![\"\u5982\u4f55\u4f7f\u7528Hyperf\u6846\u67b6\u8fdb\u884c\u8eab\u4efd\u8ba4\u8bc1\u63d2\u56fe\"](\"https:\/\/img.php.cn\/upload\/article\/000\/000\/164\/169811286662281.jpg\" "\\"\u5982\u4f55\u4f7f\u7528Hyperf\u6846\u67b6\u8fdb\u884c\u8eab\u4efd\u8ba4\u8bc1\u63d2\u56fe\\"")
<\/p>\n<\/p>\n
\u5982\u4f55\u4f7f\u7528Hyperf\u6846\u67b6\u8fdb\u884c\u8eab\u4efd\u8ba4\u8bc1<\/p>\n
\u5728\u73b0\u4ee3\u7684Web\u5e94\u7528\u7a0b\u5e8f\u4e2d\uff0c\u7528\u6237\u8eab\u4efd\u8ba4\u8bc1\u662f\u4e00\u4e2a\u975e\u5e38\u91cd\u8981\u7684\u529f\u80fd\u3002\u4e3a\u4e86\u4fdd\u62a4\u654f\u611f\u4fe1\u606f\u548c\u786e\u4fdd\u5e94\u7528\u7a0b\u5e8f\u7684\u5b89\u5168\u6027\uff0c\u8eab\u4efd\u8ba4\u8bc1\u53ef\u4ee5\u786e\u4fdd\u53ea\u6709\u7ecf\u8fc7\u9a8c\u8bc1\u7684\u7528\u6237\u624d\u80fd\u8bbf\u95ee\u53d7\u9650\u8d44\u6e90\u3002<\/p>\n
Hyperf\u662f\u4e00\u4e2a\u57fa\u4e8eSwoole\u7684\u9ad8\u6027\u80fdPHP\u6846\u67b6\uff0c\u63d0\u4f9b\u4e86\u5f88\u591a\u73b0\u4ee3\u5316\u548c\u9ad8\u6548\u7684\u529f\u80fd\u548c\u5de5\u5177\u3002\u5728Hyperf\u6846\u67b6\u4e2d\uff0c\u6211\u4eec\u53ef\u4ee5\u4f7f\u7528\u591a\u79cd\u65b9\u6cd5\u6765\u5b9e\u73b0\u8eab\u4efd\u8ba4\u8bc1\uff0c\u4e0b\u9762\u5c06\u4ecb\u7ecd\u5176\u4e2d\u4e24\u79cd\u5e38\u7528\u7684\u65b9\u6cd5\u3002<\/p>\n
JWT\u662f\u4e00\u79cd\u5f00\u653e\u6807\u51c6\uff08RFC 7519\uff09\uff0c\u5b83\u5b9a\u4e49\u4e86\u4e00\u4e2a\u7b80\u6d01\u7684\u3001\u81ea\u5305\u542b\u7684\u65b9\u6cd5\uff0c\u7528\u4e8e\u5728\u901a\u4fe1\u53cc\u65b9\u4e4b\u95f4\u5b89\u5168\u5730\u4f20\u8f93\u4fe1\u606f\u3002\u5728Hyperf\u6846\u67b6\u4e2d\uff0c\u6211\u4eec\u53ef\u4ee5\u4f7f\u7528lcobucci\/jwt\u6269\u5c55\u5e93\u6765\u5b9e\u73b0JWT\u7684\u751f\u6210\u548c\u9a8c\u8bc1\u3002<\/p>\n
\u9996\u5148\uff0c\u6211\u4eec\u9700\u8981\u5728composer.json\u6587\u4ef6\u4e2d\u6dfb\u52a0lcobucci\/jwt\u5e93\u7684\u4f9d\u8d56\u9879\uff1a<\/p>\n
\"require\": {\n \"lcobucci\/jwt\": \"^3.4\"\n}<\/pre>\n \u767b\u5f55\u540e\u590d\u5236 <\/p>\n
\u7136\u540e\u6267\u884ccomposer update\u547d\u4ee4\u5b89\u88c5\u4f9d\u8d56\u9879\u3002<\/p>\n
\u63a5\u4e0b\u6765\uff0c\u6211\u4eec\u53ef\u4ee5\u521b\u5efa\u4e00\u4e2aJwtAuthenticator\u7c7b\uff0c\u7528\u4e8e\u751f\u6210\u548c\u9a8c\u8bc1JWT\uff1a<\/p>\n
<?php declare(strict_types=1);\n\nnamespace AppAuth;\n\nuse HyperfExtAuthAuthenticatable;\nuse HyperfExtAuthContractsAuthenticatorInterface;\nuse LcobucciJWTConfiguration;\nuse LcobucciJWTToken;\n\nclass JwtAuthenticator implements AuthenticatorInterface\n{\n private Configuration $configuration;\n\n public function __construct(Configuration $configuration)\n {\n $this->configuration = $configuration;\n }\n\n public function validateToken(string $token): bool\n {\n $parsedToken = $this->configuration->parser()->parse($token);\n $isVerified = $this->configuration->validator()->validate($parsedToken, ...$this->configuration->validationConstraints());\n \n return $isVerified;\n }\n\n public function generateToken(Authenticatable $user): string\n {\n $builder = $this->configuration->createBuilder();\n $builder->issuedBy('your_issuer')\n ->issuedAt(new DateTimeImmutable())\n ->expiresAt((new DateTimeImmutable())->modify('+1 hour'))\n ->withClaim('sub', (string) $user->getAuthIdentifier());\n \n $token = $builder->getToken($this->configuration->signer(), $this->configuration->signingKey());\n \n return $token->toString();\n }\n}<\/pre>\n \u767b\u5f55\u540e\u590d\u5236 <\/p>\n
\u7136\u540e\uff0c\u6211\u4eec\u9700\u8981\u5728Hyperf\u6846\u67b6\u7684\u5bb9\u5668\u4e2d\u6ce8\u518cJwtAuthenticator\u7c7b\uff1a<\/p>\n
HyperfUtilsApplicationContext::getContainer()->define(AppAuthJwtAuthenticator::class, function (PsrContainerContainerInterface $container) {\n $configuration = LcobucciJWTConfiguration::forAsymmetricSigner(\n new LcobucciJWTSignerRsaSha256(),\n LcobucciJWTSignerKeyLocalFileReference::file('path\/to\/private\/key.pem')\n );\n\n return new AppAuthJwtAuthenticator($configuration);\n});<\/pre>\n \u767b\u5f55\u540e\u590d\u5236 <\/p>\n
\u6700\u540e\uff0c\u5728\u9700\u8981\u8ba4\u8bc1\u7684\u8def\u7531\u6216\u63a7\u5236\u5668\u65b9\u6cd5\u4e2d\uff0c\u6211\u4eec\u53ef\u4ee5\u4f7f\u7528JwtAuthenticator\u7c7b\u6765\u9a8c\u8bc1\u7528\u6237\u7684JWT\uff1a<\/p>\n
<?php declare(strict_types=1);\n\nnamespace AppController;\n\nuse AppAuthJwtAuthenticator;\nuse HyperfHttpServerAnnotationController;\nuse HyperfHttpServerAnnotationRequestMapping;\n\n\/**\n * @Controller(prefix=\"\/api\")\n *\/\nclass ApiController\n{\n private JwtAuthenticator $authenticator;\n\n public function __construct(JwtAuthenticator $authenticator)\n {\n $this->authenticator = $authenticator;\n }\n\n \/**\n * @RequestMapping(path=\"profile\", methods=\"GET\")\n *\/\n public function profile()\n {\n $token = $this->request->getHeader('Authorization')[0] ?? '';\n $token = str_replace('Bearer ', '', $token);\n \n if (!$this->authenticator->validateToken($token)) {\n \/\/ Token\u9a8c\u8bc1\u5931\u8d25\uff0c\u8fd4\u56de\u9519\u8bef\u54cd\u5e94\n return 'Unauthorized';\n }\n\n \/\/ Token\u9a8c\u8bc1\u6210\u529f\uff0c\u8fd4\u56de\u7528\u6237\u4fe1\u606f\n return $this->authenticator->getUserByToken($token);\n }\n}<\/pre>\n \u767b\u5f55\u540e\u590d\u5236 <\/p>\n
\n- \u4f7f\u7528Session<\/li>\n<\/ol>\n
\u9664\u4e86JWT\u8ba4\u8bc1\uff0cHyperf\u6846\u67b6\u4e5f\u652f\u6301\u4f7f\u7528Session\u8fdb\u884c\u8eab\u4efd\u8ba4\u8bc1\u3002\u6211\u4eec\u53ef\u4ee5\u901a\u8fc7\u914d\u7f6e\u6587\u4ef6\u6765\u542f\u7528Session\u8ba4\u8bc1\u529f\u80fd\u3002<\/p>\n
\u9996\u5148\uff0c\u6211\u4eec\u9700\u8981\u5728\u914d\u7f6e\u6587\u4ef6config\/autoload\/session.php\u4e2d\u8fdb\u884c\u76f8\u5e94\u7684\u914d\u7f6e\uff0c\u4f8b\u5982\uff1a<\/p>\n
return [\n 'handler' => [\n 'class' => HyperfRedisSessionHandler::class,\n 'options' => [\n 'pool' => 'default',\n ],\n ],\n];<\/pre>\n \u767b\u5f55\u540e\u590d\u5236 <\/p>\n
\u7136\u540e\uff0c\u5728\u9700\u8981\u8ba4\u8bc1\u7684\u8def\u7531\u6216\u63a7\u5236\u5668\u65b9\u6cd5\u4e2d\uff0c\u6211\u4eec\u53ef\u4ee5\u4f7f\u7528Hyperf\u6846\u67b6\u63d0\u4f9b\u7684AuthManager\u7c7b\u6765\u9a8c\u8bc1\u7528\u6237\u7684Session\uff1a<\/p>\n
<?php declare(strict_types=1);\n\nnamespace AppController;\n\nuse HyperfHttpServerAnnotationController;\nuse HyperfHttpServerAnnotationRequestMapping;\nuse HyperfExtAuthContractsAuthManagerInterface;\n\n\/**\n * @Controller(prefix=\"\/api\")\n *\/\nclass ApiController\n{\n private AuthManagerInterface $authManager;\n\n public function __construct(AuthManagerInterface $authManager)\n {\n $this->authManager = $authManager;\n }\n\n \/**\n * @RequestMapping(path=\"profile\", methods=\"GET\")\n *\/\n public function profile()\n {\n if (!$this->authManager->check()) {\n \/\/ \u7528\u6237\u672a\u767b\u5f55\uff0c\u8fd4\u56de\u9519\u8bef\u54cd\u5e94\n return 'Unauthorized';\n }\n\n \/\/ \u7528\u6237\u5df2\u767b\u5f55\uff0c\u8fd4\u56de\u7528\u6237\u4fe1\u606f\n return $this->authManager->user();\n }\n}<\/pre>\n \u767b\u5f55\u540e\u590d\u5236 <\/p>\n
\u5728\u4e0a\u8ff0\u4ee3\u7801\u4e2d\uff0cAuthManagerInterface\u63a5\u53e3\u63d0\u4f9b\u4e86\u8bb8\u591a\u7528\u4e8e\u8ba4\u8bc1\u548c\u7528\u6237\u64cd\u4f5c\u7684\u65b9\u6cd5\uff0c\u5177\u4f53\u53ef\u6839\u636e\u5b9e\u9645\u9700\u6c42\u8fdb\u884c\u8c03\u7528\u3002<\/p>\n
\u4ee5\u4e0a\u662f\u4f7f\u7528Hyperf\u6846\u67b6\u8fdb\u884c\u8eab\u4efd\u8ba4\u8bc1\u7684\u4e24\u79cd\u5e38\u7528\u65b9\u6cd5\uff0c\u901a\u8fc7JWT\u6216\u8005Session\u6765\u5b9e\u73b0\u7528\u6237\u8eab\u4efd\u9a8c\u8bc1\u3002\u6839\u636e\u5b9e\u9645\u9700\u6c42\u548c\u9879\u76ee\u7279\u70b9\uff0c\u9009\u62e9\u5408\u9002\u7684\u65b9\u6cd5\u4ee5\u786e\u4fdd\u5e94\u7528\u7a0b\u5e8f\u7684\u5b89\u5168\u6027\u548c\u7528\u6237\u4f53\u9a8c\u3002\u5728\u5b9e\u9645\u5f00\u53d1\u4e2d\uff0c\u53ef\u4ee5\u6839\u636e\u6846\u67b6\u63d0\u4f9b\u7684\u6587\u6863\u548c\u793a\u4f8b\u4ee3\u7801\u6df1\u5165\u4e86\u89e3\u66f4\u591a\u9ad8\u7ea7\u7528\u6cd5\u548c\u6700\u4f73\u5b9e\u8df5\u3002<\/p>\n
\u4ee5\u4e0a\u5c31\u662f\u5982\u4f55\u4f7f\u7528Hyperf\u6846\u67b6\u8fdb\u884c\u8eab\u4efd\u8ba4\u8bc1\u7684\u8be6\u7ec6\u5185\u5bb9\uff0c\u66f4\u591a\u8bf7\u5173\u6ce8\u7c73\u4e91\u5176\u5b83\u76f8\u5173\u6587\u7ae0\uff01<\/p>\n","protected":false},"excerpt":{"rendered":"
\u5982\u4f55\u4f7f\u7528Hyperf\u6846\u67b6\u8fdb\u884c\u8eab\u4efd\u8ba4\u8bc1 \u5728\u73b0\u4ee3\u7684Web\u5e94\u7528\u7a0b\u5e8f\u4e2d\uff0c\u7528\u6237\u8eab\u4efd\u8ba4\u8bc1\u662f\u4e00\u4e2a\u975e\u5e38\u91cd\u8981\u7684\u529f\u80fd\u3002\u4e3a\u4e86\u4fdd\u62a4\u654f\u611f\u4fe1\u606f\u548c\u786e\u4fdd\u5e94\u7528\u7a0b\u5e8f\u7684\u5b89\u5168\u6027\uff0c\u8eab\u4efd\u8ba4\u8bc1\u53ef\u4ee5\u786e\u4fdd\u53ea\u6709\u7ecf\u8fc7\u9a8c\u8bc1\u7684\u7528\u6237\u624d\u80fd\u8bbf\u95ee\u53d7\u9650\u8d44\u6e90\u3002 Hyperf\u662f\u4e00\u4e2a\u57fa\u4e8eSwoole\u7684\u9ad8\u6027\u80fdPHP\u6846\u67b6\uff0c\u63d0\u4f9b\u4e86\u5f88\u591a\u73b0\u4ee3\u5316\u548c\u9ad8\u6548\u7684\u529f\u80fd\u548c\u5de5\u5177\u3002\u5728Hyperf\u6846\u67b6\u4e2d\uff0c\u6211\u4eec\u53ef\u4ee5\u4f7f\u7528\u591a\u79cd\u65b9\u6cd5\u6765\u5b9e\u73b0\u8eab\u4efd\u8ba4\u8bc1\uff0c\u4e0b\u9762\u5c06\u4ecb\u7ecd\u5176\u4e2d\u4e24\u79cd\u5e38\u7528\u7684\u65b9\u6cd5\u3002 \u4f7f\u7528JWT\uff08JSON Web Token\uff09 JWT\u662f\u4e00\u79cd\u5f00\u653e\u6807\u51c6\uff08RFC 7519\uff09\uff0c\u5b83\u5b9a\u4e49\u4e86\u4e00\u4e2a\u7b80\u6d01\u7684\u3001\u81ea\u5305\u542b\u7684\u65b9\u6cd5\uff0c\u7528\u4e8e\u5728\u901a\u4fe1\u53cc\u65b9\u4e4b\u95f4\u5b89\u5168\u5730\u4f20\u8f93\u4fe1\u606f\u3002\u5728Hyperf\u6846\u67b6\u4e2d\uff0c\u6211\u4eec\u53ef\u4ee5\u4f7f\u7528lcobucci\/jwt\u6269\u5c55\u5e93\u6765\u5b9e\u73b0JWT\u7684\u751f\u6210\u548c\u9a8c\u8bc1\u3002 \u9996\u5148\uff0c\u6211\u4eec\u9700\u8981\u5728composer.json\u6587\u4ef6\u4e2d\u6dfb\u52a0lcobucci\/jwt\u5e93\u7684\u4f9d\u8d56\u9879\uff1a “require”: { “lcobucci\/jwt”: “^3.4” } \u767b\u5f55\u540e\u590d\u5236 \u7136\u540e\u6267\u884ccomposer update\u547d\u4ee4\u5b89\u88c5\u4f9d\u8d56\u9879\u3002 \u63a5\u4e0b\u6765\uff0c\u6211\u4eec\u53ef\u4ee5\u521b\u5efa\u4e00\u4e2aJwtAuthenticator\u7c7b\uff0c\u7528\u4e8e\u751f\u6210\u548c\u9a8c\u8bc1JWT\uff1a <?php declare(strict_types=1); namespace AppAuth; use HyperfExtAuthAuthenticatable; use HyperfExtAuthContractsAuthenticatorInterface; use LcobucciJWTConfiguration; use LcobucciJWTToken; class JwtAuthenticator implements AuthenticatorInterface { private Configuration $configuration; public function __construct(Configuration $configuration) { $this->configuration = $configuration; } public function validateToken(string $token): bool { $parsedToken = […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[16],"tags":[],"class_list":["post-24759","post","type-post","status-publish","format-standard","hentry","category-16"],"_links":{"self":[{"href":"https:\/\/fwq.ai\/blog\/wp-json\/wp\/v2\/posts\/24759","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/fwq.ai\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/fwq.ai\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/fwq.ai\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/fwq.ai\/blog\/wp-json\/wp\/v2\/comments?post=24759"}],"version-history":[{"count":0,"href":"https:\/\/fwq.ai\/blog\/wp-json\/wp\/v2\/posts\/24759\/revisions"}],"wp:attachment":[{"href":"https:\/\/fwq.ai\/blog\/wp-json\/wp\/v2\/media?parent=24759"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/fwq.ai\/blog\/wp-json\/wp\/v2\/categories?post=24759"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/fwq.ai\/blog\/wp-json\/wp\/v2\/tags?post=24759"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}