使用 JWT Laravel 5 进行身份验证,无需密码

2022-01-10 00:00:00 jwt authentication angularjs php

我正在尝试学习 Laravel,我的目标是能够构建一个 RESTful API(不使用视图或刀片,只有 JSON 结果.稍后,AngularJS 网络应用程序和 Cordova 混合移动应用程序将使用此 API.

I'm trying to learn Laravel and my goal is to be able to build a RESTful API (no use of views or blade, only JSON results. Later, an AngularJS web app and a Cordova hybrid mobile app will consume this api.

经过一些研究,我倾向于选择 JWT-Auth 库以获得完全无状态的好处.我的问题是:我有两种主要类型的用户:客户和版主.客户不需要密码.我需要能够生成一个令牌,以便仅使用提供的电子邮件进行访问.如果该电子邮件存在于数据库中并且属于客户,它将生成并返回令牌.如果它存在并且属于版主,它将返回 false 以便接口可以请求密码.如果电子邮件不存在,则会引发无效参数错误.

After some research, I'm inclining to choose JWT-Auth library for completely stateless benefit. My problem is: I have 2 main types of users: customers and moderators. Customers are not required to have a password. I need to be able to generate a token for access with the provided email only. If that email exists in the database and it belongs to a customer, it will generate and return the token. If it exists and belongs to a moderator, it will return false so the interface can request a password. If the email doesn't exist, it throws an invalid parameter error.

我在 这里阅读了文档,它说可以使用自定义声明.但是文档没有解释什么是声明以及作为自定义声明传递的数组的含义.我想要一些关于如何实现我上面解释的内容的意见.

I read the docs here and it says it's possible to use Custom Claims. But the docs doesn't explain what are claims and what it means the array being passed as custom claims. I'd like some input on how to go about achieving what I explain above.

    <?php

namespace AppHttpControllers;

use IlluminateHttpRequest;

use AppHttpRequests;
use AppHttpControllersController;
use JWTAuth;
use TymonJWTAuthExceptionsJWTException;


class AuthenticateController extends Controller
{

    public function authenticate(Request $request)
    {
        $credentials = $request->only('email', 'password');

        try {
            // verify the credentials and create a token for the user
            if (! $token = JWTAuth::attempt($credentials)) {
                return response()->json(['error' => 'invalid_credentials'], 401);
            }
        } catch (JWTException $e) {
            // something went wrong
            return response()->json(['error' => 'could_not_create_token'], 500);
        }

        // if no errors are encountered we can return a JWT
        return response()->json(compact('token'));
    }
}

谢谢.

赏金代码

public function authenticate(Request $request) { 
    $email = $request->input('email');
    $user = User::where('email', '=', $email)->first();
    try { 
        // verify the credentials and create a token for the user
        if (! $token = JWTAuth::fromUser($user)) { 
            return response()->json(['error' => 'invalid_credentials'], 401);
        } 
    } catch (JWTException $e) { 
        // something went wrong 
        return response()->json(['error' => 'could_not_create_token'], 500); 
    } 
    // if no errors are encountered we can return a JWT 
    return response()->json(compact('token')); 
}

推荐答案

试试这个:

$user=User::where('email','=','user2@gmail.com')->first();

if (!$userToken=JWTAuth::fromUser($user)) {
            return response()->json(['error' => 'invalid_credentials'], 401);
        }

return response()->json(compact('userToken'));

对我有用,希望能帮到你

it works for me, hope can help

相关文章