使用 JWT

summerblue · Aug 6, 2020 · 6463535 · 6463535
1 parent 2dcbbe2
commit 6463535
Show file tree

Hide file tree

Showing 7 changed files with 1,049 additions and 91 deletions.
diff --git a/app/Http/Controllers/Api/AuthorizationsController.php b/app/Http/Controllers/Api/AuthorizationsController.php
@@ -7,10 +7,28 @@
 use Illuminate\Http\Request;
 use Overtrue\Socialite\AccessToken;
 use Illuminate\Auth\AuthenticationException;
+use App\Http\Requests\Api\AuthorizationRequest;
 use App\Http\Requests\Api\SocialAuthorizationRequest;
 
 class AuthorizationsController extends Controller
 {
+    public function store(AuthorizationRequest $request)
+    {
+        $username = $request->username;
+
+        filter_var($username, FILTER_VALIDATE_EMAIL) ?
+            $credentials['email'] = $username :
+            $credentials['phone'] = $username;
+
+        $credentials['password'] = $request->password;
+
+        if (!$token = \Auth::guard('api')->attempt($credentials)) {
+            throw new AuthenticationException('用户名或密码错误');
+        }
+
+        return $this->respondWithToken($token)->setStatusCode(201);
+    }
+
     public function socialStore($type, SocialAuthorizationRequest $request)
     {
         $driver = \Socialite::driver($type);
@@ -56,6 +74,27 @@ public function socialStore($type, SocialAuthorizationRequest $request)
                 break;
         }
 
-        return response()->json(['token' => $user->id]);
+        return $this->respondWithToken($token)->setStatusCode(201);
+    }
+
+    public function update()
+    {
+        $token = auth('api')->refresh();
+        return $this->respondWithToken($token);
+    }
+
+    public function destroy()
+    {
+        auth('api')->logout();
+        return response(null, 204);
+    }
+
+    protected function respondWithToken($token)
+    {
+        return response()->json([
+            'access_token' => $token,
+            'token_type' => 'Bearer',
+            'expires_in' => auth('api')->factory()->getTTL() * 60
+        ]);
     }
 }
diff --git a/app/Http/Requests/Api/AuthorizationRequest.php b/app/Http/Requests/Api/AuthorizationRequest.php
@@ -0,0 +1,14 @@
+<?php
+
+namespace App\Http\Requests\Api;
+
+class AuthorizationRequest extends FormRequest
+{
+    public function rules()
+    {
+        return [
+            'username' => 'required|string',
+            'password' => 'required|alpha_dash|min:6',
+        ];
+    }
+}
diff --git a/app/Models/User.php b/app/Models/User.php
@@ -8,8 +8,9 @@
 use Illuminate\Auth\MustVerifyEmail as MustVerifyEmailTrait;
 use Auth;
 use Spatie\Permission\Traits\HasRoles;
+use Tymon\JWTAuth\Contracts\JWTSubject;
 
-class User extends Authenticatable implements MustVerifyEmailContract
+class User extends Authenticatable implements MustVerifyEmailContract, JWTSubject
 {
     use Traits\LastActivedAtHelper;
 
@@ -19,8 +20,7 @@ class User extends Authenticatable implements MustVerifyEmailContract
 
     use Notifiable {
         notify as protected laravelNotify;
-    }
-    public function notify($instance)
+    } public function notify($instance)
     {
         // 如果要通知的人是当前用户，就不必通知了！
         if ($this->id == Auth::id()) {
@@ -92,4 +92,14 @@ public function setAvatarAttribute($path)
 
         $this->attributes['avatar'] = $path;
     }
+
+    public function getJWTIdentifier()
+    {
+		return $this->getKey();
+	}
+
+	public function getJWTCustomClaims()
+	{
+		return [];
+	}
 }
diff --git a/composer.json b/composer.json
@@ -28,6 +28,7 @@
         "spatie/laravel-permission": "~3.0",
         "summerblue/administrator": "7.*",
         "summerblue/laravel-active": "7.*",
+        "tymon/jwt-auth": "^1.0",
         "viacreative/sudo-su": "~1.1"
     },
     "require-dev": {