorization: Bearer <token> 請(qǐng)求受保護(hù)路由,完成認(rèn)證流程,整個(gè)過程需確保JWT_SECRET 安全且輸入驗(yàn)證嚴(yán)格,最終實(shí)現(xiàn)Laravel 中基於JWT 的無狀態(tài)API 認(rèn)證。

How to implement JWT authentication in Laravel?

Implementing JWT (JSON Web Token) authentication in Laravel is a common requirement for building stateless APIs. Here's a clear, step-by-step guide using the popular tymon/jwt-auth package.

How to implement JWT authentication in Laravel?

1. Install the JWT Package

First, install the tymon/jwt-auth package via Composer:

 composer require tymon/jwt-auth

Note: For Laravel 10/9, make sure you're using a compatible version. As of recent versions, use ^2.1 .

How to implement JWT authentication in Laravel?

2. Publish the Configuration File

Publish the JWT configuration file using Artisan:

 php artisan vendor:publish --provider="Tymon\JWTAuth\Providers\LaravelServiceProvider"

This creates a config/jwt.php file where you can customize token behavior (TTL, algorithm, etc.).

How to implement JWT authentication in Laravel?

3. Generate the Secret Key

Generate a secret key for signing tokens:

 php artisan jwt:secret

This command adds a JWT_SECRET entry to your .env file — crucial for securing your tokens.

Example in .env :

 JWT_SECRET=your_generated_secret_key_here

4. Configure the User Model

Ensure your User model (usually App\Models\User ) implements the JWTSubject contract:

 <?php

namespace App\Models;

use Illuminate\Foundation\Auth\User as Authenticatable;
use Tymon\JWTAuth\Contracts\JWTSubject;

class User extends Authenticatable implements JWTSubject
{
    // ...

    /**
     * Get the identifier that will be stored in the subject claim of the JWT.
     */
    public function getJWTIdentifier()
    {
        return $this->getKey();
    }

    /**
     * Return a key-value array, containing any custom claims to be added to the JWT.
     */
    public function getJWTCustomClaims()
    {
        return [];
    }
}

5. Set Up Authentication Guards

Update config/auth.php to add a JWT guard:

 &#39;guards&#39; => [
    &#39;web&#39; => [
        &#39;driver&#39; => &#39;session&#39;,
        &#39;provider&#39; => &#39;users&#39;,
    ],

    &#39;api&#39; => [
        &#39;driver&#39; => &#39;jwt&#39;, // Use JWT driver for API
        &#39;provider&#39; => &#39;users&#39;,
    ],
],

Also, ensure your api routes use the api guard (this is often default in Laravel).

6. Create Authentication Controllers

Generate a controller to handle login, logout, refresh, and user details:

 php artisan make:controller AuthController

Add methods like:

 namespace App\Http\Controllers;

use App\Models\User;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Hash;
use Tymon\JWTAuth\Exceptions\JWTException;
use JWTAuth;

class AuthController extends Controller
{
    public function login(Request $request)
    {
        $credentials = $request->only(&#39;email&#39;, &#39;password&#39;);

        try {
            if (! $token = JWTAuth::attempt($credentials)) {
                return response()->json([&#39;error&#39; => &#39;Invalid credentials&#39;], 401);
            }
        } catch (JWTException $e) {
            return response()->json([&#39;error&#39; => &#39;Could not create token&#39;], 500);
        }

        return response()->json(compact(&#39;token&#39;));
    }

    public function getAuthenticatedUser()
    {
        try {
            if (! $user = JWTAuth::parseToken()->authenticate()) {
                return response()->json([&#39;user_not_found&#39;], 404);
            }
        } catch (JWTException $e) {
            return response()->json([&#39;error&#39; => $e->getMessage()], $e->getStatusCode());
        }

        return response()->json(compact(&#39;user&#39;));
    }

    public function logout()
    {
        JWTAuth::invalidate(JWTAuth::getToken());

        return response()->json([&#39;message&#39; => &#39;Successfully logged out&#39;]);
    }

    public function refresh()
    {
        $token = JWTAuth::refresh();

        return response()->json([&#39;token&#39; => $token]);
    }
}

7. Define API Routes

In routes/api.php :

 use App\Http\Controllers\AuthController;

Route::post(&#39;login&#39;, [AuthController::class, &#39;login&#39;]);
Route::middleware(&#39;auth:api&#39;)->group(function () {
    Route::get(&#39;me&#39;, [AuthController::class, &#39;getAuthenticatedUser&#39;]);
    Route::post(&#39;logout&#39;, [AuthController::class, &#39;logout&#39;]);
    Route::post(&#39;refresh&#39;, [AuthController::class, &#39;refresh&#39;]);
});

Now, protected routes require a valid JWT in the Authorization header:

 Authorization: Bearer <your-token-here>

8. Test the Flow

  1. Login : POST /api/login with email and password → get token.
  2. Access Profile : GET /api/me with Authorization: Bearer <token> → get user.
  3. Refresh Token : POST /api/refresh → get new token.
  4. Logout : POST /api/logout → invalidate current token.

Optional: Customize Token Expiry

Edit config/jwt.php :

 &#39;ttl&#39; => 60, // Token valid for 60 minutes
&#39;refresh_ttl&#39; => 20160, // Refreshable within 14 days

Notes & Security Tips

  • Always use HTTPS in production.
  • Store tokens securely on the client (eg, HttpOnly cookies or secure storage).
  • Handle token expiration and refresh logic on the frontend.
  • Consider rate-limiting login attempts.

Basically, that's it. JWT auth in Laravel with tymon/jwt-auth is straightforward once the setup steps are followed. Just remember to keep your JWT_SECRET safe and validate input rigorously.

以上是如何在Laravel中實(shí)施JWT身份驗(yàn)證?的詳細(xì)內(nèi)容。更多資訊請(qǐng)關(guān)注PHP中文網(wǎng)其他相關(guān)文章!

本網(wǎng)站聲明
本文內(nèi)容由網(wǎng)友自願(yuàn)投稿,版權(quán)歸原作者所有。本站不承擔(dān)相應(yīng)的法律責(zé)任。如發(fā)現(xiàn)涉嫌抄襲或侵權(quán)的內(nèi)容,請(qǐng)聯(lián)絡(luò)admin@php.cn

熱AI工具

Undress AI Tool

Undress AI Tool

免費(fèi)脫衣圖片

Undresser.AI Undress

Undresser.AI Undress

人工智慧驅(qū)動(dòng)的應(yīng)用程序,用於創(chuàng)建逼真的裸體照片

AI Clothes Remover

AI Clothes Remover

用於從照片中去除衣服的線上人工智慧工具。

Clothoff.io

Clothoff.io

AI脫衣器

Video Face Swap

Video Face Swap

使用我們完全免費(fèi)的人工智慧換臉工具,輕鬆在任何影片中換臉!

熱工具

記事本++7.3.1

記事本++7.3.1

好用且免費(fèi)的程式碼編輯器

SublimeText3漢化版

SublimeText3漢化版

中文版,非常好用

禪工作室 13.0.1

禪工作室 13.0.1

強(qiáng)大的PHP整合開發(fā)環(huán)境

Dreamweaver CS6

Dreamweaver CS6

視覺化網(wǎng)頁開發(fā)工具

SublimeText3 Mac版

SublimeText3 Mac版

神級(jí)程式碼編輯軟體(SublimeText3)

在Laravel項(xiàng)目中創(chuàng)建自定義驗(yàn)證規(guī)則 在Laravel項(xiàng)目中創(chuàng)建自定義驗(yàn)證規(guī)則 Jul 04, 2025 am 01:03 AM

在Laravel中添加自定義驗(yàn)證規(guī)則的方法有三種:使用閉包、Rule類和表單請(qǐng)求。 1.使用閉包適合輕量級(jí)驗(yàn)證,如阻止用戶名為"admin";2.創(chuàng)建Rule類(如ValidUsernameRule)使復(fù)雜邏輯更清晰可維護(hù);3.在表單請(qǐng)求中整合多個(gè)規(guī)則並集中管理驗(yàn)證邏輯,同時(shí)可通過自定義messages方法或傳入錯(cuò)誤信息數(shù)組來設(shè)置提示語,從而提升靈活性和可維護(hù)性。

在Laravel應(yīng)用程序中添加多語言支持 在Laravel應(yīng)用程序中添加多語言支持 Jul 03, 2025 am 01:17 AM

Laravel應(yīng)用實(shí)現(xiàn)多語言支持的核心方法包括:設(shè)置語言文件、動(dòng)態(tài)切換語言、翻譯URL路由及管理Blade模板中的翻譯鍵。首先,將各語言字符串組織在/resources/lang目錄下的對(duì)應(yīng)文件夾(如en、es、fr)中,並通過返回關(guān)聯(lián)數(shù)組定義翻譯內(nèi)容;2.通過\_\_()輔助函數(shù)調(diào)用翻譯鍵值,並使用App::setLocale()結(jié)合會(huì)話或路由參數(shù)實(shí)現(xiàn)語言切換;3.對(duì)於翻譯URL,可通過帶前綴的路由組分別為不同語言定義路徑,或動(dòng)態(tài)映射語言文件中的路由別名;4.在Blade模板中保持翻譯鍵簡潔並

與Laravel中的樞軸表合作多對(duì)多關(guān)係 與Laravel中的樞軸表合作多對(duì)多關(guān)係 Jul 07, 2025 am 01:06 AM

toworkeffectivelywithpivottablesinlaravel,firstAccessPivotDatausingwithPivot()orwithTimestamps(),thenupdateentrieswithupdatee XistingPivot(),ManageraliationShipsviadeTach()andsync(),andusecustompivotModelSwhenNeed.1.UseWithPivot()toincludespecificcol

通過Laravel發(fā)送不同類型的通知 通過Laravel發(fā)送不同類型的通知 Jul 06, 2025 am 12:52 AM

laravelProvidesLeanAndFlexibleWayTosendificationsViamultiplipliplipliplikeMail,SMS,In-Appalerts,and-Appalerts,andPushNotifications.youdefineNotificationChannelsinthelsinthevia()MethodofanotificationClass,andimpecificementpecificementpecificementpecificemmethodssliketomail()

了解和創(chuàng)建Laravel的自定義服務(wù)提供商 了解和創(chuàng)建Laravel的自定義服務(wù)提供商 Jul 03, 2025 am 01:35 AM

ServiceProvider是Laravel框架中用於註冊服務(wù)和初始化邏輯的核心機(jī)制,通過Artisan命令可創(chuàng)建自定義ServiceProvider;1.register方法用於綁定服務(wù)、註冊單例、設(shè)置別名等操作,不可調(diào)用尚未加載的其他服務(wù);2.boot方法在所有服務(wù)註冊完成後運(yùn)行,用於註冊事件監(jiān)聽器、視圖合成器、中間件等依賴其他服務(wù)的邏輯;常見用途包括綁定接口與實(shí)現(xiàn)、註冊Facade、加載配置、註冊命令行指令和視圖組件;建議集中相關(guān)綁定於一個(gè)ServiceProvider中管理,並註意註冊

了解Laravel的依賴注入? 了解Laravel的依賴注入? Jul 05, 2025 am 02:01 AM

依賴注入在Laravel中通過服務(wù)容器自動(dòng)處理類的依賴關(guān)係,無需手動(dòng)new對(duì)象。其核心是構(gòu)造函數(shù)注入和方法注入,如控制器中自動(dòng)傳入Request實(shí)例。 Laravel通過類型提示解析依賴,遞歸創(chuàng)建所需對(duì)象。綁定接口與實(shí)現(xiàn)可通過服務(wù)提供者使用bind方法,或singleton綁定單例。使用時(shí)需確保類型提示、避免構(gòu)造函數(shù)複雜化、謹(jǐn)慎使用上下文綁定,並理解自動(dòng)解析規(guī)則。掌握這些可提升代碼靈活性與維護(hù)性。

在Laravel應(yīng)用程序中處理異常和記錄錯(cuò)誤 在Laravel應(yīng)用程序中處理異常和記錄錯(cuò)誤 Jul 02, 2025 pm 03:24 PM

在Laravel應(yīng)用中處理異常和記錄錯(cuò)誤的核心方法包括:1.利用App\Exceptions\Handler類集中管理未處理異常,通過report()方法記錄或通知異常信息,例如發(fā)送Slack通知;2.使用Monolog配置日誌系統(tǒng),在config/logging.php中設(shè)置日誌級(jí)別與輸出方式,並在生產(chǎn)環(huán)境中啟用error及以上級(jí)別日誌,同時(shí)可在report()中結(jié)合上下文手動(dòng)記錄詳細(xì)異常信息;3.自定義render()方法以返回統(tǒng)一的JSON格式錯(cuò)誤響應(yīng),提升API前後端協(xié)作效率。這些步驟確

優(yōu)化Laravel應(yīng)用程序性能的策略 優(yōu)化Laravel應(yīng)用程序性能的策略 Jul 09, 2025 am 03:00 AM

Laravel性能優(yōu)化可通過四個(gè)核心方向提升應(yīng)用效率。 1.使用緩存機(jī)制減少重複查詢,通過Cache::remember()等方法存儲(chǔ)不常變化的數(shù)據(jù),降低數(shù)據(jù)庫訪問頻率;2.從模型到查詢語句進(jìn)行數(shù)據(jù)庫優(yōu)化,避免N 1查詢、指定字段查詢、添加索引、分頁處理及讀寫分離,減少瓶頸;3.將耗時(shí)操作如郵件發(fā)送、文件導(dǎo)出放入隊(duì)列異步處理,利用Supervisor管理工作者並設(shè)置重試機(jī)制;4.合理使用中間件與服務(wù)提供者,避免複雜邏輯和不必要的初始化代碼,延遲加載服務(wù)以提升啟動(dòng)效率。

See all articles