如何使JWT令牌PHP无效 [英] How to invalidate a JWT token PHP
问题描述
我正在尝试使 JWT
中的令牌无效(或删除),但我无法实现.首先,我做了这样的回答: Laravel JWT-auth身份验证的注销问题:
I'm trying to invalidate (or remove) a token from JWT
but I can't achieve that. First I did something like this answer says Logout issue with Laravel JWT-auth authentication:
JWTAuth::invalidate(JWTAuth::getToken())):
但是我得到这个错误:
假定$ this来自不兼容的上下文,则不应静态调用非静态方法Tymon \ JWTAuth \ JWT :: invalidate()
Non-static method Tymon\JWTAuth\JWT::invalidate() should not be called statically, assuming $this from incompatible context
然后我做了这样的事情:
Then I did something like this:
use Illuminate\Http\Request;
use Tymon\JWTAuth\JWTAuth;
class AuthController extends Controller
{
protected $jwt;
public function __construct(JWTAuth $jwt)
{
$this->jwt = $jwt;
}
public function invalidateToken(Request $request)
{
$this->jwt->parseToken()->invalidate();
return response()->json(array('message' => 'log out'));
}
...
}
但是我仍然可以将令牌用于其他请求,并且不能删除或使令牌无效.
But I can still use the token for another request and I can't remove or invalidate it.
我使令牌无效怎么办?
我从这里阅读了另一个问题,并在 github(这是库我正在使用),并且按照所有示例操作来使令牌无效或删除,而我仍然无法对其进行删除或无效.
I read another questions from here and issues post from the repo of JWT on github (this is the library I'm using) and I followed all the examples to invalidate or remove the token and I can't still remove or invalidate it .
推荐答案
如果.env文件中的cache_driver设置为array以外的其他内容,则黑名单功能将起作用.
The blacklist feature works if cache_driver in your .env file is set to something other than array.
将其更改为文件对我有用.但是,在我的特定情况下,我也使用了Entrust,当将cache_driver设置为文件或数据库时,这会导致问题.因此,必须删除黑名单/无效功能.
Changing it to file worked for me. However, in my particular case, I was using Entrust too, which causes issues when cache_driver is set to file or database. So, had to drop the blacklist/invalidate functionality.
希望这对某人有帮助.
这篇关于如何使JWT令牌PHP无效的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!