Laravel 简单开发指南 本书未发布
3.2. OAuth2 个人令牌模式认证
安装
我们使用laravel官方推荐的 Passport 进行 OAuth2 个人令牌模式认证:
$ composer require laravel/passport运行迁移:
$ php artisan migrate接下来让我们创建密钥:
$ php artisan passport:install相关配置
<?php
namespace App\Models;
use Illuminate\Contracts\Auth\MustVerifyEmail;
use Illuminate\Foundation\Auth\User as Authenticatable;
use Illuminate\Notifications\Notifiable;
use Laravel\Passport\HasApiTokens;
class User extends Authenticatable
{
use Notifiable,HasApiTokens;
.
.接下来,你应该在 AuthServiceProvider 中的 boot 方法中调用 Passport::routes 方法。这个方法会注册必要的路由去颁发访问令牌,撤销访问令牌,客户端和个人令牌:
<?php
namespace App\Providers;
use Illuminate\Foundation\Support\Providers\AuthServiceProvider as ServiceProvider;
use Illuminate\Support\Facades\Gate;
use Laravel\Passport\Passport;
class AuthServiceProvider extends ServiceProvider
{
/**
* The policy mappings for the application.
*
* @var array
*/
protected $policies = [
// 'App\Model' => 'App\Policies\ModelPolicy',
];
/**
* Register any authentication / authorization services.
*
* @return void
*/
public function boot()
{
$this->registerPolicies();
Passport::routes();
//
}
}最后,在 config/auth.php 配置文件中,你应该设置 api 权限认证守卫的 driver 选项为 passport:
'guards' => [
'web' => [
'driver' => 'session',
'provider' => 'users',
],
'api' => [
'driver' => 'passport',
'provider' => 'users',
'hash' => false,
],
],添加路由
<?php
use Illuminate\Http\Request;
/*
|--------------------------------------------------------------------------
| API Routes
|--------------------------------------------------------------------------
|
| Here is where you can register API routes for your application. These
| routes are loaded by the RouteServiceProvider within a group which
| is assigned the "api" middleware group. Enjoy building your API!
|
*/
Route::prefix('v1')->name('api.v1.')->namespace('Api')->group(function() {
Route::post('login', 'AuthorizationsController@login');//登陆
Route::group([
'middleware' => 'auth:api',
'prefix' => 'auth'
], function ($router) {
Route::post('logout', 'AuthorizationsController@logout');//退出登陆
Route::post('user_info', 'AuthorizationsController@userInfo');//用户信息
});
Route::middleware('auth:api')->group(function ($router) {
//这里存放需要通过验证的路由
});
});
登陆相关
创建控制器,为了区分,我们把控制器放在 api 文件夹下:
$ php artisan make:controller Api/AuthorizationsController 创建验证表单类:
$ php artisan make:request AuthorizationRequest编写验证逻辑:
<?php
namespace App\Http\Requests;
use Illuminate\Foundation\Http\FormRequest;
class AuthorizationRequest extends FormRequest
{
/**
* Determine if the user is authorized to make this request.
*
* @return bool
*/
public function authorize()
{
return true;
}
/**
* Get the validation rules that apply to the request.
*
* @return array
*/
public function rules()
{
return [
'username' => 'required|string',
'password' => 'required|alpha_dash|min:6',
];
}
}迁移表中添加 phone 字段:
.
.
.
$table->string('phone')->unique();
.
.
.运行迁移:
$ php artisan migrate编写登陆逻辑:
<?php
namespace App\Http\Controllers\Api;
use App\Http\Controllers\Controller;
use App\Http\Requests\AuthorizationRequest;
use Carbon\Carbon;
use Illuminate\Support\Facades\Auth;
class AuthorizationsController extends Controller
{
/**
* @param AuthorizationRequest $request
* @return array|string[]
*/
public function login(AuthorizationRequest $request){
$username = $request->username;
//php7.0新东西,FILTER_VALIDATE_EMAIL为php自带的email过滤器
filter_var($username, FILTER_VALIDATE_EMAIL) ?
$credentials['email'] = $username :
$credentials['phone'] = $username;
//接收传来的值
$credentials['password']=$request->password;
//验证密码是否正确
if(!Auth::attempt($credentials))
return response()->json([
'message' => '账号或者密码不正确'
], 401);
$user = $request->user();
//生成token
$tokenResult = $user->createToken('Personal Access Token');
$token = $tokenResult->token;
$token->save();
return response()->json([
'access_token' => $tokenResult->accessToken,
'token_type' => 'Bearer',
'expires_at' => Carbon::parse(
$tokenResult->token->expires_at
)->toDateTimeString()
]);
}
}测试
用手机号登陆:
登陆失败:
提交git
$ git add -A
$ git commit -m "OAuth2 授权码模式认证"大家可以看到,相比较上一节,这节的失败返回相对友好了许多,但是并没有达到预期的效果,即没有一个统一的返回状态,这个在第四章我们会对它进行处理。
关于 LearnKu
粤公网安备 44030502004330号