<?php
namespace app\common\Auth;
use \Lcobucci\JWT\Builder;
use \Lcobucci\JWT\Signer\Hmac\Sha256;
use \Lcobucci\JWT\Parser;
use \Lcobucci\JWT\ValidationData;
/**
 * 單例模式
 */
class JWTAuth
{
    private static $instance;
    /**
     * JWT TOKEN
     * @var [type]
     */
    private $token;
    /**
     * 頒發(fā)
     * @var string
     */
    private $iss = 'api.test.com';
    /**
     * 接收
     * @var string
     */
    private $aud = 'app.com';
 
    private $uid;
 
    private $secrect="#$%#$%*&^(*(*(";
 
    private $decodeToken;
 
    public static function getInstance() {
        if(is_null(self::$instance)) {
            self::$instance = new self();
        }
        return self::$instance;
    }
 
    private function __contruct(){
 
    }
 
    private function __clone(){
 
    }
 
    public function encode(){
        $time = time();
        $this->token = (new builder())->setHeader('alg','HS256')
            ->setIssuer($this->iss)
            ->setAudience($this->aud)
            ->setIssuedAt($time) //生效時間
            ->setExpiration($time + 20)//過期時間
            ->set('uid',$this->uid)
            ->sign(new Sha256(), $this->secrect)//加密算法
            ->getToken();
 
            return $this;
    }
 
    public function getToken(){
        return (string)$this->token;
    }
 
    public function setToken($token){
        $this->token = $token;
        return $this;
    }
    /**
     * 用戶信息uid
     * @param [type] $uid [description]
     */
    public function setUid($uid){
        $this->uid = $uid;
        return $this;
    }
 
    public function jsonDecode(){
 
        $token = $this->token;
        $this->decodeToken = (new Parser())->parse((string) $token); 
 
        // echo $this->decodeToken->getClaim('uid');
        return $this->decodeToken;
    }
    /**
     * 驗證令牌是否有效
     * @return [type] [description]
     */
    public function validate(){
 
        $data = new ValidationData();
        $data->setIssuer($this->iss);
        $data->setAudience($this->aud);
        return $this->jsonDecode()->validate($data);
 
    }
    /**
     * 簽名來驗證令牌在生成后是否未被修改
     * @return [type] [description]
     */
    public function verify(){
        $result = $this->jsonDecode()->verify(new Sha256(), $this->secrect);
        return $result;
    }
 
}

<?php
namespace app\index\controller;
use app\common\Auth\JWTAuth;
 
class User{
 
    public function login(){
        
        $jwtAuth = JWTAuth::getInstance();
        $token = $jwtAuth->setUid(1)->encode()->getToken();
        echo $token;
        // var_dump(success_json_data(['token'=>$token]));
    }
 
    public function check_login(){
        $jwtAuth = JWTAuth::getInstance();
        $jwtAuth->setToken('eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJhcGkudGVzdC5jb20iLCJhdWQiOiJhcHAuY29tIiwiaWF0IjoxNTU2MDk1MDI5LCJleHAiOjE1NTYwOTUwNDksInVpZCI6MX0.oi4rLbQFNZUJsW4fVHWiOQxfEmomuvldAV-gFKl2V74');
 
        if($jwtAuth->validate() && $jwtAuth->verify()){
            echo '驗證成功';
        }else{
            echo '登錄過期';
        }
 
    }
}