如何使JWT令牌PHP无效 [英] How to invalidate a JWT token PHP

问题描述

我正在尝试使 JWT 中的令牌无效(或删除)，但我无法实现.首先，我做了这样的回答: Laravel JWT-auth身份验证的注销问题:

I'm trying to invalidate (or remove) a token from JWT but I can't achieve that. First I did something like this answer says Logout issue with Laravel JWT-auth authentication:

JWTAuth::invalidate(JWTAuth::getToken())):

但是我得到这个错误:

假定$ this来自不兼容的上下文，则不应静态调用非静态方法Tymon \ JWTAuth \ JWT :: invalidate()

Non-static method Tymon\JWTAuth\JWT::invalidate() should not be called statically, assuming $this from incompatible context

然后我做了这样的事情:

Then I did something like this:

use Illuminate\Http\Request;
use Tymon\JWTAuth\JWTAuth;

class AuthController extends Controller
{
    protected $jwt;

    public function __construct(JWTAuth $jwt)
    {
        $this->jwt = $jwt;
    }

    public function invalidateToken(Request $request)
    {
        $this->jwt->parseToken()->invalidate();

        return response()->json(array('message' => 'log out'));
    }

    ...
}

但是我仍然可以将令牌用于其他请求，并且不能删除或使令牌无效.

But I can still use the token for another request and I can't remove or invalidate it.

我使令牌无效怎么办?

我从这里阅读了另一个问题，并在 github(这是库我正在使用)，并且按照所有示例操作来使令牌无效或删除，而我仍然无法对其进行删除或无效.

I read another questions from here and issues post from the repo of JWT on github (this is the library I'm using) and I followed all the examples to invalidate or remove the token and I can't still remove or invalidate it .

推荐答案

如果.env文件中的cache_driver设置为array以外的其他内容，则黑名单功能将起作用.

The blacklist feature works if cache_driver in your .env file is set to something other than array.

将其更改为文件对我有用.但是，在我的特定情况下，我也使用了Entrust，当将cache_driver设置为文件或数据库时，这会导致问题.因此，必须删除黑名单/无效功能.

Changing it to file worked for me. However, in my particular case, I was using Entrust too, which causes issues when cache_driver is set to file or database. So, had to drop the blacklist/invalidate functionality.

希望这对某人有帮助.

这篇关于如何使JWT令牌PHP无效的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！