我们借助一个 composer 库
composer require firebase/php-jwt
<?php
require_once __DIR__ . '/../vendor/autoload.php';
use Firebase\JWT\JWT;
$key = 'abc';//app key
$payload = [
'iss' => 'http://example.org',
'aud' => 'http://example.com',
'iat' => 1356999524,
'nbf' => 1357000000
];
$token = JWT::encode($payload, $key, 'HS256');
echo $token.PHP_EOL;
上一步生成了token,前端拿到后,在访问需要鉴权的接口时,通过header传给后端,类似这样
Authorization: Bearer <token>
<?php
require_once __DIR__ . '/../vendor/autoload.php';
use Firebase\JWT\JWT;
use Firebase\JWT\Key;
$key = 'abc';//app key
$token = '前端传过来的token'
$decoded = JWT::decode($token, new Key($key, 'HS256'));
print_r($decoded);