Comments (2)
这问题我也遇到了,.env中定义的是数字,但是程序识别出来就是字符串,所以在配置文件中把所有数字类型的转一下就可以解决这个报错
`<?php
declare(strict_types=1);
/**
-
This file is part of hyperf-ext/jwt
-
@contact [email protected]
-
@license https://github.com/hyperf-ext/jwt/blob/master/LICENSE
*/
return [/* JWT Authentication Secret -------------------------------------------------------------------------- |
| Don't forget to set this in your .env file, as it will be used to sign
| your tokens. A helper command is provided for this:
|php bin/hyperf.php gen:jwt-secret
|
| Note: This will be used for Symmetric algorithms only (HMAC),
| since RSA and ECDSA use a private/public key pair (See below).
|
| Note: This value must be encoded by base64.
|
*/'secret' => env('JWT_SECRET'),
/* JWT Authentication Keys -------------------------------------------------------------------------- |
| The algorithm you are using, will determine whether your tokens are
| signed with a random string (defined inJWT_SECRET
) or using the
| following public and private keys. A helper command is provided for this:
|php bin/hyperf.php gen:jwt-keypair
|
| Symmetric Algorithms:
| HS256, HS384 & HS512 will useJWT_SECRET
.
|
| Asymmetric Algorithms:
| RS256, RS384 & RS512 / ES256, ES384 & ES512 will use the keys below.
|
*/'keys' => [
/*
|--------------------------------------------------------------------------
| Public Key
|--------------------------------------------------------------------------
|
| Your public key content.
|
*/'public' => env('JWT_PUBLIC_KEY'), /* |-------------------------------------------------------------------------- | Private Key |-------------------------------------------------------------------------- | | Your private key content. | */ 'private' => env('JWT_PRIVATE_KEY'), /* |-------------------------------------------------------------------------- | Passphrase |-------------------------------------------------------------------------- | | The passphrase for your private key. Can be null if none set. | | Note: This value must be encoded by base64. | */ 'passphrase' => env('JWT_PASSPHRASE'),
],
/* JWT time to live -------------------------------------------------------------------------- |
| Specify the length of time (in seconds) that the token will be valid for.
| Defaults to 1 hour.
|
| You can also set this to null, to yield a never expiring token.
| Some people may want this behaviour for e.g. a mobile app.
| This is not particularly recommended, so make sure you have appropriate
| systems in place to revoke the token if necessary.
| Notice: If you set this to null you should remove 'exp' element from 'required_claims' list.
|
*/'ttl' => (int) env('JWT_TTL', 3600),
/* Refresh time to live -------------------------------------------------------------------------- |
| Specify the length of time (in seconds) that the token can be refreshed
| within. I.E. The user can refresh their token within a 2 week window of
| the original token being created until they must re-authenticate.
| Defaults to 2 weeks.
|
| You can also set this to null, to yield an infinite refresh time.
| Some may want this instead of never expiring tokens for e.g. a mobile app.
| This is not particularly recommended, so make sure you have appropriate
| systems in place to revoke the token if necessary.
|
*/'refresh_ttl' => (int) env('JWT_REFRESH_TTL', 3600 * 24 * 14),
/* JWT hashing algorithm -------------------------------------------------------------------------- |
| Specify the hashing algorithm that will be used to sign the token.
|
| possible values: HS256, HS384, HS512, RS256, RS384, RS512, ES256, ES384, ES512
|
*/'algo' => env('JWT_ALGO', 'HS512'),
/* Required Claims -------------------------------------------------------------------------- |
| Specify the required claims that must exist in any token.
| A TokenInvalidException will be thrown if any of these claims are not
| present in the payload.
|
*/'required_claims' => [
'iss',
'iat',
'exp',
'nbf',
'sub',
'jti',
],/* Persistent Claims -------------------------------------------------------------------------- |
| Specify the claim keys to be persisted when refreshing a token.
|sub
andiat
will automatically be persisted, in
| addition to the these claims.
|
| Note: If a claim does not exist then it will be ignored.
|
*/'persistent_claims' => [
// 'foo',
// 'bar',
],/* Lock Subject -------------------------------------------------------------------------- |
| This will determine whether aprv
claim is automatically added to
| the token. The purpose of this is to ensure that if you have multiple
| authentication models e.g.App\User
&App\OtherPerson
, then we
| should prevent one authentication request from impersonating another,
| if 2 tokens happen to have the same id across the 2 different models.
|
| Under specific circumstances, you may want to disable this behaviour
| e.g. if you only have one authentication model, then you would save
| a little on token size.
|
*/'lock_subject' => true,
/* Leeway -------------------------------------------------------------------------- |
| This property gives the jwt timestamp claims some "leeway".
| Meaning that if you have any unavoidable slight clock skew on
| any of your servers then this will afford you some level of cushioning.
|
| This applies to the claimsiat
,nbf
andexp
.
|
| Specify in seconds - only if you know you need it.
|
*/'leeway' => (int) env('JWT_LEEWAY', 0),
/* Blacklist Enabled -------------------------------------------------------------------------- |
| In order to invalidate tokens, you must have the blacklist enabled.
| If you do not want or need this functionality, then set this to false.
|
*/'blacklist_enabled' => env('JWT_BLACKLIST_ENABLED', true),
/* Blacklist Grace Period ------------------------------------------------------------------------- |
| When multiple concurrent requests are made with the same JWT,
| it is possible that some of them fail, due to token regeneration
| on every request.
|
| Set grace period in seconds to prevent parallel request failure.
|
*/'blacklist_grace_period' => (int) env('JWT_BLACKLIST_GRACE_PERIOD', 0),
/* Blacklist Storage -------------------------------------------------------------------------- |
| Specify the handler that is used to store tokens in the blacklist.
|
*/'blacklist_storage' => HyperfExt\Jwt\Storage\HyperfCache::class,
];
`
from jwt.
感谢老哥
from jwt.
Related Issues (20)
- $this->auth->guard('api')->checkOrFail();不起作用 HOT 1
- php bin/hyperf.php gen:jwt-keypair 命令执行后选择加密算法时卡住
- 能不能出个demo,怎么使用 HOT 2
- refresh_ttl 设置为 null 会报错 HOT 1
- 关于JWT_BLACKLIST_GRACE_PERIOD和JWT_REFRESH_TTL配置项的问题 HOT 2
- ManagerFactory.php tag可配置 HOT 1
- 疑似内存泄漏问题 HOT 3
- 有支持 hyperf 2.2 + lcobucci/jwt 4.2.* 版本开发计划吗 HOT 2
- 其实你升级后的hyperf都改为2.2了是没必要的 HOT 1
- 关于JWT_SECRET不生效问题
- 看看怎么优化一下 黑名单 黑洞
- hyper2.2中require报错...
- 请问支持动态修改加密密钥吗
- 配置参数 无效
- 使用jwt的token获得用户信息的时候报错 HOT 1
- 在做jwt的decode操作的时候一直在报错,可能是什么原因呢 HOT 6
- 麻烦兼容一下hyperf3.0 HOT 5
- Argument 2 passed to HyperfExt\\Jwt\\Blacklist::__construct() must be of the type int, null given, called in HOT 2
- 3.0的版本能支持一下swow嘛,当前安装必须是swoole的 HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from jwt.