开始安装jwt

（本次安装不建议直接在项目中安装及使用）

1.composer 安装jwt

composer require tymon/jwt-auth 1.0.0-rc.1

2.在config 文件夹的app.php 中注册服务提供者

'providers' => [Tymon\JWTAuth\Providers\LaravelServiceProvider::class,
]'aliases' => ['JWTAuth'=> Tymon\JWTAuth\Facades\JWTAuth::class,'JWTFactory'=> Tymon\JWTAuth\Facades\JWTFactory::class,
]

3.生成配置文件

php artisan vendor:publish --provider="Tymon\JWTAuth\Providers\LaravelServiceProvider"

4.生成jwt 密钥

php artisan jwt:secret

然后会在我们的 .env 文件中生成jwt密钥

5.在auth.php 文件中 配置 auth guard 让api的driver使用jwt

'guards' => ['web' => ['driver' => 'session','provider' => 'users',],'api' => ['driver' => 'jwt',//更改此处为jwt'provider' => 'users',],],

6.更改 User model使其支持 jwt-auth

<?phpnamespace App;use Tymon\JWTAuth\Contracts\JWTSubject;
use Illuminate\Notifications\Notifiable;
use Illuminate\Foundation\Auth\User as Authenticatable;class User extends Authenticatable implements JWTSubject
{use Notifiable;protected $table = 'users';/*** Get the identifier that will be stored in the subject claim of the JWT.** @return mixed*/public function getJWTIdentifier(){return $this->getKey();}/*** Return a key value array, containing any custom claims to be added to the JWT.** @return array*/public function getJWTCustomClaims(){return [];}

7.配置 中间件

在 Middleware 文件夹下新建 ApiAuth.php 中间件文件

<?phpnamespace App\Http\Middleware;use Closure;
use Tymon\JWTAuth\Facades\JWTAuth;
use Tymon\JWTAuth\Exceptions\JWTException;
use Tymon\JWTAuth\Exceptions\TokenExpiredException;
use Tymon\JWTAuth\Exceptions\TokenInvalidException;class ApiAuth
{/*** Handle an incoming request.** @param  \Illuminate\Http\Request  $request* @param  \Closure  $next* @return mixed*/public function handle($request, Closure $next){try {if (! $user = JWTAuth::parseToken()->authenticate()) {  //获取到用户数据，并赋值给$userreturn response()->json(['errcode' => 1004,'errmsg' => '无此用户'], 404);}return $next($request);} catch (TokenExpiredException $e) {return response()->json(['errcode' => 1003,'errmsg' => 'token 过期' , //token已过期]);} catch (TokenInvalidException $e) {return response()->json(['errcode' => 1002,'errmsg' => 'token 无效',  //token无效]);} catch (JWTException $e) {return response()->json(['errcode' => 1001,'errmsg' => '缺少token' , //token为空]);}}
}

注册中间件 在 Kernel.php 中注册中间件 并设置别名

 protected $routeMiddleware = ['api.auth' => \App\Http\Middleware\ApiAuth::class,];

到此你的jwt就算安装配置完成了

**基本使用**

1.新建AuthCtorller.php 控制器

php artisan make:controller AuthController

2.编辑 测试控制器

<?phpnamespace App\Http\Controllers;use App\User;
use Illuminate\Http\Request;
use Tymon\JWTAuth\Facades\JWTAuth;
use Illuminate\Support\Facades\Hash;class AuthController extends Controller
{/*** jwt 测试*///登录public function login(Request $request){$username = $request->get('username');$password = $request->get('password');$user_mes = User::where('username','=',$username)->first();if (!$user_mes || !Hash::check($password, $user_mes->password)) {return "账号或密码错误";}$token=JWTAuth::fromUser($user_mes);//生成tokenif (!$token) {return "登录失败，请重试";}return response()->json(['token'=>$token]);}//获取用户信息public function home(){$user=JWTAuth::parseToken()->touser();//获取用户信息return $user;}//退出public function logout(){JWTAuth::parseToken()->invalidate();//退出return '退出成功';}}

3.编辑路由

<?php
Route::post('/login','AuthController@login');//登录
Route::group(['middleware' => 'api.auth'], function () {Route::post('/home','AuthController@home');//获取用户信息Route::post('/logout','AuthController@logout');//退出});

配置JWT过期时间

config/jwt.php

token过期刷新

public function refresh(){try {// 获取旧token$old_token = JWTAuth::getToken();// 刷新token$token = JWTAuth::refresh($old_token);// 使老的token无效JWTAuth::invalidate($old_token);return response()->json(['token' => $token,]);} catch (JWTException $JWTException) {// 如果捕获到此异常，即代表 refresh 也过期了，用户无法刷新令牌，需要重新登录。throw new UnauthorizedHttpException('jwt-auth', $JWTException->getMessage());}}