## 1\. 引入php-jwt包
composer require firebase/php-jwt
## 2\. 生成token
~~~
//生成token
public function createJwt($userId = 'zq')
{
$key = md5('zq8876!@!'); //jwt的簽發密鑰,驗證token的時候需要用到
$time = time(); //簽發時間
$expire = $time + 14400; //過期時間
$token = array(
"user_id" => $userId,
"iss" => "http://www.najingquan.com/",//簽發組織
"aud" => "zhangqi", //簽發作者
"iat" => $time,
"nbf" => $time,
"exp" => $expire
);
$jwt = JWTUtil::encode($token, $key);
return $jwt;
}
~~~
## 3\. 驗證token
~~~
//校驗jwt權限API
public function verifyJwt($jwt = '')
{
$key = md5('zq8876!@!');
try {
$jwtAuth = json_encode(JWTUtil::decode($jwt, $key, array('HS256')));
$authInfo = json_decode($jwtAuth, true);
$msg = [];
if (!empty($authInfo['user_id'])) {
$msg = [
'status' => 1001,
'msg' => 'Token驗證通過'
];
} else {
$msg = [
'status' => 1002,
'msg' => 'Token驗證不通過,用戶不存在'
];
}
return $msg;
} catch (\Firebase\JWT\ExpiredException $e) {
echo json_encode([
'status' => 1003,
'msg' => 'Token過期'
]);
exit;
} catch (\Exception $e) {
echo json_encode([
'status' => 1002,
'msg' => 'Token無效'
]);
exit;
}
}
~~~
## 4\. 測試
生成token
驗證token
