• 1.參考視頻laravist

• 2.tymondesigns/jwt-auth|安裝手冊

• dingo/api/安裝手冊

安裝 在 composer.json中寫入以下代碼，然后執(zhí)行composer update

"require-dev": {
        "dingo/api" : "1.0.*@dev",
        "tymon/jwt-auth": "0.5.*"
    },

配置---在config/app.php中

'providers' => [
    Dingo\Api\Provider\LaravelServiceProvider::class,
    Tymon\JWTAuth\Providers\JWTAuthServiceProvider::class,
],
'aliases' => [
    'JWTAuth' => Tymon\JWTAuth\Facades\JWTAuth::class,
    'JWTFactory' => Tymon\JWTAuth\Facades\JWTFactory::class,
],

然后執(zhí)行

php artisan vendor:publish --provider="Dingo\Api\Provider\LaravelServiceProvider"
php artisan vendor:publish --provider="Tymon\JWTAuth\Providers\JWTAuthServiceProvider"
//  這個可能是生成token的
php artisan jwt:generate

圖片.png

配置

// 在 .env 文件里
API_STANDARDS_TREE=vnd
API_PREFIX=api
API_VERSION=v1

// config/api.php里大概171行的 auth 數(shù)組里添加以下配置
'auth' => [
        'basic'=> function($app){
            return new \Dingo\Api\Auth\Provider\Basic($app['auth']);
        },
        'jwt' => function($app){
            return new Dingo\Api\Auth\Provider\JWT($app['Tymon\JWTAuth\JWTAuth']);
        }
    ],

//  config/jwt.php里面  文件使用默認(rèn)的即可 
// 大概第15行的key 是執(zhí)行 php artisan jwt:generate 的時候自動生成的
'secret' => env('JWT_SECRET', 'a6UeS6HkENOsvmvfSM8ElIiArYjcYIJO'),



//  app/Http/Kernel.php里，大概第51行 路由中間件里追加
 protected $routeMiddleware = [
        'jwt.auth'    => \Tymon\JWTauth\Middleware\GetUserFromToken::class,
        'jwt.refresh' =>\Tymon\JWTauth\Middleware\RefreshToken::class,
    ];

使用

• 在路由中添加以下路由

$api = app('Dingo\Api\Routing\Router');
$api->version('v1', function ($api) {
    $api->group(['namespace'=>'App\Api\Controllers'],function ($api){
        $api->get('lessions','LessionController@index');
    });
});


// 在控制器中放入測試數(shù)據(jù)
public function index()
    {
        return User::all();
    }

` php artisan api:routes`查看生成的路由

如果找不到路由，可以執(zhí)行composer dump-authload.我做測試的時候發(fā)現(xiàn)整個項目走不通了，但是我運行了php artisan api:routes又可以了

訪問路由是`域名+api/lessions`

配置好之后，我們可以參考jwt-auth的Creating Tokens手冊

• 做一個AuthController驗證類

<?php
/**
 * Created by PhpStorm.
 * User: luanjinlong
 * Date: 2017/7/2
 * Time: 下午10:35
 */

namespace App\Api\Controllers;
use App\Http\Controllers\Controller;
use App\User;
use Illuminate\Http\Request;
use JWTAuth;
use Tymon\JWTAuth\Exceptions\JWTException;
use Tymon\JWTAuth\Exceptions\TokenExpiredException;
use Tymon\JWTAuth\Exceptions\TokenInvalidException;
use Tymon\JWTauth\Middleware\GetUserFromToken;

class AuthController extends Controller
{
    public function authenticate(Request $request)
    {
        // grab credentials from the request
        $credentials = $request->only('email', 'password');
//        $credentials = [
//            'user_email' => $request->get('user_email'),
//            'user_password' => $request->get('user_password')
//        ];
        try {
            // attempt to verify the credentials and create a token for the user
            if (! $token = JWTAuth::attempt($credentials)) {
                return response()->json(['error' => 'invalid_credentials'], 401);
            }
        } catch (JWTException $e) {
            // something went wrong whilst attempting to encode the token
            return response()->json(['error' => 'could_not_create_token'], 500);
        }

        // all good so return the token
        return response()->json(compact('token'));
    }

    public function register(Request $request)
    {
        $newUser = [
            'email' => $request->get('email'),
            'name' => $request->get('name'),
            'password' => bcrypt($request->get('password')),
        ];
        $user = User::create($newUser);
//        return $user;
        $token = JWTAuth::fromUser($user);
        return response()->json(compact('token'));
    }

    public function getAuthenticatedUser()
    {
        try {

            if (! $user = JWTAuth::parseToken()->authenticate()) {
                return response()->json(['user_not_found'], 404);
            }

        } catch (TokenExpiredException $e) {

            return response()->json(['token_expired'], $e->getStatusCode());

        } catch (TokenInvalidException $e) {

            return response()->json(['token_invalid'], $e->getStatusCode());

        } catch (JWTException $e) {

            return response()->json(['token_absent'], $e->getStatusCode());

        }

        // the token is valid and we have found the user via the sub claim
        return response()->json(compact('user'));
    }

}

注意，我們在登錄的時候，如果自己的用戶名密碼跟默認(rèn)laravel的字段不匹配，我們也可以在authenticate()函數(shù)中重寫credentials變量

$credentials = [
            'user_email' => $request->get('user_email'),
            'user_password' => $request->get('user_password')
        ];

我們還得在User類中重寫getAuthPassword函數(shù)，這個函數(shù)是模型自帶的
  {
        return $this->user_password; //此處的user_password是指的我們數(shù)據(jù)表字段。這樣寫即可  數(shù)據(jù)表字段是什么，此處就寫什么
    }

添加一個方法$api->post('/user/login','AuthController@authenticate');,使用postman做測試

圖片.png

這個時候我們可以帶token去請求。但是我此處此時并沒有成功，可能是我本地的原因吧

http://laravelapi/api/lessions?token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzdWIiOjcsImlzcyI6Imh0dHA6Ly9sYXJhdmVsYXBpL2FwaS91c2VyL3JlZ2lzdGVyIiwiaWF0IjoxNDk5MDA5MDU3LCJleHAiOjE0OTkwMTI2NTcsIm5iZiI6MTQ5OTAwOTA1NywianRpIjoiZTd5b0ZmNFJFVUF3NUV4YiJ9.qMjd4QpVHWKsMgdLyhaKtzGhqVaGEbjWKJ-Zoorj954

• 路由

$api = app('Dingo\Api\Routing\Router');
$api->version('v1', function ($api) {
    $api->group(['namespace'=>'App\Api\Controllers'],function ($api){
        $api->post('/user/login','AuthController@authenticate');
        $api->post('/user/register','AuthController@register');
        //  此處中間件可以使用 jwt.auth，也可以使用 jwt.refresh
        $api->group(['middleware'=>'jwt.auth'],function ($api){
            $api->get('lessions','LessionController@index');
        });
    });
});

如果我們想通過token去查找用戶的信息，可以去訪問控制器里面的getAuthenticatedUser方法

//  路由
$api->get('user/me','AuthController@getAuthenticatedUser');

訪問`getAuthenticatedUser`方法

• lucadegasperi/oauth2-server-laravel/安裝手冊

• 推薦文章

第一篇 https://segmentfault.com/a/1190000004598315
第二篇 https://segmentfault.com/a/1190000004614022
第三篇 https://segmentfault.com/a/1190000004658193

app后端怎么設(shè)計用戶登錄方案

以上信息根絕博客信息測試的，下面的是我自己的測試數(shù)據(jù)

路由里面
// 訪問這個路由會生成一個token
Route::get('/createUserToken','AuthenticateController@createUserToken');

請求 http://laravelapi/createUserToken
控制器里面
public function createUserToken()
    {
        $user = User::find(3);
        $token = JWTAuth::fromUser($user);
        return $token;
    }

Route::get('/getAuthenticatedUser','getAuthenticatedUser@getAuthenticatedUser');
訪問  http://laravelapi/getAuthenticatedUser?token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzdWIiOjMsImlzcyI6Imh0dHA6Ly9sYXJhdmVsYXBpL2NyZWF0ZVVzZXJUb2tlbiIsImlhdCI6MTQ5OTUxNDc5MSwiZXhwIjoxNDk5NTE4MzkxLCJuYmYiOjE0OTk1MTQ3OTEsImp0aSI6IldBNUlmdmlEbnp5SkJMTkcifQ.v_yeMa9_hRdz5OKZHWJy6cLPcgOi-Tcf5PZR1n1eEto
<?php
/**
 * Created by PhpStorm.
 * User: luanjinlong
 * Date: 2017/7/8
 * Time: 下午7:42
 */

namespace App\Http\Controllers;
use JWTAuth;

class getAuthenticatedUser
{

    // somewhere in your controller
    public function getAuthenticatedUser()
    {
        try {

            if (! $user = JWTAuth::parseToken()->authenticate()) {
                return response()->json(['user_not_found'], 404);
            }

        } catch (Tymon\JWTAuth\Exceptions\TokenExpiredException $e) {

            return response()->json(['token_expired'], $e->getStatusCode());

        } catch (Tymon\JWTAuth\Exceptions\TokenInvalidException $e) {

            return response()->json(['token_invalid'], $e->getStatusCode());

        } catch (Tymon\JWTAuth\Exceptions\JWTException $e) {

            return response()->json(['token_absent'], $e->getStatusCode());

        }

        // the token is valid and we have found the user via the sub claim
        return response()->json(compact('user'));
    }


}



或者我們也可以直接簡寫
public function getToken()
    {
        $user = JWTAuth::parseToken()->authenticate() ;
        return $user;
    }

• 這個時候我們會得到id=3用戶的數(shù)據(jù)

圖片.png