I am working on a slim REST API and I want to secure it with JWT Token. I try a lot of tutorials and I am anable to make things work.
I use :
slim 4.*
slim/psr7 0.6.0
tuupola/slim-jwt-auth ^3.4
tuupola/cors-middleware ^1.1
Ubuntu 19.10 and Xampp
I have have 2 routes (POST /login and GET /api/test)
I want to be able to use the /login route without token and the other one with a token. So I wrote :
$app->add(new Tuupola\Middleware\JwtAuthentication([
"path" => "/api",
"secret" => getenv ("SPROUTCH_TOKEN"),
"error" => function ($request, $response, $arguments) {
$data["status"] = "error";
$data["message"] = $arguments["message"];
return $response
->withHeader("Content-Type", "application/json")
->write(json_encode($data, JSON_UNESCAPED_SLASHES | JSON_PRETTY_PRINT));
},
]));
In that case nothing is secure so I tried this :
$app->add(new Tuupola\Middleware\JwtAuthentication([
"secret" => getenv ("SPROUTCH_TOKEN"),
"error" => function ($request, $response, $arguments) {
$data["status"] = "error";
$data["message"] = $arguments["message"];
return $response
->withHeader("Content-Type", "application/json")
->write(json_encode($data, JSON_UNESCAPED_SLASHES | JSON_PRETTY_PRINT));
},
]));
And of course I can't access anything.
问题只是“路径”键只需要绝对路径
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.