qthans / jwt-auth Goto Github PK
View Code? Open in Web Editor NEWJSON Web Token Authentication for Thinkphp
License: MIT License
JSON Web Token Authentication for Thinkphp
License: MIT License
JWTAuth::auth()一过期就抛出错误
Fatal error: Cannot instantiate interface thans\jwt\contract\Storage
不支持php8.1
5.0.24 这个版本
使用RS512会出现无法判断是否为密钥对象的问题了
大佬好,
/*
| -------------------------------------------------------------------------
| Blacklist Grace Period
| -------------------------------------------------------------------------
|
| 当多个并发请求使用相同的JWT进行时,
| 由于 access_token 的刷新 ,其中一些可能会失败
| 以秒为单位设置请求时间以防止并发的请求失败。
|
*/
'blacklist_grace_period' => env('JWT_BLACKLIST_GRACE_PERIOD', 0),
这个配置项支持吗,应该怎么配置呢,谢谢
现在主要是想解决 “多个并发请求使用相同的JWT进行”
由于在helper.php中初始化thans\jwt\provider\JWT类时重新生成了一个Request类导致通过header的方式获取到token,应该使用app("request")的方式从容器中获取request对象
源码有getToken方法,没有token()方法
`public function getToken()
{
if ($this->token === null) {
try {
$this->parseToken();
} catch (JWTException $e) {
$this->token = null;
}
}
return $this->token;
}`
thans/tp-jwt-auth1.2.0需要依赖lcobucci/jwt:3.3.*,但是lcobucci/jwt:3.3.*只支持php5.6或者php7版本
或者说我有什么快捷的方式取得用户的信息呢,如userid。新手,不是很懂。
我通过自己写中间件,置于此项目提供的JWTAuth中间件后,使用getPayload()
来把payload写到$request里来让控制器获取payload里的数据。
<?php
namespace app\middleware;
use thans\jwt\facade\JWTAuth;
class Auth
{
public function handle($request, \Closure $next, $name)
{
$payload = JWTAuth::getPayload();
if(empty($payload['sid']) || empty($payload['uid'])) return json(['code' => 1, 'msg' => '登录态超时']);
$jwt_array = [];
foreach($payload as $val){
$jwt_array[$val->getName()] = $val->getValue();
}
$request->jwt = $jwt_array;
return $next($request);
}
}
但如果使用JWTAuthAndRefresh
这个中间件,在token过期后,getPayload()
也会报token过期的错误,以至于无法获取到payload信息,请问这种情况该如何处理呢?
服务器上的环境还是5.6,有其他的老项目在
php8.2已经不支持类的动态属性创建,thinkphp6.2支持了php8.2,因此在使用当前扩展时,会报错:
Creation of dynamic property thans\jwt\provider\JWT\Lcobucci::$signer is deprecated
--
Creation of dynamic property thans\jwt\claim\Factory::$request is deprecated
----
Creation of dynamic property thans\jwt\Manager::$provider is deprecated
thinkphp6 在中间件 使用 JWTAuth::auth(); 报跨域,注释掉JWTAuth::auth(); 就不报跨域了。因为项目已经 设置了可以跨域
在中间件中使用 :
class Authorization
{
public function handle($request, Closure $next)
{
try {
JWTAuth::auth();
} catch(\Throwable $t) {
abort(401,'token已经失效');
}
return $next($request);
}
}
提示的跨域错误:
as been blocked by CORS policy: Response to preflight request doesn't pass access control check: It does not have HTTP ok status.
备注:我觉得跨域应该是服务器设置的,但是使用 JWTAuth::auth()方法 验证token 会报跨域,把JWTAuth::auth() 注释掉 就不报了。可以证明 是使用了 JWTAuth::auth() 方法造成的
1.1.1
interface Storage
{
public function set($key, $time = 0);
public function get($key);
public function delete($key);
}
1.1.2
interface Storage
{
public function set($key, $val, $time = 0);
public function get($key);
public function delete($key);
}
程序错误提示
NOTICE: PHP message: PHP Fatal error: Declaration of jwt\Blacklist::set($key, $time = 0) must be compatible with thans\jwt\contract\Storage::set($key, $val, $time = 0) in /var/www/html/extend/jwt/Blacklist.php on line 8
你这个文档太简陋了。建议写demo放在源文件下
在最近的TP6.0中,此处应该为
return $response->header(['Authorization' => 'Bearer ' . $token]);
传递的是一个数组而非键值对。
i create private & publi keys by follow setps:
1.openssl genrsa -out private.key 1024
2.openssl rsa -in private.key -pubout -out public.key
and then edit .env file add this follow lines:
[JWT]
ALGO=RS256
TTL=604820
PUBLIC_KEY=/data/cfdvq/runtime/public.key
PRIVATE_KEY=/data/cfdvq/runtime/private.key
but on execute, then will throw exceptions:
It was not possible to parse your key, reason: error:0909006C:PEM routines:get_name:no start line
@param resource|bool $key
@throws InvalidArgumentException
*/
private function validateKey($key)
{
if (! is_resource($key)) {
throw new InvalidArgumentException(
'It was not possible to parse your key, reason: ' . openssl_error_string()
);
}
$details = openssl_pkey_get_details($key);
if (! isset($details['key']) || $details['type'] !== $this->getKeyType()) {
throw new InvalidArgumentException('This key is not compatible with this signer');
}
it's my create keys steps error or someing else??
$tokenStr = JWTAuth::token()->get();
Call to a member function get() on null
你好,请问下有什么方法可以通过Token 获取到UID值吗?
我看composer里面还require了一个代码一样的.....
{
"name": "thans/tp-jwt-auth",
"description": "thinkphp jwt auth composer",
"type": "library",
"require": {
"php": "^7.0 || ^8.0",
"qeq66/jwt": "3.3.*",
"topthink/framework": "^5.1.10 || ^6.0.0"
},
"license": "MIT",
"authors": [
{
"name": "Thans",
"email": "[email protected]"
}
],
"autoload": {
"psr-4": {
"thans\\jwt\\": "src"
},
"files": [
"src/helper.php"
]
},
"extra": {
"think": {
"services": [
"thans\\jwt\\Service"
],
"config": {
"jwt": "config/config.php"
}
}
},
"minimum-stability": "dev"
}
thans/tp-jwt-auth v1.1.3 requires php ^7.0 which does not match your installed version 8.0.6.
During inheritance of JsonSerializable: Uncaught think\exception\ErrorException: Return type of Lcobucci\JWT\Claim\Basic::jsonSerialize() should either be compatible with JsonSerializable::jsonSerialize(): mixed, or the #[\ReturnTypeWillChange] attribute should be used to temporarily suppress the notice in
测试过好几遍,确实在V6.0.13LTS版本中报错
php版本PHP 7.4.30 (cli)
错误原因未知,只是安装正常流程调用。
Could not create token :strpos() expects parameter 1 to be string, array given
您好 请问一下这个是什么错误造成的呢?谢谢
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.