PHP Firebase帮助 - 设置JWT

时间:2016-09-13 17:22:53

标签: php firebase server firebase-authentication

在我的服务器上,我运行了几个读取我的Firebase实时数据库的PHP文件。根据{{​​3}},我需要设置自定义令牌以使Firebase's documents运行。 Firebase文档说我需要返回此内容; 

  return JWT::encode($payload, $private_key, "RS256");

我究竟如何引用JWT类?我下载了一个JWT库,但我不知道如何在我的项目中实现它。任何帮助都会很棒,我主要是一名移动开发人员,对PHP几乎没有经验。

2 个答案:

答案 0 :(得分:19)

firebase / php-jwt库使用composer。如果你来自android开发背景,Composer是PHP的依赖管理器,类似于Java中的Maven。您需要知道如何使用php的require / include函数在php中导入类。你需要一些使用php的经验才能使用作曲家。

为了使用没有composer的firebase / php-jwt库你可以使用下面的示例代码:(我在'jwt'文件夹下载了库)

<?php

require_once 'jwt/src/BeforeValidException.php';
require_once 'jwt/src/ExpiredException.php';
require_once 'jwt/src/SignatureInvalidException.php';
require_once 'jwt/src/JWT.php';


use \Firebase\JWT\JWT;

$key = "example_key";
$token = array(
   "iss" => "http://example.org",
   "aud" => "http://example.com",
   "iat" => 1356999524,
   "nbf" => 1357000000
);

/**
 * IMPORTANT:
 * You must specify supported algorithms for your application. See
 * https://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-40
 * for a list of spec-compliant algorithms.
*/
$jwt = JWT::encode($token, $key);
$decoded = JWT::decode($jwt, $key, array('HS256'));

print_r($decoded);

/*
 NOTE: This will now be an object instead of an associative array. To get
 an associative array, you will need to cast it as such:
*/

$decoded_array = (array) $decoded;

/**
* You can add a leeway to account for when there is a clock skew times   between
* the signing and verifying servers. It is recommended that this leeway should
* not be bigger than a few minutes.
*
* Source: http://self-issued.info/docs/draft-ietf-oauth-json-web-token.html#nbfDef
*/
   JWT::$leeway = 60; // $leeway in seconds
   $decoded = JWT::decode($jwt, $key, array('HS256'));
 ?>

答案 1 :(得分:0)

firebase / php-jwt

来源Link Angular App 

<?php

 // Allow from any origin
    if (isset($_SERVER['HTTP_ORIGIN'])) {
        header("Access-Control-Allow-Origin: {$_SERVER['HTTP_ORIGIN']}");
        header('Access-Control-Allow-Credentials: true');
        header('Access-Control-Max-Age: 86400');    // cache for 1 day
    }

    // Access-Control headers are received during OPTIONS requests
    if ($_SERVER['REQUEST_METHOD'] == 'OPTIONS') {

        if (isset($_SERVER['HTTP_ACCESS_CONTROL_REQUEST_METHOD']))
            header("Access-Control-Allow-Methods: GET, POST, OPTIONS");         

        if (isset($_SERVER['HTTP_ACCESS_CONTROL_REQUEST_HEADERS']))
            header("Access-Control-Allow-Headers:        {$_SERVER['HTTP_ACCESS_CONTROL_REQUEST_HEADERS']}");

        exit(0);
    }


require_once('vendor/autoload.php');
use \Firebase\JWT\JWT; 
define('SECRET_KEY','Super-Secret-Key');  // secret key can be a random string and keep in secret from anyone
define('ALGORITHM','HS256');   // Algorithm used to sign the token



$postdata = file_get_contents("php://input");
$request = json_decode($postdata);


$action = $request->action;


// Login section
if ($action == 'login') {

    $email = $request->email;
    $password = $request->password; 

        //A dummy credential match.. you should have some SQl queries to match from databases
        if($email == "freaky@jolly.com" && $password == "12345678")
        {
            $iat = time(); // time of token issued at
            $nbf = $iat + 10; //not before in seconds
            $exp = $iat + 60; // expire time of token in seconds

            $token = array(
                "iss" => "http://example.org",
                "aud" => "http://example.com",
                "iat" => $iat,
                "nbf" => $nbf,
                "exp" => $exp,
                "data" => array(
                        "id" => 11,
                        "email" => $email
                )
            );

            http_response_code(200);

            $jwt = JWT::encode($token, SECRET_KEY);


            $data_insert=array(
                'access_token' => $jwt,                                 
                'id'   => '007',
                'name' => 'Jolly',
                'time' => time(),
                'username' => 'FreakyJolly', 
                'email' => 'contact@freakyjolly.com', 
                'status' => "success",
                'message' => "Successfully Logged In"
            );


        }else{
            $data_insert=array(
                "data" => "0",
                "status" => "invalid",
                "message" => "Invalid Request"
            );  
        }   

}
// Get Dashboard stuff
else if($action == 'stuff'){

    $authHeader = $_SERVER['HTTP_AUTHORIZATION'];
    $temp_header = explode(" ", $authHeader);
    $jwt = $temp_header[1];

    try {
        JWT::$leeway = 10;
        $decoded = JWT::decode($jwt, SECRET_KEY, array(ALGORITHM));

        // Access is granted. Add code of the operation here 

        $data_from_server = '{"Coords":[{"Accuracy":"65","Latitude":"53.277720488429026","Longitude":"-9.012038778269686","Timestamp":"Fri Jul 05 2013 11:59:34 GMT+0100 (IST)"},{"Accuracy":"65","Latitude":"53.277720488429026","Longitude":"-9.012038778269686","Timestamp":"Fri Jul 05 2013 11:59:34 GMT+0100 (IST)"},{"Accuracy":"65","Latitude":"53.27770755361785","Longitude":"-9.011979642121824","Timestamp":"Fri Jul 05 2013 12:02:09 GMT+0100 (IST)"},{"Accuracy":"65","Latitude":"53.27769091555766","Longitude":"-9.012051410095722","Timestamp":"Fri Jul 05 2013 12:02:17 GMT+0100 (IST)"},{"Accuracy":"65","Latitude":"53.27769091555766","Longitude":"-9.012051410095722","Timestamp":"Fri Jul 05 2013 12:02:17 GMT+0100 (IST)"}]}';


        $data_insert=array(
            "data" => json_decode($data_from_server),
            "status" => "success",
            "message" => "Request authorized"
        );  

    }catch (Exception $e){

        http_response_code(401);

        $data_insert=array(
            //"data" => $data_from_server,
            "jwt" => $jwt,
            "status" => "error",
            "message" => $e->getMessage()
        );

    }   
}

echo json_encode($data_insert);
?>
相关问题
最新问题