定制 rcerljenko/laravel-jwt 二次开发

按需修改功能、优化性能、对接业务系统,提供一站式技术支持

邮箱:yvsm@zunyunkeji.com | QQ:316430983 | 微信:yvsm316

rcerljenko/laravel-jwt

Composer 安装命令:

composer require rcerljenko/laravel-jwt

包简介

Simple JWT Auth for Laravel PHP Framework

README 文档

README

Simple JWT Auth for Laravel PHP Framework using Firebase JWT under the hood.

Installation

Standard Composer package installation:

composer require rcerljenko/laravel-jwt -v

Usage

  1. Publish the config file. This will create a config/jwt.php file for basic configuration options.
php artisan vendor:publish --provider="RCerljenko\LaravelJwt\LaravelJwtServiceProvider" --tag="config"
  1. Add a new auth guard to your auth config file using a jwt driver.
// config/auth.php

'guards' => [
	'web' => [
		'driver' => 'session',
		'provider' => 'users',
	],

	'api' => [
		'driver' => 'jwt',
		'provider' => 'users',
	],
],
  1. Protect your API routes using this new guard.
// routes/api.php

use Illuminate\Support\Facades\Route;

Route::middleware('auth:api')->group(function () {
	// JWT protected routes
});
  1. Use provided HasJwt trait from this package on your Auth model (eg. User).
namespace App\Models;

use RCerljenko\LaravelJwt\Traits\HasJwt;
use Illuminate\Notifications\Notifiable;
use Illuminate\Foundation\Auth\User as Authenticatable;

class User extends Authenticatable
{
	use Notifiable, HasJwt;
}

You now have access to token() method on your User model, eg:

$user = User::findOrFail(1);
$user->token();

You should probably return this token via Login Controller or User Resource.

Configuration

This package provides simple configuration via config/jwt.php file after you publish the config. Let's go over each configuration option.

  • secret-key - Secret key to use when encoding / decoding tokens. It should be a random string. Remember, if you change this key all active JWT tokens will be invalidated.
  • hash-algo - Hashing algorithm. List of supported ones are in the config file. You probably don't need to change this.
  • expiration - Default token expiration time in minutes. You can set it to null and the tokens will never expire.
  • claims - Default claims that will be applied to all tokens (besides the required ones needed for decoding and validation).

This was global configuration for all tokens. Besides that, library provides a local per-model configuration via HasJwt trait helper methods.

  • getJwtId() - It should return the model unique key used to retrieve that model from database. It defaults to model primary key.
  • getJwtValidFromTime() - It should return null (default) or a Carbon instance. You can use that if you want to create tokens which are not active right away.
  • getJwtValidUntilTime() - It should return null or a Carbon instance. This sets the JWT expiration time which, by default, uses the expiration option from the config file.
  • getJwtCustomClaims() - Should return a key/value array of extra custom claims that you want to be a part of your token. By default it's an empty array.

You can also use configuration directly on the token() method which then overrides all other configurations, eg:

$user->token([
	'id' => $user->email,
	'valid_from' => now()->addHour(),
	'valid_until' => now()->addDay(),
	'claims' => [
		'extra1' => 'foo',
		'extra2' => 'bar'
	]
]);

You don't need to override all configuration options, just the ones that you wish to change.

Request

Token is extracted from the request in one of three ways:

  1. From Authorization: Bearer {token} header (most common).
  2. From URL query param token.
  3. From request payload using token field name.
  4. From cookie using token key.

rcerljenko/laravel-jwt 适用场景与选型建议

rcerljenko/laravel-jwt 是一款 基于 PHP 开发的 Composer 扩展包,目前已累计 15.19k 次下载、GitHub Stars 达 38, 最近一次更新时间为 2021 年 09 月 10 日, 在 PHP 生态内属于活跃度较高的组件。

我们在过去多个企业项目中使用过 rcerljenko/laravel-jwt 或与其功能相近的方案,如果你在选型或落地过程中遇到问题,例如 版本兼容、二次改造、私有化封装、与内部系统对接、生产 BUG 排查,欢迎联系我们协助评估。

围绕 rcerljenko/laravel-jwt 我们能提供哪些服务?
定制开发 / 二次开发

基于 rcerljenko/laravel-jwt 在你已有业务上做功能扩展、字段裁剪、UI 适配、与内部账号 / 权限 / 日志系统的深度对接。

BUG 修复 & 性能优化

线上偶发问题、内存泄漏、慢查询、并发异常等排查修复;针对高流量场景做缓存、队列、索引层面的调优。

项目外包 & 长期维护

承接完整的项目从需求 → 设计 → 开发 → 上线 → 长期运维;也可按月提供技术保姆服务。

yvsm@zunyunkeji.com QQ:316430983 微信:yvsm316 西安尊云信息科技 · 专注 PHP / Go / 分布式系统研发

统计信息

  • 总下载量: 15.19k
  • 月度下载量: 0
  • 日度下载量: 0
  • 收藏数: 38
  • 点击次数: 0
  • 依赖项目数: 0
  • 推荐数: 0

GitHub 信息

  • Stars: 38
  • Watchers: 3
  • Forks: 7
  • 开发语言: PHP

其他信息

  • 授权协议: MIT
  • 更新时间: 2021-09-10