【问题标题】:How to verifiy JWT on a single route in Laravel如何在 Laravel 中的单个路由上验证 JWT
【发布时间】:2020-06-12 03:47:07
【问题描述】:

我在 Laravel 中有一条路由,我需要验证标头上的 JWT 是否已授权且未过期。我该怎么做?

在 Javascript 中它真的很容易,但不知道在 Laravel 中如何。

代码如下:

public function update(Request $request){

 $header = $request->header('Authorization');
 $token = $request->bearerToken();
 $secret = env('EXAMPLE_SECRETE');

 $verified = here i want to verify the jtw /$token

 if (!verified)
   return 'something here'
 else
    >>code here after verified
}

【问题讨论】:

标签: laravel jwt


【解决方案1】:

首先安装以下包

composer require firebase/php-jwt

然后你可以创建一个中间件来验证Token或者过期,下面是中间件的完整代码

namespace App\Http\Middleware;

use Closure;
use Exception;
use App\User;
use Firebase\JWT\JWT;
use Firebase\JWT\ExpiredException;

class JwtTokenMiddleware
{
    public function handle($request, Closure $next, $guard = null)
    {
        $token = $request->bearerToken();

        if (!$token) {
             // Unauthorized response if token not there\

        }
        try {
            $credentials = JWT::decode($token, env('JWT_SECRET'), ['HS256']);

           //You can get credentials that you have set up while generating token
            $user = User::findOrFail($credentials->sub)->setAuthUser();
            $request->auth = $user;
         } catch (ExpiredException $e) {

            // Token expired response
        } catch (Exception $e) {

           // Handle unknow error while decoding token
            return response()->json([
        }
        return $next($request);
    }
}

【讨论】:

    猜你喜欢
    • 1970-01-01
    • 2018-05-19
    • 2020-11-18
    • 2018-07-05
    • 2020-11-17
    • 2015-06-17
    • 2018-01-18
    • 2021-02-22
    相关资源
    最近更新 更多