我正在使用 laravel sanctum 进行测试,但这里有一些问题.. 我正在创建管理员守卫。
当我将中间件更改为 auth:sanctum_admin.. 它应该只能由管理员访问,但在这里我可以使用普通用户帐户和 web Guard 访问。我不知道为什么?...我使用带有多重身份验证包的护照。没关系。但是这里的圣所不能是单独的用户表和管理员。
【问题讨论】:
'守卫' => [
'web' => [
'driver' => 'session',
'provider' => 'users',
],
'custom-guard' => [
'driver' => 'session',
'provider' => 'custom-provider',
]
],
小心,custom guard 中的 driver 必须是 session。 并将提供者设置为:
'providers' => [
'users' => [
'driver' => 'eloquent',
'model' => App\User::class,
],
'custom-provider' => [
'driver' => 'eloquent',
'model' => App\CustomProvider::class,
],
], App\CustomProvider::class 必须是模型。 之后可以轻松地在身份验证中使用防护。
auth('custom-guard')->user()
【讨论】:
config/auth.php
司机是圣所
'guards' => [
'users' => [
'driver' => 'sanctum',
'provider' => 'users',
],
'partners' => [
'driver' => 'sanctum',
'provider' => 'partners',
],
'admins' => [
'driver' => 'sanctum',
'provider' => 'admins',
],
],
提供者:
providers' => [
'users' => [
'driver' => 'eloquent',
'model' => App\Models\User::class,
],
'partners' => [
'driver' => 'eloquent',
'model' => App\Models\Partner::class,
],
'admins' => [
'driver' => 'eloquent',
'model' => App\Models\Admin::class,
],
],
型号:
必须添加可验证
<?php
namespace App\Models;
use Illuminate\Contracts\Auth\MustVerifyEmail;
use Illuminate\Database\Eloquent\Factories\HasFactory;
use Illuminate\Foundation\Auth\User as Authenticatable;
use Illuminate\Notifications\Notifiable;
class Admin extends Authenticatable
{
use HasFactory, Notifiable;
/**
* The attributes that are mass assignable.
*
* @var array
*/
protected $fillable = [
'name',
'email',
'password',
];
/**
* The attributes that should be hidden for arrays.
*
* @var array
*/
protected $hidden = [
'password',
'remember_token',
];
/**
* The attributes that should be cast to native types.
*
* @var array
*/
protected $casts = [
'email_verified_at' => 'datetime',
];
}
中间件:
Route::middleware(['auth:admin'])->get('/user', function(){
}
后卫:
auth()->guard('admin')->user();
未经身份验证的用户消息:
在 app/Exceptions/Handler.php 中
use Illuminate\Auth\AuthenticationException;
功能:
protected function unauthenticated($request, AuthenticationException $exception)
{
return response()->json(['message' => 'Unauthenticated.'], 401);
}
或
自定义保护和自定义重定向
public function render($request, Exception $exception)
{
$class = get_class($exception);
switch($class) {
case 'Illuminate\Auth\AuthenticationException':
$guard = array_get($exception->guards(), 0);
switch ($guard) {
case 'admin':
$login = 'admin.login';
break;
default:
$login = 'login';
break;
}
return redirect()->route($login);
}
return parent::render($request, $exception);
}
【讨论】:
@Abhishek Mitra
对于Multiple Auth Guard的情况下使用Laravel Sanctum进行授权,我们可以使用中间件
Route::middleware(['auth:guard_name'])->get('/user', function(){
return auth()->guard('guard_name')->user();
}
【讨论】:
你可以,也可以在圣所中使用多个守卫。为此,请按照以下步骤操作 -
config/auth.php)'guards' => [
'web' => [
'driver' => 'session',
'provider' => 'users',
],
'api' => [
'driver' => 'token',
'provider' => 'users',
'hash' => false,
],
'admin' => [
'driver' => 'session',
'provider' => 'admins',
]
],
config/auth.php)'providers' => [
'users' => [
'driver' => 'eloquent',
'model' => App\User::class,
],
'admins' => [
'driver' => 'eloquent',
'model' => App\Admin::class,
],
],
if(auth()->guard('admin')->attempt($request->only('email','password')))
{
return auth()->guard('admin')->user();
}
【讨论】:
我认为默认的守卫应该是这样的:
'defaults'{
'guard' : "sanctum_admin",
'passwords': 'admins',
}
或者
'defaults'{
'guard' : 'web',
'passwords' : 'users',
}
【讨论】: