使用 JWT Lumen 进行身份验证,无需密码
Posted
技术标签:
【中文标题】使用 JWT Lumen 进行身份验证,无需密码【英文标题】:Authentication with JWT Lumen without password 【发布时间】:2017-01-26 04:50:30 【问题描述】:我在 lumen 中使用 JWT,无法仅通过电子邮件获取没有密码的令牌,我正在使用此代码形式 stack overflow --
$user=User::where('email','=','user2@gmail.com')->first();
if (!$userToken=JWTAuth::fromUser($user))
return response()->json(['error' => 'invalid_credentials'], 401);
return response()->json(compact('userToken'));
This code give me error like this ->
ErrorException in UserController.php line 44:
Non-static method Tymon\JWTAuth\JWT::fromUser() should not be called statically, assuming $this from incompatible context
我的控制器 UserController.php -
namespace App\Http\Controllers\v1;
use Illuminate\Http\Request;
use Illuminate\Http\Response;
use Exception;
use Cartalyst\Sentinel\Native\Facades\Sentinel;
use Cartalyst\Sentinel\Laravel\Facades\Activation;
use Tymon\JWTAuth\JWTAuth;
use Illuminate\Support\Facades\Mail;
use App\Model\User;
use Tymon\JWTAuth\Exceptions\JWTException;
use Tymon\JWTAuth\Exceptions\TokenExpiredException;
use Tymon\JWTAuth\Exceptions\TokenInvalidException;
我的 - 配置/身份验证
<?php
return [
/*
|--------------------------------------------------------------------------
| Authentication Defaults
|--------------------------------------------------------------------------
|
| This option controls the default authentication "guard" and password
| reset options for your application. You may change these defaults
| as required, but they're a perfect start for most applications.
|
*/
'defaults' => [
'guard' => env('AUTH_GUARD', 'api'),
'passwords' => 'users',
],
/*
|--------------------------------------------------------------------------
| Authentication Guards
|--------------------------------------------------------------------------
|
| Next, you may define every authentication guard for your application.
| Of course, a great default configuration has been defined for you
| here which uses session storage and the Eloquent user provider.
|
| All authentication drivers have a user provider. This defines how the
| users are actually retrieved out of your database or other storage
| mechanisms used by this application to persist your user's data.
|
| Supported: "session", "token"
|
*/
'guards' => [
'api' => [
'driver' => 'jwt',
'provider' => 'users',
'identifier' => 'email',
'password' => 'password',
],
],
/*
|--------------------------------------------------------------------------
| User Providers
|--------------------------------------------------------------------------
|
| All authentication drivers have a user provider. This defines how the
| users are actually retrieved out of your database or other storage
| mechanisms used by this application to persist your user's data.
|
| If you have multiple user tables or models you may configure multiple
| sources which represent each model / table. These sources may then
| be assigned to any extra authentication guards you have defined.
|
| Supported: "database", "eloquent"
|
*/
'providers' => [
'users' => [
'driver' => 'eloquent',
'model' => \App\User::class,
],
],
/*
|--------------------------------------------------------------------------
| Resetting Passwords
|--------------------------------------------------------------------------
|
| Here you may set the options for resetting passwords including the view
| that is your password reset e-mail. You may also set the name of the
| table that maintains all of the reset tokens for your application.
|
| You may specify multiple password reset configurations if you have more
| than one user table or model in the application and you want to have
| separate password reset settings based on the specific user types.
|
| The expire time is the number of minutes that the reset token should be
| considered valid. This security feature keeps tokens short-lived so
| they have less time to be guessed. You may change this as needed.
|
*/
'passwords' => [
//
],
];
我的引导程序/应用程序
<?php
require_once __DIR__ . '/../vendor/autoload.php';
try
(new Dotenv\Dotenv(__DIR__ . '/../'))->load();
catch (Dotenv\Exception\InvalidPathException $e)
//
/*
|--------------------------------------------------------------------------
| Create The Application
|--------------------------------------------------------------------------
|
| Here we will load the environment and create the application instance
| that serves as the central piece of this framework. We'll use this
| application as an "IoC" container and router for this framework.
|
*/
$app = new Laravel\Lumen\Application(
realpath(__DIR__ . '/../')
);
$app->withFacades();
$app->configure('jwt');
$app->configure('auth');
class_alias(Tymon\JWTAuth\Facades\JWTAuth::class, 'JWTAuth');
class_alias(Tymon\JWTAuth\Facades\JWTFactory::class, 'JWTFactory');
$app->withEloquent();
/*
|--------------------------------------------------------------------------
| Register Container Bindings
|--------------------------------------------------------------------------
|
| Now we will register a few bindings in the service container. We will
| register the exception handler and the console kernel. You may add
| your own bindings here if you like or you can make another file.
|
*/
$app->singleton(
Illuminate\Contracts\Debug\ExceptionHandler::class,
App\Exceptions\Handler::class
);
$app->singleton(
Illuminate\Contracts\Console\Kernel::class,
App\Console\Kernel::class
);
$app->singleton(
Illuminate\Contracts\Routing\ResponseFactory::class,
Illuminate\Routing\ResponseFactory::class
);
/*
|--------------------------------------------------------------------------
| Register Middleware
|--------------------------------------------------------------------------
|
| Next, we will register the middleware with the application. These can
| be global middleware that run before and after each request into a
| route or middleware that'll be assigned to some specific routes.
|
*/
// $app->middleware([
// App\Http\Middleware\ExampleMiddleware::class
// ]);
$app->routeMiddleware([
'auth' => App\Http\Middleware\Authenticate::class,
'jwt.auth' => Tymon\JWTAuth\Middleware\GetUserFromToken::class,
'jwt.refresh' => Tymon\JWTAuth\Middleware\RefreshToken::class,
]);
/*
|--------------------------------------------------------------------------
| Register Service Providers
|--------------------------------------------------------------------------
|
| Here we will register all of the application's service providers which
| are used to bind services into the container. Service providers are
| totally optional, so you are not required to uncomment this line.
|
*/
$app->register(App\Providers\AppServiceProvider::class);
$app->register(App\Providers\AuthServiceProvider::class);
$app->register(App\Providers\EventServiceProvider::class);
$app->register(Tymon\JWTAuth\Providers\LumenServiceProvider::class);
/*
|--------------------------------------------------------------------------
| Load The Application Routes
|--------------------------------------------------------------------------
|
| Next we will include the routes file so that they can all be added to
| the application. This will provide all of the URLs the application
| can respond to, as well as the controllers that may handle them.
|
*/
$app->group(['namespace' => 'App\Http\Controllers'], function ($app)
require __DIR__ . '/../app/Http/routes.php';
);
return $app;
我的模型用户 -
<?php
namespace App;
use Illuminate\Auth\Authenticatable;
use Laravel\Lumen\Auth\Authorizable;
use Illuminate\Database\Eloquent\Model;
use Illuminate\Contracts\Auth\Authenticatable as AuthenticatableContract;
use Illuminate\Contracts\Auth\Access\Authorizable as AuthorizableContract;
use Tymon\JWTAuth\Contracts\JWTSubject;
class User extends Model implements JWTSubject, AuthenticatableContract, AuthorizableContract
use Authenticatable,
Authorizable;
/**
* The attributes that are mass assignable.
*
* @var array
*/
protected $fillable = [
'name', 'email',
];
/**
* The attributes excluded from the model's JSON form.
*
* @var array
*/
protected $hidden = [
'password',
];
public function getJWTIdentifier()
return $this->getKey();
public function getJWTCustomClaims()
return [];
我的 - JwtSubject -
<?php
/*
* This file is part of jwt-auth.
*
* (c) Sean Tymon <tymon148@gmail.com>
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*/
namespace Tymon\JWTAuth\Contracts;
interface JWTSubject
/**
* Get the identifier that will be stored in the subject claim of the JWT.
*
* @return mixed
*/
public function getJWTIdentifier();
/**
* Return a key value array, containing any custom claims to be added to the JWT.
*
* @return array
*/
public function getJWTCustomClaims();
我的函数__construct
类 UserController 扩展控制器
public $request;
protected $jwt;
public function __construct(Request $request, JWTAuth $jwt)
try
$this->request = $request;
$this->jwt = $jwt;
catch (Exception $ex)
\Log::error("Error : " . $ex);
$output = array('success' => false, 'result' => null, 'error' => $ex, 'error_key' => 'unhandled_exception');
return new Response($output);
请帮助我如何仅使用电子邮件获取令牌。
【问题讨论】:
【参考方案1】:问题是由您的 UsersController 中的 use 语句引起的。
use Tymon\JWTAuth\JWTAuth;
当您调用JWTAuth::fromUser($user) 时,您引用的不是外观(已经包含JWTAuth 的实例),而是类的实际功能,因为它不是静态调用的,所以您不能这样做。
这就是构建立面的原因:
class_alias(Tymon\JWTAuth\Facades\JWTAuth::class, 'JWTAuth');
删除 use 声明,你应该没问题。
或将其修改为use JWTAuth;,以便您正确引用可全局访问的外观。
【讨论】:
我的函数 __construct class UserController extends Controller public $request;受保护的$jwt;公共函数 __construct(Request $request, JWTAuth $jwt) try $this->request = $request; $this->jwt = $jwt; catch (Exception $ex) \Log::error("错误:" . $ex); $output = array('success' => false, 'result' => null, 'error' => $ex, 'error_key' => 'unhandled_exception');返回新的响应($输出); 先生,感谢您的重播,但现在我收到其他错误 - 传递给 Tymon\JWTAuth\JWT::fromUser() 的参数 1 必须是 Tymon\JWTAuth\Contracts\JWTSubject 的实例,实例App\Model\User 给定,在第 217 行的 C:\wamp\www\project\vendor\illuminate\support\Facades\Facade.php 中调用并定义请帮我解决这个错误以上是关于使用 JWT Lumen 进行身份验证,无需密码的主要内容,如果未能解决你的问题,请参考以下文章
Lumen Jwt 身份验证获取(参数 2 传递给 Tymon\JWTAuth\JWTGuard)错误
如何使用相同的身份验证保护验证多种类型的用户 [Lumen]