堆栈内存溢出
  简体   繁体   English

如何处理Slim API JWT身份验证

[英]How to handle Slim API JWT Authentication

 原文  2017-01-14 16:50:27       php/ jwt/ slim

问题描述

I already generated a token from my api login using this code: 我已经使用以下代码从api登录名生成了令牌: 

    if ($isCorrect == 1) {
        $key = "example_key";
        $token = array(
            "iss" => "http://mywebsite.com",
            "iat" => 1356999524,
            "nbf" => 1357000000,
            'data' => [                  
                'userName' => $UserName,
            ]
        );

        $jwt = JWT::encode($token, $key);
        $decoded = JWT::decode($jwt, $key, array('HS256'));

        $unencodedArray = ['jwt' => $jwt];
        echo json_encode($unencodedArray);
    }

So I have a token now, how can I use the token to other api? 所以我现在有一个令牌,如何将令牌用于其他api? What I mean is, i dont want anybody to perform this api without logging in. 我的意思是,我不希望任何人都无需登录即可执行此api。

This is my sample API method: 这是我的示例API方法: 

$app->get('/api/user/{UserId}', function($request){ 
//Select query here
});

This is the library i used: https://github.com/firebase/php-jwt 这是我使用的库: https : //github.com/firebase/php-jwt

Thank you very much for your help. 非常感谢您的帮助。

1 个解决方案

解决方案1
 0  2017-04-12 16:44:35

You Just need to add a middleware method for your API that will check the validation of the JWT token with that user name Then pass the request to the API 您只需要为您的API添加一个中间件方法,该方法将使用该用户名检查JWT令牌的有效性,然后将请求传递给API

` ` 

 $app->add( function ( $Req ,$Res ,$next ){
       //get token,username from the user 
    $token= $Req->getParsedBodyParam('token');
    $user_name=$Req->getParsedBodyParam('username');
    //check for empty of any of them
    if(empty ($token)|| empty($user_name)  ){
    $message=array("success"=>false,'message'=>'Some data is empty');
    return $Res->withStatus(401)
               -> withJson($message);
    }
    else{ 

    //Validation test for the taken for this user name 
                $decoded_token = $this->JWT::decode($token, 'YourSecret key', array('HS256'));
                if( isset($decoded_token->data->userName) && $decoded_token->data->userName == $user_Name ){
               $message=array('message'=>'the token is valid');
//pass through the next API 
                 $Res=$next($Req,$Res->withJson($message));
               return $Res;
                }
                else{
    $message=array("sccess"=>false,"message"=>"Token Validation Error",'code'=>201);
    return $Res->withStatus(401)
            ->withJson($message);
                }
    }
    });
    `

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 如何使用jwt slim中间件获取身份验证? - How to get authentication with jwt slim middleware? PHP Slim API中的查询字符串JWT JSON Web令牌认证 - Query string JWT JSON Web Token Authentication in PHP Slim API 使用Slim Framework jwt身份验证的angular2 - angular2 with Slim framework jwt authentication 使用JWT的Laravel API身份验证 - Laravel API Authentication with JWT 我正在将我的 API 从 slim-3 转换为 slim-4,我正在努力弄清楚如何将 JWT 添加到中间件 - I'm transitioning my API from slim-3 to slim-4 and I'm struggling to figure out how to add JWT to the middleware 为什么使用Cors向Slim 3 Blocking JWT身份验证中添加额外的中间件 - Why does adding an extra middleware to slim 3 blocking jwt authentication with cors AngularJS和苗条框架JWT身份验证和令牌刷新流程 - Angularjs and slim framework JWT authentication and token refresh flow 部分网址需要在苗条3 php框架上进行JWT身份验证 - partial url needs JWT authentication on slim 3 php framework 如何在Slim 3 Response Header中附加JWT令牌 - How to attach JWT token in Slim 3 Response Header 如何使用SLIM处理多租户? - How to handle multi tenancy with SLIM?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM