zhangyan
/
YiJiYuYue_Common
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
main
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '7876505a0a'
${ noResults }
YiJiYuYue_Common/Laravel/app/Lib/JWT.php

133 lines
4.5 KiB
PHP
Raw Blame History Unescape Escape

This file contains ambiguous Unicode characters!

This file contains ambiguous Unicode characters that may be confused with others in your current locale. If your use case is intentional and legitimate, you can safely ignore this warning. Use the Escape button to highlight these characters.

<?php
/**
* Created by PhpStorm.
* User: yanzai
* Date: 2018/12/4
* Time: 13:53
* 刚发现jwt ,自己理解的是jwt就是一个加密思路虽然按照规定写了但是还是认为可以随意或许以后能明白真正的Jwt
*/
class JWT
{
//设置Jwt秘钥
public static function GetSecret()
{
return env('JWT_KEY');
}
public static function GetGetSecretTimeOut()
{
date_default_timezone_set('PRC'); //token的有效期
$mm=env('JWT_TIME_OUT')*60;//PHP的时间是按秒算的
return date("Y-m-d H:i:s",strtotime(date('Y-m-d H:i:s',time()))+$mm); //设置Token超时时间 单位:分钟
}
public static function GetRefreshTokenTimeOut() //刷新token的有效期
{
date_default_timezone_set('PRC');
$mm=env('JWT_REFRESH_TIME_OUT')*60;//PHP的时间是按秒算的
return date("Y-m-d H:i:s",strtotime(date('Y-m-d H:i:s',time()))+$mm); //设置RefreshToken超时时间 单位:分钟
}
public static function GetMian7TokenTimeOut() //免登录7天token的有效期
{
date_default_timezone_set('PRC');
$mm=10080*60;//PHP的时间是按秒算的
return date("Y-m-d H:i:s",strtotime(date('Y-m-d H:i:s',time()))+$mm); //设置RefreshToken超时时间 单位:分钟
}
//构建完整 JWT
public static function BuildJWT($send_user,$tokenType,$userid,$role,$exp)
{
$head = self::BuildHead();
$payload = self::BuildPayload($send_user,$tokenType,$userid,$role,$exp);
$signature = self::BuildSignature($head,$payload);
return $head.'.'.$payload.'.'.$signature;
}
//构建jwt head base64转码
public static function BuildHead()
{
$head = self::urlsafe_b64encode('{
"alg": "sha256",
"typ": "JWT"
}');
return $head;
}
//构建jwt Payload base64转码
public static function BuildPayload($send_user,$tokenType,$userid,$role='customer',$exp)
{
$payload = self::urlsafe_b64encode('{"senduser": "'.$send_user.'","tokentype": "'.$tokenType.'","userid": "'.$userid.'","role": "'.$role.'","exp": "'.$exp.'"}');
return $payload;
}
//构建jwt Signature 加密生成签名
public static function BuildSignature($head,$payload)
{
$s = hash_hmac('sha256', $head.'.'.$payload, self::GetSecret(), true);
return self::urlsafe_b64encode($s);
}
//验证JWT
public static function CheckJwt($code)
{
$code = substr($code,strpos($code,' ')+1);
$result = array();
if(strlen($code)<10)
{
$result['status']='Toke_Error';
$result['meg']= '签名异常,拒绝操作!';
$result['code']=10001;
return $result;
}
$array=explode('.', $code);
$ReceiveSignature = $array[2];
$ReceiveHead = $array[0];
$ReceivePayload = $array[1];
$Signature = self::BuildSignature($ReceiveHead,$ReceivePayload);
if($ReceiveSignature==$Signature) //判断签名是否一致
{
$payload_string = self::urlsafe_b64decode($ReceivePayload);
$payload=json_decode($payload_string,true);
date_default_timezone_set('PRC');
if($payload['exp']>date('Y-m-d H:i:s',time())) //判断Token是否过期
{
$result['status']='OK';
$result['tokentype']=$payload['tokentype'];
$result['role']=$payload['role'];
$result['userid']=$payload['userid'];
$result['meg']= 'Token验证通过';
}else{
$result['status']='Token_TimeOut';
$result['meg']= 'Token已过期请返回登录界面重新授权';
$result['code']=10002;
}
}
else{
$result['status']='Toke_Error';
$result['meg']= '签名异常,拒绝操作!';
$result['code']=10001;
}
return $result;
}
//URL安全的字符串编码
static function urlsafe_b64encode($string) {
$data = base64_encode($string);
$data = str_replace(array('+','/','='),array('-','_',''),$data);
return $data;
}
//URL安全的字符串解码
static function urlsafe_b64decode($string) {
$data = str_replace(array('-','_'),array('+','/'),$string);
$mod4 = strlen($data) % 4;
if ($mod4) {
$data .= substr('====', $mod4);
}
return base64_decode($data);
}
}
Reference in New Issue View Git Blame Copy Permalink