0

我想为 slim 应用程序实现 jwt 身份验证,我遵循 tuupora 的 PRS7 jwt 身份验证中间件,当我使用 Postman 时它工作正常,因为当我请求“/auth/ibice”时,可以选择将标头用作“Authorization: Bearer tokenString”,如下所示" 路由 这些返回的数据受中间件保护——截图

并且正在使用当我请求此路由“/ authtoken”时返回的令牌字符串,如下所示

{
  "token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJ3d3cuYXNpZC5ydyIsImlhdCI6MTQ4Njk5MjcyNCwiZXhwIjoxNDg4Mjg4NzI0LCJjb250ZXh0Ijp7InVzZXIiOnsicGhvbmVubyI6IjA3ODQyMjY4OTUiLCJ1c2VyX2lkIjoiMSJ9fX0.1kFu4A16xxJriaRA9CccIJ3M9Bup06buK2LAh13Lzy4",
  "user_id": "1"
}

这是我的 middleware.php,它保护“/auth/”的所有路由

<?php
// Application middleware
$container["jwt"] = function ($container) {
    return new StdClass;
};

    $app->add(new \Slim\Middleware\JwtAuthentication([
        "environment" => "HTTP_X_TOKEN",
        "header" => "Authorization",
        "path" => ["/auth"],
        "passthrough" => ["/authtoken"],
        "secret" => "your_secret_key",
        "error" => function ($request, $response, $arguments) {
                $data["status"] = "error";
                $data["message"] = $arguments["message"];
                return $response->withStatus(401)
                    ->withHeader("Content-Type", "application/json")
                    ->write(json_encode($data, JSON_UNESCAPED_SLASHES | JSON_PRETTY_PRINT));
            },
          "callback" => function ($request, $response, $arguments) use ($container) {
          $container["jwt"] = $arguments["decoded"];
        }
    ]));

以及我想使用从 cookie 或本地存储中存储的授权标头请求的路由,但我不知道该怎么做!

$app->group('/auth',function(){

 $this->get('/admin','App\Controllers\apiController:login')->setName('admin');   

//fetch ibice 
$this->get('/ibice','App\Controllers\apiController:ibice')->setName('Ibice');

//fetch ibice by id
$this->get('/igice/{id}', 'App\Controllers\apiController:igice')->setName('igiceId'); 

//search ibice
$this->get('/igice/search/[{query}]', 'App\Controllers\apiController:igice_search')->setName('Igice Search');

//imitwe igize igice
$this->get('/igice/{id}/imitwe','App\Controllers\apiController:imitwe')->setName('Imitwe');

//ingingo ziherereye mumutwe runaka
$this->get('/umutwe/{id}/ingingo', 'App\Controllers\apiController:ingingoBundle')->setName('Ingingo.bundle');

//ingingo ziri mucyiciro runaka
$this->get('/ingingo/icyiciro/{id}', 'App\Controllers\apiController:allstuff')->setName('Icyiciro');

//kuzana ikibazo kimwe kiri mungingo runaka
$this->get('/ingingo/{ingingoid}/question/{id}', 'App\Controllers\apiController:question')->setName('One_Exercise');

//kuzana ibibazo byose biri mungingo 
$this->get('/ingingo/{ingingoid}/questions', 'App\Controllers\apiController:questions')->setName('One_Exercise');

 //check if the answer is True or False
$this->get('/question/{id}/check/[{query}]','App\Controllers\apiController:checkQuestions')->setName('Check_Questions');

//get questions ids from ingingo
$this->get('/question/{ingingoid}','App\Controllers\apiController:questionsIDs')->setName('Check_Questions');
});

请帮助我,我不知道该怎么做!

4

1 回答 1

0

我以前从未使用过 Slim,但也许您可以使用很少的 Javascript 来访问 localstorage bcz 您无法使用 php 访问本地存储(php 在服务器端工作),而 localstorage 在浏览器(客户端)中,您可以先执行以下步骤通过点击此 /authtoken 端点 $app->get('/authtoken') 使用 php 验证令牌,然后您需要将返回的 json json_decode 到 php 数组中,然后如果假设您的包含令牌的 php 数组是 $arr 那么您可以使用少量 javascript 来保存localstorage 中的那个令牌喜欢这样,<script>localStorage.setItem('token', '<?php echo $arr['token'];?>');</script> 然后每当你想阅读它时,你也可以使用 javascript 从 localstorage 中读取它

<?php
$token = "<script>document.write(localStorage.getItem('token'));</script>"; ?>
于 2017-02-15T01:11:44.557 回答