jwt

技术文章 1年前 (2020) 完美者
1,059 0

标签:exce   特定   key   状态码   sim   ||   jwt   lfw   rev   

class BaseApi extends Controller {  protected $userId = 0;  protected $userName = ‘‘;  protected $noLoginAction = [];  protected $endTIme = 30000000;   public function _initialize()  {  parent::_initialize();  $sign = Request::instance()->header(‘sign‘);  $token = Request::instance()->header(‘token‘);  $requestTime = Request::instance()->header(‘requestTime‘);  if(!$sign || !$requestTime ){  $this ->error(‘sign or requestTime not found‘);  }  if(md5($requestTime) != $sign){  $this ->error(‘Sign verification failed‘);  }  if($requestTime < (time()-$this ->endTIme)){  $this ->error(‘request timeout‘);  }   $controller = Request::instance()->controller() ;  $action = Request::instance()->action() ;   //token : eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJodHRwOlwvXC9tbC5jbiIsImF1ZCI6Imh0dHA6XC9cL21sLmNuIiwiaWF0IjoxNTg1NjY4NzIxLCJuYmYiOjE1ODU2Njg3MjEsImV4cCI6MTU5NDMwODcyMSwiZGF0YSI6IntcInVzZXJfaWRcIjoxLFwidXNlcl9uYW1lXCI6XCJ0ZXN0TmFtZVwifSJ9.XrfKRfCGIxmc4A5BF2fSwqqhLVC86jhxWh9yjvOzw_A    if(!in_array($action , $this ->noLoginAction )){  if(!$token) $this ->error(‘Please login again‘,‘‘,300);  }   if($token){  $token_info = $this ->checkToken($token);  $user_info = json_decode($token_info[‘data‘] ,true);  $this ->userId = $user_info[‘user_id‘];  $this ->userName = $user_info[‘user_name‘];  $member_state=db(‘member‘)->where(‘member_id‘,$this->userId)->value(‘member_state‘);  if($member_state==0){  $this->success(‘该用户以被禁用‘,[],201);  }  }   }    /**  * 操作成功返回的数据  * @param string $msg 提示信息  * @param mixed $data 要返回的数据  * @param int $code 错误码,默认为1  * @param string $type 输出类型  * @param array $header 发送的 Header 信息  */  protected function success($msg = ‘Request success‘, $data = [], $code = 200, $type = null, array $header = [])  {  $this->result($msg, $data, $code, $type, $header);  }   /**  * 操作失败返回的数据  * @param string $msg 提示信息  * @param mixed $data 要返回的数据  * @param int $code 错误码,默认为0  * @param string $type 输出类型  * @param array $header 发送的 Header 信息  */  protected function error($msg = ‘Request error‘, $data = [], $code = 400, $type = null, array $header = [])  {  $this->result($msg, $data, $code, $type, $header);  }   /**  * 返回封装后的 API 数据到客户端  * @access protected  * @param mixed $msg 提示信息  * @param mixed $data 要返回的数据  * @param int $code 错误码,默认为0  * @param string $type 输出类型,支持json/xml/jsonp  * @param array $header 发送的 Header 信息  * @return void  * @throws HttpResponseException  */  protected function result($msg, $data = [], $code = 0, $type = null, array $header = [])  {  header(‘Access-Control-Allow-Origin:*‘); // 设为星号,表示同意任意跨源请求。也可配置特定的域名可访问 如: https://www.xxxx.com  header(‘Access-Control-Allow-Methods:OPTIONS,POST,GET‘); // 允许请求的类型  header(‘Access-Control-Allow-Headers:Content-Type,Content-Length,Accept-Encoding,X-Requested-with, Origin‘);  header(‘Access-Control-Expose-Headers:Content-Length,Content-Range‘);    $result = [  ‘code‘ => $code,  ‘msg‘ => $msg,  ‘time‘ => Request::instance()->server(‘REQUEST_TIME‘),  ‘data‘ => $data,  ];  // 如果未设置类型则自动判断  $type = ‘json‘;  if (isset($header[‘statuscode‘]))  {  $code = $header[‘statuscode‘];  unset($header[‘statuscode‘]);  }  else  {  //未设置状态码,根据code值判断  $code = $code >= 1000 || $code < 200 ? 200 : $code;  }  $response = Response::create($result, $type, $code)->header($header);  throw new HttpResponseException($response);  }   public function setToken($userId , $userName){  $key = config(‘jwt.key‘);  $time = time();  $data = json_encode(array(  ‘user_id‘=>$userId,  ‘user_name‘=>$userName,  ));  $set_token = array(  "iss" => "http://ml.cn",  "aud" => "http://ml.cn",  ‘iat‘ => $time, //签发时间  ‘nbf‘ => $time, //在什么时间之后该jwt才可用  ‘exp‘ => $time + 86400*100, //过期时间  "data" => $data,  );  $token = JWT::encode($set_token , $key);  return $token;  }   public function checkToken($token){  // $token = ‘eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJodHRwOlwvXC9tbC5jbiIsImF1ZCI6Imh0dHA6XC9cL21sLmNuIiwiaWF0IjoxNTg1MDIyMzYxLCJuYmYiOjE1ODUwMjIzNjEsImV4cCI6MTU5MzY2MjM2MSwiZGF0YSI6IntcInVzZXJfaWRcIjoxLFwidXNlcl9uYW1lXCI6XCJ0ZXN0VXNlclwifSJ9.qO2I2fz-oi9SLMCyNXbPTDcOUSsc-NY0tExySreUDRI‘;  $data = $this ->_readJwtToken($token);  return $data;  }  protected function _readJwtToken($jwt){   $key = config(‘jwt.key‘);   try {   JWT::$leeway = 60;//当前时间减去60,把时间留点余地   $decoded = JWT::decode($jwt, $key, [‘HS256‘]); //HS256方式,这里要和签发的时候对应   $arr = (array)$decoded;   return $arr;   } catch(\Firebase\JWT\SignatureInvalidException $e) { //签名不正确   $this ->error(‘Please login again‘,‘‘,300);   }catch(\Firebase\JWT\BeforeValidException $e) { // 签名在某个时间点之后才能用   $this ->error(‘Please login again‘,‘‘,300);   }catch(\Firebase\JWT\ExpiredException $e) { // token过期   $this ->error(‘Please login again‘,‘‘,300);   }catch(Exception $e) { //其他错误   $this ->error(‘Please login again‘,‘‘,300);   }   }    }  ?>

jwt

标签:exce   特定   key   状态码   sim   ||   jwt   lfw   rev   

原文地址:https://www.cnblogs.com/huliangqing/p/13932764.html

版权声明:完美者 发表于 2020-11-06 2:20:52。
转载请注明:jwt | 完美导航

暂无评论

暂无评论...