如何在 codeigniter 4 上获得 Header 授权?

How to get Header Authorization on code igniter 4?

我使用 code igniter 4 和 JWT 创建了 restful api。登录 API 工作正常并生成了身份验证令牌。但是我无法使用令牌获取登录详细信息,它在尝试获取授权令牌时显示错误(空值)。

public function details(){
        $key        = $this->getKey();
        $authHeader = $this->request->getHeader("Authorization"); //return null
        $authHeader = $authHeader->getValue(); //line 149 error, caused $authHeader is null
        $token      = $authHeader;
        // $token = "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJUaGVfY2xhaW0iLCJhdWQiOiJUaGVfQXVkIiwiaWF0IjoxNjQxNTQ0MTQzLCJuYmYiOjE2NDE1NDQxNTMsImV4cCI6MTY0MTU0Nzc0MywiZGF0YSI6eyJpZCI6IjkiLCJhY2NvdW50X2lkIjoiY2ljY2NjIiwibmFtZSI6ImNvZGUgaWduaXRlciJ9fQ.TI3zztWxIYZxoa_vhTB04YoGMaq4GdD4bxzmrt8QAH0";

        try{
            $decoded = JWT::decode($token,$key,array("HS256"));

            if($decoded){
                $response = [
                    'status'    => 200,
                    'error'     => false,
                    'message'   => 'Account details',
                    'data'      => [
                        'account'   => $decoded
                    ]
                ];
                return $this->respondCreated($response);
            }
        }catch(Exception $ex){
            $response = [
                'status'    => 401,
                'error'     => true,
                'message'   =>'Access denied',
                'data'      => []
            ];
            return $this->respondCreated($response);
        }
    }

邮递员的结果

{
    "title": "Error",
    "type": "Error",
    "code": 500,
    "message": "Call to a member function getValue() on null",
    "file": "/var/www/html/project-root/app/Controllers/Account.php",
    "line": 149,
    "trace": [
        {
            "file": "/var/www/html/project-root/vendor/codeigniter4/framework/system/CodeIgniter.php",
            "line": 825,
            "function": "details",
            "class": "App\Controllers\Account",
            "type": "->",
            "args": []
        },
        {
            "file": "/var/www/html/project-root/vendor/codeigniter4/framework/system/CodeIgniter.php",
            "line": 412,
            "function": "runController",
            "class": "CodeIgniter\CodeIgniter",
            "type": "->",
            "args": [
                {}
            ]
        },
        {
            "file": "/var/www/html/project-root/vendor/codeigniter4/framework/system/CodeIgniter.php",
            "line": 320,
            "function": "handleRequest",
            "class": "CodeIgniter\CodeIgniter",
            "type": "->",
            "args": [
                null,
                {
                    "handler": "file",
                    "backupHandler": "dummy",
                    "storePath": "/var/www/html/project-root/writable/cache/",
                    "cacheQueryString": false,
                    "prefix": "",
                    "ttl": 60,
                    "reservedCharacters": "{}()/\@:",
                    "file": {
                        "storePath": "/var/www/html/project-root/writable/cache/",
                        "mode": 416
                    },
                    "memcached": {
                        "host": "127.0.0.1",
                        "port": 11211,
                        "weight": 1,
                        "raw": false
                    },
                    "redis": {
                        "host": "127.0.0.1",
                        "password": null,
                        "port": 6379,
                        "timeout": 0,
                        "database": 0
                    },
                    "validHandlers": {
                        "dummy": "CodeIgniter\Cache\Handlers\DummyHandler",
                        "file": "CodeIgniter\Cache\Handlers\FileHandler",
                        "memcached": "CodeIgniter\Cache\Handlers\MemcachedHandler",
                        "predis": "CodeIgniter\Cache\Handlers\PredisHandler",
                        "redis": "CodeIgniter\Cache\Handlers\RedisHandler",
                        "wincache": "CodeIgniter\Cache\Handlers\WincacheHandler"
                    }
                },
                false
            ]
        },
        {
            "file": "/var/www/html/project-root/public/index.php",
            "line": 35,
            "function": "run",
            "class": "CodeIgniter\CodeIgniter",
            "type": "->",
            "args": []
        }
    ]
}

邮递员截图

如果我对令牌进行硬编码,我可以获得登录详细信息。为什么这一行 $authHeader = $this->request->getHeader("Authorization"); return 为空?

.htaccess

RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.php/ [L]
SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=
RewriteCond %{HTTP:Authorization} ^(.*)
RewriteRule .* - [e=HTTP_AUTHORIZATION:%1]

将此添加到您的 .htaccess 文件

RewriteEngine On    
RewriteCond %{HTTP:Authorization} ^(.*)
RewriteRule .* - [e=HTTP_AUTHORIZATION:%1]

然后像这样得到header

$this->request->getServer('HTTP_AUTHORIZATION')

更新

我注意到您没有使用 Authorization 选项卡,而是手动设置 header。如果您手动设置授权 header,请确保值字段以 Bearer 开头,例如

Bearer eyJ....

或者简单地使用授权选项卡和 select Bearer Token

以下是我为 header.

获取授权令牌的方式

在public/.htaccess 文件中我有如下配置:

# Disable directory browsing
Options All -Indexes

# ----------------------------------------------------------------------
# Rewrite engine
# ----------------------------------------------------------------------

# Turning on the rewrite engine is necessary for the following rules and features.
# FollowSymLinks must be enabled for this to work.
<IfModule mod_rewrite.c>
    Options +FollowSymlinks
    RewriteEngine On

    # If you installed CodeIgniter in a subfolder, you will need to
    # change the following line to match the subfolder you need.
    # http://httpd.apache.org/docs/current/mod/mod_rewrite.html#rewritebase
    # RewriteBase /

    # Redirect Trailing Slashes...
    RewriteCond %{REQUEST_FILENAME} !-d
        RewriteRule ^(.*)/$ / [L,R=301]

    # Rewrite "www.example.com -> example.com"
    RewriteCond %{HTTPS} !=on
    RewriteCond %{HTTP_HOST} ^www\.(.+)$ [NC]
    RewriteRule ^ http://%1%{REQUEST_URI} [R=301,L]

    # Checks to see if the user is attempting to access a valid file,
    # such as an image or css document, if this isn't true it sends the
    # request to the front controller, index.php
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteRule ^(.*)$ index.php?/ [L]

    # Ensure Authorization header is passed along
    RewriteCond %{HTTP:Authorization} .
    RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
</IfModule>

<IfModule !mod_rewrite.c>
    # If we don't have mod_rewrite installed, all 404's
    # can be sent to index.php, and everything works as normal.
    ErrorDocument 404 index.php
</IfModule>

# Disable server signature start
    ServerSignature Off
# Disable server signature end

并且在控制器中 apache_request_headers() 包装器用于获取 header。

$authorization = apache_request_headers()["Authorization"];

虽然这只适用于 Apache 服务器。