torugo/jwt
Composer 安装命令:
composer require torugo/jwt
包简介
Simple library to handle Json Web Tokens.
README 文档
README
Simple PHP library to handle Json Web Tokens (JWT).
Table of Contents
Requirements
- PHP 8+
- PHP mbstring extension installed and loaded.
- PHP openssl extension installed and loaded.
- Composer 2+
Installation via composer
composer require torugo/jwt
Supported algorithms
For now only the algorithms listed below are supported:
| Algorithm | JWTALg enum | Key |
|---|---|---|
| HS256 | JWTAlg::HS256 |
Symmetric key |
| HS384 | JWTAlg::HS384 |
Symmetric key |
| HS512 | JWTAlg::HS512 |
Symmetric key |
| RS256 | JWTAlg::RS256 |
Private/Public RSA keys |
| RS384 | JWTAlg::RS384 |
Private/Public RSA keys |
| RS512 | JWTAlg::RS512 |
Private/Public RSA keys |
Usage
Encoding
use Torugo\JWT\JWT; use Torugo\JWT\Enums\JwtAlg; $key = "example_key_Jr6QWaxb7pgerDJgL"; $payload = [ "sid" => "session_id", "uid" => "user_id", // ... more data "iat" => 1724972934, // if not present, this library adds automatically "nbf" => 1724000000, // if not present, this library adds automatically "ext" => 1724973234, // if not present, this library adds automatically ]; $jwt = JWT::encode($payload, $key, JWTAlg::HS256);
Decoding
Validating the token
The method validate checks the token signature and the time controls.
Returns the payload content as a key=>pair array.
Throws:
InvalidTokenException: When the signature or structure is invalid.ExpiredTokenException: The token signature is valid, but the token time expired.InvalidKeyException: When the key type is invalid (not when the key is incorret).
use Torugo\JWT\JWT; use Torugo\JWT\Exceptions\ExpiredTokenException; use Torugo\JWT\Exceptions\InvalidKeyException; use Torugo\JWT\Exceptions\InvalidTokenException; $key = "example_key_Jr6QWaxb7pgerDJgL"; try { $payload = JWT::validate($jwt, $key); } catch (ExpiredTokenException $e) { // Handle exception } catch (InvalidTokenException $e) { // Handle exception } catch (InvalidKeyException $e) { // Handle exception }
Getting the token payload without validating it
Getting token payload without validation is insecure, use this method at your own risk.
$payload = JWT::decodePayload($jwt, $key);
You can use this method to refresh the token when the token expires.
Example
try { $payload = JWT::decodePayload($jwt, $key); } catch (ExpiredTokenException $e) { // When using RS256, RS384 or RS512 you must also pass the privateKey // On HS algorithms it is not needed $token = JWT::refreshToken($token, $publicKey, $privatekey); } catch (\Throwable $e) { // Handle exception }
Contribute
It is currently not open to contributions, I intend to make it available as soon as possible.
License
This library is licensed under the MIT License - see the LICENSE file for details.
torugo/jwt 适用场景与选型建议
torugo/jwt 是一款 基于 PHP 开发的 Composer 扩展包,目前已累计 33 次下载、GitHub Stars 达 0, 最近一次更新时间为 2024 年 09 月 02 日, 在 PHP 生态内属于活跃度较高的组件。
我们在过去多个企业项目中使用过 torugo/jwt 或与其功能相近的方案,如果你在选型或落地过程中遇到问题,例如 版本兼容、二次改造、私有化封装、与内部系统对接、生产 BUG 排查,欢迎联系我们协助评估。
基于 torugo/jwt 在你已有业务上做功能扩展、字段裁剪、UI 适配、与内部账号 / 权限 / 日志系统的深度对接。
线上偶发问题、内存泄漏、慢查询、并发异常等排查修复;针对高流量场景做缓存、队列、索引层面的调优。
承接完整的项目从需求 → 设计 → 开发 → 上线 → 长期运维;也可按月提供技术保姆服务。
统计信息
- 总下载量: 33
- 月度下载量: 0
- 日度下载量: 0
- 收藏数: 0
- 点击次数: 9
- 依赖项目数: 0
- 推荐数: 0
其他信息
- 授权协议: MIT
- 更新时间: 2024-09-02