centos7+laravel7+Passport 帮你快速实现api认证
centos7+laravel7+Passport 帮你快速实现api认证
技术文档如果没断的话可以接上上上一篇的,这一篇是讲laravel7+Passport 实现api认证,环境是上上一篇文章的环境(如果关注过我之前的文章的话)
正常进入流程 官方composer安装 (具体意思可以自行搜索)
composer require laravel/passport
php artisan migrate
php artisan passport:install
1.将 Laravel\Passport\HasApiTokens Trait 添加到 App\User 模型中,这个 Trait 会给你的模型提供一些辅助函数,用于检查已认证用户的令牌和使用范围:
<?php
namespace App;
use Illuminate\Foundation\Auth\User as Authenticatable;
use Illuminate\Notifications\Notifiable;
use Laravel\Passport\HasApiTokens;
class User extends Authenticatable
{
use Notifiable,HasApiTokens;
/**
* The attributes that are mass assignable.
* @var array
*/
protected $fillable = [
'name', 'email', 'password',
];
2.接下来,在 AuthServiceProvider 的 boot 方法中调用 Passport::routes 函数。这个函数会注册发出访问令牌并撤销访问令牌、客户端和个人访问令牌所必需的路由.
修改app/Providers/AuthServiceProvider .php
<?php
namespace App\Providers;
use Illuminate\Foundation\Support\Providers\AuthServiceProvider as ServiceProvider;
use Illuminate\Support\Facades\Gate;
use Laravel\Passport\Passport;
class AuthServiceProvider extends ServiceProvider
{
/**
* The policy mappings for the application.
* @var array
*/
protected $policies = [
// 'App\Model' => 'App\Policies\ModelPolicy',
];
/**
* Register any authentication / authorization services.
* @return void
*/
public function boot()
{
$this->registerPolicies();
//这里加载passport路由 为 颁发访问令牌、撤销访问令牌、客户端以及私人访问令牌 注册必要的路由
Passport::routes();
}
}
3.修改配置文件 config/auth.php 中授权看守器 guards 的 api 的 driver 选项改为 passport。此调整会让你的应用程序在在验证传入的 API 的请求时使用 Passport 的 TokenGuard 来处理
'guards' => [
'web' => [
'driver' => 'session',
'provider' => 'users',
],
'api' => [
//'driver' => 'token',
'driver' => 'passport',
'provider' => 'users',
'hash' => false,
],
],
4.添加路由 route/api.php (测试/注册/登录/查询用户信息 接口)
Route::post('/htz-api', function () {
return 'test123';
});
Route::post('/login', '[email protected]');
Route::post('/register', '[email protected]');
Route::group(['middleware'=>'auth:api'], function () {
Route::post('/details', '[email protected]');
});
5.根据路由创建控制器,添加api方法
<?php
/**htz-api*/
namespace App\Http\Controllers;
use Validator;
use App\User;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
class UserController extends Controller
{
public $Code = 200;
//login
public function login()
{
if(Auth::attempt(['name'=>request('name'),'password'=>request('password')]))
{
$user = Auth::user();
$success['token'] = $user->createToken('MyApp')->accessToken;
return Response()->json(['success'=>$success],$this->Code);
}else{
return Response()->json(['error'=>'Unauthorised'],401);
}
}
/**
* register function
* @param Request $request
* @return void
*/
public function register(Request $request)
{
$validator = Validator::make($request->all(),[
'name' => 'required',
'email' => 'required|email',
'password' => 'required',
'C_password' => 'required|same:password',
]);
if($validator->fails())
{
return Response()->json(['error'=>$validator->errors()],401);
}
// 这里根据自己表结构修改
$input = $request->all();
$input['password'] = bcrypt($input['password']);
$input['remember_token'] = '';
$user = User::create($input);
$success['token'] = $user->createToken('MyApp')->accessToken;
$success['name'] = $user->name;
return Response()->json(['success'=>$success],$this->Code);
}
/**
* get user infomation function
* @return void
*/
public function details()
{
$user = Auth::user();
return response()->json(['success' => $user], $this->Code);
}
}
6.最后测试 我这里用了ApiPost这个软件(有兴趣的自行搜索),它也可以本地测试
注册接口测试 :register
注册成功 表里面已经有了
登录接口测试 :login
查询用户信息接口测试 :details
相关文章