JWT中的refresh_token

参考链接:
https://github.com/tymondesigns/jwt-auth/issues/186
https://github.com/tymondesigns/jwt-auth/issues/11

利用JWT处理过期:
1.在普通路径下请求时如果token过期,则客户端再次发出一个请求给服务器到一个设定的refresh路径
2.在该路径下采用middleware = ‘jwt.refresh’,然后在处理函数中:

$token = JWTAuth::getToken();
$newToken = JWTAuth::refresh($token);

经过尝试,以上方法是不行的!!!不能在middleware=’jwt.refresh’下,请求到的新token首先提示不存在,然后又提示进入blacklist了。解决方法是,直接起一个新的路由,然后把上面的代码放到controller的函数中。

这块没弄明白:

// fired when the token could not be found in the request
Event::listen('tymon.jwt.absent');

// fired when the token has expired
Event::listen('tymon.jwt.expired');

// fired when the token is found to be invalid
Event::listen('tymon.jwt.invalid');

// fired if the user could not be found (shouldn't really happen)
Event::listen('tymon.jwt.user_not_found');

// fired when the token is valid (User is passed along with event)
Event::listen('tymon.jwt.valid');

https://github.com/tymondesigns/jwt-auth/issues/61
这里面提到了:Add Event::listen(‘tymon.jwt.valid’) hook in the boot function of the EventServiceProvider.php, like this.

 public function boot(DispatcherContract  $events)
    {
        parent::boot($events);
        Event::listen('tymon.jwt.valid', function($event)
        {
            Auth::setUser($event);
        });
    }

以及这段加全局异常处理,也没太明白:
Add the following code to the render method within app/Exceptions/Handler.php

public function render($request, Exception $e)
{
    if ($e instanceof Tymon\JWTAuth\Exceptions\TokenExpiredException) {
        return response()->json(['token_expired'], $e->getStatusCode());
    } else if ($e instanceof Tymon\JWTAuth\Exceptions\TokenInvalidException) {
        return response()->json(['token_invalid'], $e->getStatusCode());
    }
    return parent::render($request, $e);
}

留待思考

你可能感兴趣的:(laravel相关)