【问题标题】:Laravel API Authentication - Passport TokenLaravel API 身份验证 - 护照令牌
【发布时间】:2019-05-21 12:43:51
【问题描述】:

我正在使用 Laravel 构建一个 API。我使用 Passport 进行身份验证和安全性:https://laravel.com/docs/5.7/passport

我遵循了文档中的所有步骤。我正在使用几个通过身份验证的配置文件,我遇到了一个问题,中间件使用的令牌可以应用于其他中间件。

在我的 config/auth.php 文件中是这样的:

'guards' => [
    'web' => [
        'driver' => 'session',
        'provider' => 'users',
    ],

    'user' => [
        'driver' => 'passport',
        'provider' => 'users',
    ],

    'producer' => [
        'driver' => 'passport',
        'provider' => 'producers',
    ],

    'coordinator' => [
        'driver' => 'passport',
        'provider' => 'coordinators',
    ],
],



'providers' => [
    'users' => [
        'driver' => 'eloquent',
        'model' => App\User::class,
    ],

    'producers' => [
        'driver' => 'eloquent',
        'model' => App\Producer::class,
     ],

     'coordinators' => [
        'driver' => 'eloquent',
        'model' => App\Coordinator::class,
     ],
],

Coordinator 模型如下所示:

class Coordinator extends Authenticatable{

use HasApiTokens, Notifiable;

protected $table = 'coordinators';
protected $guard = 'coordinator';

protected $fillable = [
    'coordinator_name', 'email', 'password', 'cpf_cnpj', 'phone'
];

protected $hidden = [
    'password',
];

public function events(){
    return $this->belongsToMany('App\Event')->using('App\EventCoordinator');
}}

Model Producer 看起来像这样:

class Producer extends Authenticatable{
use HasApiTokens, Notifiable;

protected $guard = 'producer';

protected $fillable = [
    'name', 'email', 'password', 'cpf_cnpj', 'phone', 'street', 'neighborhood', 'city', 'state', 'number', 'zipcode', 'complement'
];

protected $table = 'producers';

protected $hidden = [
    'password',
];

public function events(){
    return $this->hasMany('App\Event');
}}

在路由上我使用的是 auth.php 中设置的中间件

Route::middleware('auth:producer')->group(function() {
    Route::get('events', 'ProducerController@events');
});

Route::middleware('auth:coordinator')->group(function() {
    Route::get('events', 'CoordinatorController@events');
});

最后,CoordinatorController 中的 events 方法如下所示:

public function events(){
    try{
        if(Auth::guard('coordinator')->check()){
            $events = Auth::user()->events;

            return response()->json(['events' => $events], 200);
        }else{
            return response()->json(['error' => ['message' => 'Usuário não autenticado.']], 421);
        }         
    }catch(\Exception $err){
        return response()->json(['error' => ['code' => $err->getCode(), 'message' => $err->getMessage()]], 400);
    }
}

在ProducerController中:

public function events(){
    try{
        try{
        if(Auth::guard('producer')->check()){
            $events = Auth::user()->events;

            return response()->json(['events' => $events], 200);
        }else{
            return response()->json(['error' => ['message' => 'Usuário não autenticado.']], 421);
        } 
    }catch(\Exception $err){
        return response()->json(['error' => ['code' => $err->getCode(), 'message' => $err->getMessage()]], 400);
    }
}

我正在使用 Postman 进行测试,当我使用 Producer 令牌访问 Coordinator 方法时,即使在路由中使用不同的中间件,它也可以工作。任何人都可以帮忙吗?缺少什么?

【问题讨论】:

    标签: php laravel


    【解决方案1】:

    据我所知,护照不支持MultiAuth

    您可以为 laravel 使用广泛可用的 3rd 方多身份验证支持,例如 package

    【讨论】:

      猜你喜欢
      • 2013-06-28
      • 1970-01-01
      • 2019-06-14
      • 1970-01-01
      • 1970-01-01
      • 2017-10-28
      • 1970-01-01
      • 1970-01-01
      • 2018-06-16
      相关资源
      最近更新 更多