带有JWT身份验证和邮递员的超薄框架
问题描述 投票:0回答:1
我正在使用Slim Framework开发带有JSON Web Token的REST API,然后使用Postman进行测试。我已经创建了数据库连接,我在Postman中测试了GET,POST,PUT,DELETE,一切正常,现在我来到JWT身份验证。请记住,基本Http身份验证也可以正常工作。所以,代码
的.htaccess
RewriteRule .* - [env=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
customers.php
use \Psr\Http\Message\ServerRequestInterface as Request;
use \Psr\Http\Message\ResponseInterface as Response;
$app = new \Slim\App;
$container = $app->getContainer();
$container["jwt"] = function ($container) {
return new StdClass;
};
$app->add(new \Slim\Middleware\JwtAuthentication([
"path" => "/api",
"passthrough" => ["/api/token", "/admin/ping"],
"secure" => true,
"environment" => "HTTP_X_TOKEN",
"header" => "X-Token",
"secret" => "supersecretkeyyoushouldnotcommittogithub",
"callback" => function ($request, $response, $arguments) use ($container) {
$container["jwt"] = $arguments["decoded"];
},
"error" => function ($request, $response, $arguments) {
$data["status"] = "error";
$data["message"] = $arguments["message"];
return $response
->withHeader("Content-Type", "application/json")
->write(json_encode($data, JSON_UNESCAPED_SLASHES | JSON_PRETTY_PRINT));
}
]));
$app->add(function($request, $response, $next) {
$token = $request->getQueryParams()["token"];
if (false === empty($token)) {
$request = $request->withHeader("Authorization", "Bearer {$token}");
}
return $next($request, $response);
});
//Get All Customers
$app->get('/api/customers', function(Request $request, Response $response){
$sql = "SELECT * FROM customers";
try{
//Get DB Object
$db = new db();
// Connect
$db = $db->connect();
$stmt = $db->query($sql);
$customers = $stmt->fetchAll(PDO::FETCH_OBJ);
$db = null;
echo json_encode($customers);
$fp = fopen('empdata3.json', 'w');
fwrite($fp, json_encode($customers));
fclose($fp);
header("Location: https://www.pawebgate.com/slimapp3/public/empdata3.json");
die();
}
catch(PDOException $e){
echo '{"error": {"text": '.$e->getMessage().'}';
}
});
//Get Specific Customer
$app->get('/api/customer/{id}', function(Request $request, Response $response){
$id = $request->getAttribute('id');
$sql = "SELECT * FROM customers where id = $id";
try{
//Get DB Object
$db = new db();
// Connect
$db = $db->connect();
$stmt = $db->query($sql);
$customer = $stmt->fetchAll(PDO::FETCH_OBJ);
$db = null;
echo json_encode($customer);
}
catch(PDOException $e){
echo '{"error": {"text": '.$e->getMessage().'}';
}
});
你能帮我解决一下如何设置Postman以测试上述功能,或者我为了实现JWT Auth而必须采取的其他步骤吗?我总是得到“在邮差中找不到令牌”谢谢
1个回答
0
投票
投票
首先,您需要创建一个获取令牌的路由,如下所示:
$app->post('/auth/token', function(Request $request, Response $response, array $args) {
$data = $request->getParsedBody();
$email = $data['email'] ?? null;
$password = $data['password'] ?? null;
/*[select logic here]*/
$user = $db->query("SELECT * FROM customers WHERE email = $email AND password = $password")...
/*[select logic here]*/
if($user){
$key = 'supersecretkeyyoushouldnotcommittogithub';
return $response->withJson([
'token' => JWT::encode($user, $key)
]);
}
return $response->withJson(['status' => 'error'], 401);
});
然后,您可以复制响应并在Postman中发出POST请求,将标记添加到标题“授权”。
最新问题
- 如何在 bash 中将字符串哈希为数字?
- MySQL 更改全文搜索列
- 如何编写sql查询来过滤其他列值相同的id?
- 如何交联两张纸?
- ggtext 使用什么格式化语言来格式化文本?
- min-width 与 flex-basis 有什么区别吗?
- CodeGen graphql 返回类型未知
- Svelte Kit GET by Id 给我 404 Not Found
- 如何在使用 ESC 键后重新启动 kivy 窗口
- 减少撰写中可滚动选项卡之间的间距
- 在这种情况下我应该/可以使用Java抽象工厂(或工厂方法)吗?
- 为什么我会收到此错误:未找到“Google_Service_Calendar”类?
- 在 Pandas 数据框中,如何对与给定年份和月份匹配的所有行求和
- SQL 合并性能
- 如何使用JavaScript从OpenSea检索NFT的TRAITS?
- 如何根据数据库中另一个字段的值来处理模型中特定的必填字段?
- 如何在 Google Cloud 中调度超过 30 天的 http 请求?
- 如何使用 fastboot 将整个 emmc 刷新为单个映像
- 为什么 CKEditor 5 工具栏中缺少一些指定按钮?
- CSS ajax 搜索框样式
© www.soinside.com 2019 - 2024. All rights reserved.