attla/token
Composer 安装命令:
composer require attla/token
包简介
Turn everything into a unique encrypted JWT.
README 文档
README
Installation
composer require attla/token
Usage
Creating and managing a token:
use Attla\Token\Factory as Token; use Attla\Token\Facade as TokenFacade; // create token on PHP projects $token = Token::create(); // on laravel projects $token = TokenFacade::create(); // or with global alias on laravel projects $token = \Token::create(); // set a payload $token->body('token value..'); // get the token value $tokenEncoded = $token->get();
Configure the token instance:
$token = Token::create()->secret('your secret phrase'); // changing the secret on exist instance $token->secret('your secret phrase'); // secret aliases $token->phrase('your secret phrase'); $token->passphrase('your secret phrase'); // Set token body type when it can be converted (array, stdClass, object) $token->associative(); // set token payload as associative array $token->asObject(); // set payload as stdClass object // defines that it will always generate the same result $token->same();
By default the secret key is empty, but on laravel projects the default as env('APP_KEY') or config('app.key')
When token body as string, integer, float, bool, and null, it cant be converted to associative or object equivalent
Setup token claims:
Set the expiration time in seconds after which the JWT MUST NOT be accepted for processing:
use Carbon\Carbon; $time = strtotime('+1 hour'); $token->exp($time); $token->expiration((new \DateTime())->setTimeStamp($time)); $token->expiresAt(Carbon::createFromTimestamp($time));
Set the time at which the JWT was issued (iat):
use Carbon\Carbon; $time = strtotime('-1 day'); $token->iat($time); $token->issuedAt((new \DateTime())->setTimeStamp($time)); $token->issuedBefore(Carbon::createFromTimestamp($time));
Set the time before (nbf) which the JWT MUST NOT be accepted for processing
use Carbon\Carbon; $time = strtotime('+30 day'); $token->nbf($time); $token->notBefore((new \DateTime())->setTimeStamp($time)); $token->canOnlyBeUsedAfter(Carbon::createFromTimestamp($time));
Set the audience that the JWT is intended for:
$token->aud('https://example.com'); $token->audience('https://example.com', 'https://example.app'); $token->permittedFor(['https://example.net', 'https://example.org']);
Set the principal subject of the JWT:
$token->relatedTo('exampl@e.com'); $token->sub('exampl@e.com');
Set the principal that issued (iss) the JWT:
$token->issuedBy('https://example.com'); $token->iss('https://example.net');
Set the unique identifier (jti) for the JWT:
$jti = hash('sha256', uniqid(mt_rand(), true)); $token->jti($jti); $token->identifiedBy($jti);
Custom validation claims:
Lock the token by browser user agent:
// current browser $token->bwr(); $token->broser(); // setup a user agent by string $token->browser('Mozilla/5.0 (U; Linux x86_64; en-US) Gecko/20100101 Firefox/50.9');
Lock the token by ip address:
// current request ip address $token->ip(); // setup a ip address by string $token->ip('1.1.1.1'); $token->ip('1.1.1.1', '2001:db8:0:0:0:0:2:1'); $token->ip(['1.1.1.1', '8.8.8.8']);
Lock the token by geographic coordinates (loc):
// setup a location by coordinate string $token->loc('-44.05964,77.10679,5');
Setup custom claim:
// set a custom claim "uid" $token->withClaim('uid', 1); $token->with('uid', 1); // alias // on parse validate using: $token->with('uid', 1);
All claim values as inserted on token header, to be retrieved on body use:
// insert the payload as array or object $token->payload(['uid' => 1]); // on parse validate use: $token->with('uid', 1);
Verifying if a value is present on token:
$hasUid = $token->has('uid'); // isset(uid) $hasUidWithValue = $token->has('uid', 1); // isset(uid) && uid === 1
Parse a token:
$tokenValue = Token::parse($tokenEncoded) ->associative() ->get();
Real world example:
// Creating $token = Token::create() ->secret('your secret phrase') // secret key ->iss($_SERVER['HTTP_HOST']) // Set 'issuer' claim ->aud('e.com', $_SERVER['HTTP_HOST']) // Set 'audience' claim ->sub('7urkg6uDkMISjZBuFGdeySokAIrSuWAB') // Set 'subject' claim ->iat(time()) // Set 'issued' date in seconds ->exp(7200) // Set 'expiration' in seconds (2 hours) ->bwr() // Lock the token by user agent of browser ->ip() // Lock the token with IP (v6 or v4) ->payload([ // Set the token payload 'name' => 'Acme LLC', 'email' => 'acme@e.com', ]); // Get the token $tokenEncoded = $token->get(); echo $tokenEncoded . PHP_EOL; $tokenParse = Token::parse($tokenEncoded) ->iss($_SERVER['HTTP_HOST']) // Set the issuer claim for validate ->validAt(time() - 3600) // Rewrites the current date for 'exp', 'iat', 'nbf' validations ->associative(); if ($tokenParse->isValid()) { echo 'Subject: '. $tokenParse->sub() . PHP_EOL; echo 'Audience: '. implode(',', $tokenParse->audience()) . PHP_EOL; echo $tokenParse->get() . PHP_EOL; } else { echo "Token as invalid!" . PHP_EOL; }
License
This package is licensed under the MIT license © Zunq.
attla/token 适用场景与选型建议
attla/token 是一款 基于 PHP 开发的 Composer 扩展包,目前已累计 3 次下载、GitHub Stars 达 0, 最近一次更新时间为 2024 年 11 月 22 日, 在 PHP 生态内属于活跃度较高的组件。
它主要适用于以下技术方向: 「tokenizer」 「laravel」 「attla」 「data-to-token」 等业务场景。在实际项目中,围绕这些方向常见需要落地的问题包括:接口对接、性能调优、并发安全、与既有框架(Laravel / ThinkPHP / Yii / Webman 等)的兼容适配,以及生产环境的日志埋点与稳定性保障。
我们在过去多个企业项目中使用过 attla/token 或与其功能相近的方案,如果你在选型或落地过程中遇到问题,例如 版本兼容、二次改造、私有化封装、与内部系统对接、生产 BUG 排查,欢迎联系我们协助评估。
基于 attla/token 在你已有业务上做功能扩展、字段裁剪、UI 适配、与内部账号 / 权限 / 日志系统的深度对接。
线上偶发问题、内存泄漏、慢查询、并发异常等排查修复;针对高流量场景做缓存、队列、索引层面的调优。
承接完整的项目从需求 → 设计 → 开发 → 上线 → 长期运维;也可按月提供技术保姆服务。
与 attla/token 相关的其它包
同方向 / 同关键字的高下载量 PHP Composer 包推荐,方便对比选型:
Library emulating the PHP internal reflection using just the tokenized source code.
A program for performing lexical analysis, written in PHP
A simple library for make Lexer and Parsers to build a language
Wrapper around PHP's tokenizer extension.
Html5 stream tokenizer/reader (not using libxml)
Rudl UDP cluster logging library (PSR4 compliant)
统计信息
- 总下载量: 3
- 月度下载量: 0
- 日度下载量: 0
- 收藏数: 0
- 点击次数: 19
- 依赖项目数: 1
- 推荐数: 0
其他信息
- 授权协议: MIT
- 更新时间: 2024-11-22