问题描述
我正在尝试使 JWT 中的令牌无效(或删除),但我无法实现.首先我做了类似这个答案的事情说 Laravel JWT-auth 身份验证的注销问题:
I'm trying to invalidate (or remove) a token from JWT but I can't achieve that. First I did something like this answer says Logout issue with Laravel JWT-auth authentication:
JWTAuth::invalidate(JWTAuth::getToken())):
但我收到此错误:
不应静态调用非静态方法 TymonJWTAuthJWT::invalidate(),假设 $this 来自不兼容的上下文
Non-static method TymonJWTAuthJWT::invalidate() should not be called statically, assuming $this from incompatible context
然后我做了这样的事情:
Then I did something like this:
use IlluminateHttpRequest;
use TymonJWTAuthJWTAuth;
class AuthController extends Controller
{
protected $jwt;
public function __construct(JWTAuth $jwt)
{
$this->jwt = $jwt;
}
public function invalidateToken(Request $request)
{
$this->jwt->parseToken()->invalidate();
return response()->json(array('message' => 'log out'));
}
...
}
但我仍然可以将令牌用于另一个请求,并且无法删除或使其无效.
But I can still use the token for another request and I can't remove or invalidate it.
我做错了什么使令牌无效?
What am I doing wrong to invalidate the token?
我从这里阅读了另一个问题,并在 github 上的 JWT 回购中发布了帖子(这是图书馆我正在使用),我按照所有示例使令牌无效或删除,但我仍然无法删除或使其无效.
I read another questions from here and issues post from the repo of JWT on github (this is the library I'm using) and I followed all the examples to invalidate or remove the token and I can't still remove or invalidate it .
推荐答案
如果您的 .env 文件中的 cache_driver 设置为数组以外的内容,则黑名单功能有效.
The blacklist feature works if cache_driver in your .env file is set to something other than array.
将其更改为文件对我有用.但是,在我的特殊情况下,我也使用了 Entrust,当 cache_driver 设置为文件或数据库时会导致问题.所以,不得不放弃黑名单/无效功能.
Changing it to file worked for me. However, in my particular case, I was using Entrust too, which causes issues when cache_driver is set to file or database. So, had to drop the blacklist/invalidate functionality.
希望这对某人有所帮助.
Hope this helps someone.
这篇关于如何使 JWT 令牌 PHP 无效的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持跟版网!