Sanctum SPA 认证【备用】
发布配置、执行迁移
php artisan vendor:publish --provider="Laravel\Sanctum\SanctumServiceProvider"
php artisan migrate
配置 Sanctum
更新 app/Http/Kernel.php 以将 Sanctum 中间件添加到 API 中间件组。
取消注释
'api' => [
\Laravel\Sanctum\Http\Middleware\EnsureFrontendRequestsAreStateful::class,
'throttle:60,1',
\Illuminate\Routing\Middleware\SubstituteBindings::class,
],
控制器
php artisan make:controller UserController
<?php
namespace App\Http\Controllers;
use App\Models\User;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\Hash;
class UserController extends Controller
{
public function register(Request $request)
{
$user = $this->create($request->all());
$this->guard()->login($user);
return response($user, 201);
}
/**
* 有效注册后创建新的用户实例
*
* @param array $inputs
* @return User
*/
protected function create(array $inputs): User
{
return User::create([
'name' => $inputs['name'],
'email' => $inputs['email'],
'password' => Hash::make($inputs['password']),
]);
}
protected function guard()
{
return Auth::guard();
}
public function login(Request $request)
{
$credentials = $request->only('email', 'password');
if (Auth::attempt($credentials)) {
$user = auth()->user();
$token = $user->createToken('')->plainTextToken;
$response = array_merge($user->toArray(), [
'access_token' => $token,
'token_type' => 'bearer',
]);
return response($response);
} else {
return response()->json(['message' => 'Invalid email or password'], 422);
}
}
public function logout()
{
Auth::logout();
return response()->json(['message' => 'Logged Out'], 200);
}
}
路由
Route::middleware('auth:sanctum')->get('/user', function (Request $request) {
return $request->user();
});
Route::post('/login', 'UserController@login');
Route::post('/register', 'UserController@register');
Route::post('/logout', 'UserController@logout');
测试
php artisan tinker
factory(App\User::class)->create(['email'=>'bill@gmail.com','name'=>'Bill', 'password'=> bcrypt('bill')]);
exit (to leave tinker)