更新jwt的服务

1 year ago · ac55596c93
2 changed files with 58 additions and 10 deletions
--- a/app/api/controller/Passport.php
+++ b/app/api/controller/Passport.php
@ -18,6 +18,7 @@ class Passport extends ApiController{
        if (!$this->request->isPost()) {
            return $this->renderError('不支持GET请求');
        }
+        $data = $this->postData();
        $model = new UserService;
        //
        $data = $this->postData();
@ -47,3 +48,43 @@ class Passport extends ApiController{
    }

 }
+
+// app/controller/Index.php
+// namespace app\controller;
+
+// use app\service\JWTService;
+// use think\Request;
+
+// class IndexController
+// {
+//     protected $jwtService;
+
+//     public function __construct(JWTService $jwtService)
+//     {
+//         $this->jwtService = $jwtService;
+//     }
+
+//     public function login(Request $request)
+//     {
+//         $username = $request->param('username');
+//         $password = $request->param('password');
+
+//         // 假设验证用户名和密码成功
+//         $claims = ['id' => 1, 'username' => $username];
+
+//         $token = $this->jwtService->createToken($claims);
+
+//         return json(['token' => $token]);
+//     }
+
+//     public function protectedRoute(Request $request)
+//     {
+//         $claims = $request->attributes->get('claims');
+
+//         if (empty($claims)) {
+//             return json(['error' => 'Unauthorized'], 401);
+//         }
+
+//         return json(['message' => 'Welcome, ' . $claims['username']]);
+//     }
+// }
--- a/app/api/service/JWTService.php
+++ b/app/api/service/JWTService.php
@ -1,10 +1,10 @@
 <?php
 namespace app\api\service;

-use Lcobucci\JWT\Parser;
+use Lcobucci\JWT\Builder;
 use Lcobucci\JWT\Signer\Hmac\Sha256;
-use Lcobucci\JWT\Token;
 use Lcobucci\JWT\Signer\Key\InMemory;
+use Lcobucci\JWT\Token;

 class JWTService
 {
@ -20,19 +20,26 @@ class JWTService
        $signer = new Sha256();
        $key = InMemory::plainText($this->secret);

-        $token = (new Token())->withClaim('id', $claims['id'])->withClaim('username', $claims['username']);
-        $token = $token->withExpiresAt(time() + config('jwt.token_ttl'));
+        $token = (new Builder())->issuedNow()->canOnlyBeUsedAfter(0)->expiresAt(time() + config('jwt.token_ttl'));
+
+        foreach ($claims as $key => $value) {
+            $token = $token->withClaim($key, $value);
+        }

        return (string) $token->sign($signer, $key);
    }

    public function verifyToken(string $token): array
    {
-        $parser = new Parser();
-        $token = $parser->parse((string) $token);
-
-        if ($token->verify(new Sha256(), InMemory::plainText($this->secret))) {
-            return $token->getClaims();
+        try {
+            $parser = new \Lcobucci\JWT\Parser();
+            $token = $parser->parse($token);
+
+            if ($token->verify(new Sha256(), InMemory::plainText($this->secret))) {
+                return $token->getClaims();
+            }
+        } catch (\Exception $e) {
+            // Handle exception
        }

        return [];