PHPackages yangchao/php-jwt - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Authentication & Authorization](/categories/authentication) 4. / 5. yangchao/php-jwt ActiveLibrary[Authentication & Authorization](/categories/authentication) yangchao/php-jwt ================ php-jwt 1.0.3(1y ago)121MITPHP Since Jun 22Pushed 1y ago1 watchersCompare [ Source](https://github.com/1383791317/php-jwt)[ Packagist](https://packagist.org/packages/yangchao/php-jwt)[ RSS](/packages/yangchao-php-jwt/feed)WikiDiscussions main Synced 1mo ago READMEChangelogDependencies (1)Versions (5)Used By (0) yangchao/php-jwt ================ [](#yangchaophp-jwt) 安装 -- [](#安装) ``` composer require yangchao/php-jwt ``` 配置 -- [](#配置) ``` $config = [ 'iss' => 'yangchao/jwt', // 令牌签发者 'signer' => \yangchao\jwt\Config::ALGO_HS256,//加密类型 'nbf' => 5,// 某个时间点后才能访问,单位秒。(如:5 表示当前时间5秒后TOKEN才能使用) 'expires_at' => 5, //过期时间,单位:秒 'refresh_disable' => false,//是否禁用刷新令牌 'refresh_ttl' => 604800,//刷新令牌过期时间,单位:秒 'leeway' => 60, // 容错时间差,单位:秒 'is_single_device' => true, // 是否开启单设备登录 'device_verify' => 'ua', // 单设备验证方式,可选值:ua(User-Agent)、ip(客户端IP)、ip_ua(IP+UA) 'secret_key' => '', //HS256 密钥 'refresh_secret_key' => '',//HS256 刷新密钥 'public_key' => '', //RS256 RSA公钥 'private_key' => '',//RS256 RSA私钥 'refresh_public_key' => '',//RS256 刷新RSA公钥 'refresh_private_key' => '',//RS256 刷新RSA私钥 'black_list'=>[ //黑名单配置 'redis_host' => '120.0.0.1',//黑名单储存 redis主机 'redis_password' => '123456',// redis密码 'redis_port' => 6379,// redis端口 'storage_server'=> XXX::class// 储存服务器类型 ], 'admin' => [ //多应用管理配置 同以上配置,如果不配置,则使用默认配置 'iss' => 'jwt-admin', // 令牌签发者 'secret_key' => '', //HS256 密钥 'refresh_secret_key' => '',//HS256 刷新密钥 'public_key' => '', //RS256 RSA公钥 'private_key' => '',//RS256 RSA私钥 'refresh_public_key' => '',//RS256 刷新RSA公钥 'refresh_private_key' => '',//RS256 刷新RSA私钥 ] ]; ``` ### 配置说明 [](#配置说明) - refresh\_disable 为 true 时,刷新禁用,refresh\_ttl、refresh\_secret\_key、refresh\_public\_key、refresh\_private\_key可以不设置。 - is\_single\_device 为 false 时,不启用单设备登录,device\_verify 可以不设置。 - signer 配置加密类型,为HS256 时,secret\_key 必填,为RS256 时,public\_key、private\_key 必填。 - black\_list 黑名单需要储存服务,这里给出了两个方案,一个使用redis储存需要配置你的redis\_host、redis\_password、redis\_port;另一种为自定义储存类。 自定义储存类需要实现 \\yangchao\\jwt\\StorageInterface 接口,具体实现参考 \\yangchao\\jwt\\Storage\\RedisStorage 类。 使用说明 ---- [](#使用说明) ``` $jwt = new \yangchao\jwt\JWTAuth($config); //创建token $token = $jwt->createToken(['a'=>'b']); //多应用创建token $token = $jwt->store('admin')->createToken(['a'=>'b']); //验证token $claims = $jwt->verifyToken($token) $claims = $jwt->store('admin')->verifyToken($token) //刷新Token 当refresh_disable为false时(不禁用刷新),此处token传值为刷新token $claims = $jwt->refreshToken($token); $claims = $jwt->store('admin')->refreshToken($token); //获取token过期时间 $expiresAt = $jwt->getExpireTime(); $expiresAt = $jwt->store('admin')->getExpireTime(); //获取刷新token过期时间 $refreshExpiresAt = $jwt->getRefreshTtlTime(); $refreshExpiresAt = $jwt->store('admin')->getRefreshTtlTime(); ``` 异常说明 ---- [](#异常说明) - \\yangchao\\jwt\\Exception\\JWTException 所有抛出异常 - \\yangchao\\jwt\\Exception\\JWTExpiredException token过期异常 - \\yangchao\\jwt\\Exception\\JWTServerException 服务器异常(内部处理错误) - \\yangchao\\jwt\\Exception\\JWTConfigException 传入配置错误 - \\yangchao\\jwt\\Exception\\JWTVerifyException token验证异常 ### Health Score 24 — LowBetter than 32% of packages Maintenance32 Infrequent updates — may be unmaintained Popularity8 Limited adoption so far Community7 Small or concentrated contributor base Maturity43 Maturing project, gaining track record Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~4 days Total 4 Last Release 682d ago ### Community Maintainers ![](https://www.gravatar.com/avatar/c7c4bcb6eed91d67d349bb624a74df1c9486075e3f1b7b8019a83f38ede560bc?d=identicon)[1383791317](/maintainers/1383791317) --- Top Contributors [![1383791317](https://avatars.githubusercontent.com/u/32349061?v=4)](https://github.com/1383791317 "1383791317 (9 commits)") ### Embed Badge ![Health badge](/badges/yangchao-php-jwt/health.svg) ``` [![Health](https://phpackages.com/badges/yangchao-php-jwt/health.svg)](https://phpackages.com/packages/yangchao-php-jwt) ``` ### Alternatives [google/auth Google Auth Library for PHP 1.4k272.7M162](/packages/google-auth)[thenetworg/oauth2-azure Azure Active Directory OAuth 2.0 Client Provider for The PHP League OAuth2-Client 2509.6M48](/packages/thenetworg-oauth2-azure)[stevenmaguire/oauth2-keycloak Keycloak OAuth 2.0 Client Provider for The PHP League OAuth2-Client 2275.9M27](/packages/stevenmaguire-oauth2-keycloak)[robsontenorio/laravel-keycloak-guard 🔑 Simple Keycloak Guard for Laravel 5161.1M3](/packages/robsontenorio-laravel-keycloak-guard)[patrickbussmann/oauth2-apple Sign in with Apple OAuth 2.0 Client Provider for The PHP League OAuth2-Client 1132.5M6](/packages/patrickbussmann-oauth2-apple)[wp-graphql/wp-graphql-jwt-authentication JWT Authentication for WPGraphQL 361118.4k1](/packages/wp-graphql-wp-graphql-jwt-authentication) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)