PHPackages                             topphp/topphp-jwt - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [Authentication &amp; Authorization](/categories/authentication)
4. /
5. topphp/topphp-jwt

ActiveLibrary[Authentication &amp; Authorization](/categories/authentication)

topphp/topphp-jwt
=================

单点登录jwt工具

v1.0.3(5y ago)054MITPHPPHP &gt;=7.0

Since May 6Pushed 5y ago1 watchersCompare

[ Source](https://github.com/topphp/topphp-jwt)[ Packagist](https://packagist.org/packages/topphp/topphp-jwt)[ RSS](/packages/topphp-topphp-jwt/feed)WikiDiscussions master Synced 3w ago

READMEChangelog (4)Dependencies (3)Versions (5)Used By (0)

topphp-jwt
==========

[](#topphp-jwt)

[![Latest Version on Packagist](https://camo.githubusercontent.com/0ba26b05aa024bf027d74cf18d8024b6814bc0b2912cad3393641a7fe4767a9c/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f762f746f707068702f746f707068702d6a77742e7376673f7374796c653d666c61742d737175617265)](https://packagist.org/packages/topphp/topphp-jwt)[![Software License](https://camo.githubusercontent.com/55c0218c8f8009f06ad4ddae837ddd05301481fcf0dff8e0ed9dadda8780713e/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f6c6963656e73652d4d49542d627269676874677265656e2e7376673f7374796c653d666c61742d737175617265)](LICENSE.md)[![Total Downloads](https://camo.githubusercontent.com/d13379bd9adf3baec430454502c99ecd8d1d85e7126bee4af08413f3418dcbcd/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f64742f746f707068702f746f707068702d6a77742e7376673f7374796c653d666c61742d737175617265)](https://packagist.org/packages/topphp/topphp-jwt)

> 这是一个JWT工具，Json Web Token 跨语言支持的无状态web数据传输标准。常应用于登录验证。

包含方法
----

[](#包含方法)

- JwtHelper::handler();// 返回原始JWT对象句柄
- JwtHelper::generateToken($id,$data,$expTime,$fromUrl,$toUrl);// 生成Token（支持设置过期时间与设置-1永久不过期以及校验签发者URL与接受者URL）
- JwtHelper::generateRefreshToken($id,$data,$fromUrl,$toUrl);// 生成带有refreshToken的Token集合
- JwtHelper::verifyToken($token,$isAll,$allowUrl);// 验证Token，支持返回原始全部JWT数据与校验签发者URL
- JwtHelper::refreshToken($refreshToken,$data);// 根据refreshToken刷新Token，支持更新data中的数据
- JwtHelper::refreshAllToken($refreshToken,$data);// 根据refreshToken刷新Token，返回值包含新的refreshToken，支持更新data中的数据

组件结构
----

[](#组件结构)

```
config/
src/
tests/
vendor/

```

安装
--

[](#安装)

```
    composer require topphp/topphp-jwt
```

用法
--

[](#用法)

```
    #命名空间引用（建议直接使用助手类）：
        use Topphp\TopphpJwt\JWT2;
        use Topphp\TopphpJwt\JwtHelper;
    #调用方式有两种：
        #1、通过原始JWT单例调用
            JWT2::getInstance()->setJti(10001)->setData(["test"=>"中文"])->createToken();
        #2、通过助手类直接调用
            JwtHelper::handler()->setJti(10001)->setData(["test"=>"中文"])->createToken();
        #3、助手类直接提供优化过的完善的快捷方法【推荐】
            JwtHelper::generateToken(10001, ["test"=>"中文"], time() + 7200);

    #注意事项：
       # 1、默认建议使用HMAC方式进行签名加密，如果对于数据加密需求比较高，提供RSA方式签名加密，只需要修改配置use_rsa为true
       # 2、使用RSA签名，配置文件topphpJwt中公私钥地址如果为空，默认获取根目录下 pem 中的公钥地址，可结合topphp-rsa组件创建公私钥
       # 3、默认的助手类已经提供了大部分常用场景所需的方法，更多用法可以参看单元测试文件和对应的官方文档

    #使用示例一：
        // 当前签发的JWT的唯一标识（例如：用户uid）
        $id  = 1;
        // 当前签发的JWT附带的额外数据（例如：用户信息）
        $data = [
            "uid"      => 1,
            "username" => "张三"
        ];
        // 当前JWT有效期，时间戳格式
        $expTime = time() + 7200;

        // 生成token
      /** @param int $id jwt唯一标识（如用户UID）
        * @param array $data 【可选】附加数据（如用户信息）
        * @param string $expTime 【可选】设置过期时间（时间戳）不传默认 1 小时，传 -1 为永不过期
        * @param string $fromUrl 【可选】签发者URL
        * @param string $toUrl 【可选】接收者URL
        */
        $token   = JwtHelper::generateToken($id, $data, $expTime);
        // token = eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiIsImp0aSI6IjEifQ.eyJpc3MiOiJodHRwOlwvXC9kb21haW4xLmNvbSIsImp0aSI6IjEiLCJpYXQiOjE1ODMyNDAzMTMsIm5iZiI6MTU4MzI0MDMxMywiZXhwIjoxNTgzMjQ3NTEzLCJkYXRhIjoie1widWlkXCI6MSxcInVzZXJuYW1lXCI6XCJcdTVmMjBcdTRlMDlcIn0ifQ.TO-4staZCPwUi7qJp9Z7iDoj7LDmVME8Z-AHrPAag2M

        // 验证token
      /**
        * @param string $token
        * @param bool $isAll 【可选】是否验证成功返回全部数据
        * @param string $allowUrl 【可选】准许的签发者url
        */
        $res = JwtHelper::verifyToken((string)$token);
        // 验证通过会返回如下数据，不通过返回false
        /**
        array(4) {
          ["id"]=>
          string(1) "1"
          ["create_time"]=>
          string(19) "2020-03-03 21:05:05"
          ["expire_time"]=>
          string(19) "2020-03-03 22:05:05"
          ["data"]=>
          array(2) {
            ["uid"]=>
            int(1)
            ["username"]=>
            string(6) "张三"
          }
        }
        */
    // 使用示例二：
        $uid  = 1;
        $data = [
            "uid"      => 1,
            "username" => "张三"
        ];
        // $expTime = -1;// generateToken 方法允许设置永久不过期
        $expTime = time() + 7200;// generateToken 方法允许设置指定的过期时间
        // 生成token
        $token   = JwtHelper::generateToken($uid, $data, $expTime, "http://domain1.com");
        // 验证token
        $res     = JwtHelper::verifyToken((string)$token, false, "http://domain2.com");
        // 签发JWT时声明签发者自己的url（domain1），对方接收到JWT后按照约定的（domain2）验证，发现不符合匹配要求，返回false

```

修改日志
----

[](#修改日志)

有关最近更改的内容的详细信息，请参阅更改日志（[CHANGELOG](CHANGELOG.md)）。

测试
--

[](#测试)

```
    ./vendor/bin/phpunit tests/JwtTest.php
```

贡献
--

[](#贡献)

详情请参阅贡献（[CONTRIBUTING](CONTRIBUTING.md)）和行为准则（[CODE\_OF\_CONDUCT](CODE_OF_CONDUCT.md)）。

安全
--

[](#安全)

如果您发现任何与安全相关的问题，请发送电子邮件至，而不要使用问题跟踪器。

信用
--

[](#信用)

- [topphp](https://github.com/topphp)
- [All Contributors](https://github.com/topphp/topphp-jwt/contributors)

许可证
---

[](#许可证)

The MIT License (MIT). Please see [License File](LICENSE.md) for more information.

###  Health Score

25

—

LowBetter than 35% of packages

Maintenance20

Infrequent updates — may be unmaintained

Popularity8

Limited adoption so far

Community9

Small or concentrated contributor base

Maturity54

Maturing project, gaining track record

 Bus Factor1

Top contributor holds 71.4% of commits — single point of failure

How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window.

**Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores.

**Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement.

**Maturity (30%)** — Project age, version count, PHP version support, and release stability.

###  Release Activity

Cadence

Every ~20 days

Total

4

Last Release

2188d ago

PHP version history (2 changes)v1.0.0PHP ~7.2

v1.0.3PHP &gt;=7.0

### Community

Maintainers

![](https://www.gravatar.com/avatar/3774ddafd6cc1dbff3db41386611fac2236c095e12c9e99f1717da35ad792087?d=identicon)[topphp](/maintainers/topphp)

---

Top Contributors

[![344147805](https://avatars.githubusercontent.com/u/26813709?v=4)](https://github.com/344147805 "344147805 (15 commits)")[![go-sleep](https://avatars.githubusercontent.com/u/100214298?v=4)](https://github.com/go-sleep "go-sleep (6 commits)")

###  Code Quality

Code StylePHP\_CodeSniffer

### Embed Badge

![Health badge](/badges/topphp-topphp-jwt/health.svg)

```
[![Health](https://phpackages.com/badges/topphp-topphp-jwt/health.svg)](https://phpackages.com/packages/topphp-topphp-jwt)
```

###  Alternatives

[tymon/jwt-auth

JSON Web Token Authentication for Laravel and Lumen

11.7k51.8M371](/packages/tymon-jwt-auth)[league/oauth2-server

A lightweight and powerful OAuth 2.0 authorization and resource server library with support for all the core specification grants. This library will allow you to secure your API with OAuth and allow your applications users to approve apps that want to access their data from your API.

6.7k147.0M290](/packages/league-oauth2-server)[php-open-source-saver/jwt-auth

JSON Web Token Authentication for Laravel and Lumen

84611.1M63](/packages/php-open-source-saver-jwt-auth)[scheb/2fa

Two-factor authentication for Symfony applications (please use scheb/2fa-bundle to install)

585684.2k1](/packages/scheb-2fa)[jeremy379/laravel-openid-connect

OpenID Connect support to the PHP League's OAuth2 Server. Compatible with Laravel Passport.

59437.0k9](/packages/jeremy379-laravel-openid-connect)[scheb/2fa-trusted-device

Extends scheb/2fa-bundle with trusted devices support

365.8M34](/packages/scheb-2fa-trusted-device)

PHPackages © 2026

[Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)
