Download the PHP package yzh52521/tp-jwt-auth without Composer

On this page you can find all versions of the php package yzh52521/tp-jwt-auth. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.

FAQ

After the download, you have to make one include require_once('vendor/autoload.php');. After that you have to import the classes with use statements.

Example:
If you use only one package a project is not needed. But if you use more then one package, without a project it is not possible to import the classes with use statements.

In general, it is recommended to use always a project to download your libraries. In an application normally there is more than one library needed.
Some PHP packages are not free to download and because of that hosted in private repositories. In this case some credentials are needed to access such packages. Please use the auth.json textarea to insert credentials, if a package is coming from a private repository. You can look here for more information.

  • Some hosting areas are not accessible by a terminal or SSH. Then it is not possible to use Composer.
  • To use Composer is sometimes complicated. Especially for beginners.
  • Composer needs much resources. Sometimes they are not available on a simple webspace.
  • If you are using private repositories you don't need to share your credentials. You can set up everything on our site and then you provide a simple download link to your team member.
  • Simplify your Composer build process. Use our own command line tool to download the vendor folder as binary. This makes your build process faster and you don't need to expose your credentials for private repositories.
Please rate this library. Is it a good library?

Informations about the package tp-jwt-auth

JWT-AUTH

thinkphp的jwt(JSON Web Token)身份验证包。支持Header、Cookie、Param等多种传参方式。包含:验证、验证并且自动刷新等多种中间件。

支持Swoole

环境要求

  1. php ^8.0
  2. thinkphp ^6.0.0 || ^8.0.0
  3. lcobucci/jwt ^4.2 || ^5.0

说明

目前支持如下三大类型加密方式:RSA,HASH,DSA。再各分256、384、512位。 默认是HS256,即hash 256位加密。

需要修改加密方式,请修改参数:ALGO,参数选项:

  • HS256
    备注:hash 256位
  • HS384 备注:hash 384位
  • HS512 备注:hash 512位
  • RS256 备注:rsa 256位
  • RS384 备注:rsa 384位
  • RS512 备注:rsa 512位
  • ES256 备注:dsa 256位
  • ES384 备注:dsa 384位
  • ES512 备注:dsa 512位
  • BLAKE2B 备注:Blake2b
  • EDDSA 备注:EdDSA

重要:RSA和DSA 都是非对称加密方式,除了修改参数ALGO外,需要配置:PUBLIC_KEY、PRIVATE_KEY两个参数, 这两个参数支持文本(不要开头、结尾和换行)或密钥文件路径。如果密钥设置了密码,请配置好参数:PASSWORD

env文件不支持内容有等于号,遇到这种情况:

1、使用路径 2、生成没有等于号的密钥。

安装

第一步:

第二步:

此举将生成jwt.php和.env配置文件。不推荐直接修改jwt.php 同时,env中会随机生成secret。请不要随意更新secret,也请保障secret安全。

使用方式

对于需要验证的路由或者模块添加中间件:

示例:

token刷新说明:

token默认有效期为60秒,如果需要修改请修改env文件。 refresh_ttl为刷新token有效期参数,单位为分钟。默认有效期14天。 token过期后,旧token将会被加入黑名单。 如果需要自动刷新,请使用中间件 thans\jwt\middleware\JWTAuthAndRefresh::class, 自动刷新后会通过header返回,请保存好。(注意,此中间件过期后第一次访问正常,第二次进入黑名单。)

token传参方式如下:

可通过jwt.php配置文件内token_mode参数来调整参数接收方式及优先级 token_mode默认值为['header', 'cookie', 'param'];

在某些前后端分离的情况下可选择取消cookie接收方式来避免token冲突

其他操作

  1. 拉黑Token JWTAuth::invalidate($token);
  2. 查询Token是否黑名单 JWTAuth::validate($token);

参考与借鉴

https://github.com/tymondesigns/jwt-auth

感谢

License

MIT


All versions of tp-jwt-auth with dependencies

PHP Build Version
Package Version
Requires php Version >=8.0.0
lcobucci/jwt Version ^4.2|^5.0
nesbot/carbon Version ^2.0
Composer command for our command line client (download client) This client runs in each environment. You don't need a specific PHP version etc. The first 20 API calls are free. Standard composer command

The package yzh52521/tp-jwt-auth contains the following files

Loading the files please wait ....