api.php 里面的路由，走中间件的时候提示未授权 401？

信息太少，你自己肯定也 debug 过找问题的原因，就问下用了 laravel passport？

@jltxwesley 用了

@jltxwesley 领导搭建的项目，我也不知道咋处理了

@JeffLi

应该是 access_token 和 refresh_token 都 expire 了， 能发下 AuthServiceProvider 里的 boot 方法不？

@jltxwesley

<?php

namespace App\Providers;

use App\Foundation\Auth\XXHManager;
use Illuminate\Support\Facades\Gate;
use Illuminate\Foundation\Support\Providers\AuthServiceProvider as ServiceProvider;

class AuthServiceProvider extends ServiceProvider
{
    /**
     * The policy mappings for the application.
     *
     * @var array
     */
    protected $policies = [
        'App\Model' => 'App\Policies\ModelPolicy',
    ];

    /**
     * Register any authentication / authorization services.
     *
     * @return void
     */
    public function boot()
    {
        $this->registerPolicies();

        //

        // 启动信息化
        $this->app->singleton('xxh', function () {
            return new XXHManager($this->app);
        });
    }
}

@jltxwesley 前web 里的路由 请求用户信息是没问题的~

@JeffLi

Passport OAuth 认证

默认的访问令牌是一年的有效期，刷新令牌如果也失效的话，就无法生成新的令牌。

看下上面的文档，你可以改下刷新令牌的失效时间：（访问令牌的有效期你也可以改）

Passport::routes();
Passport::refreshTokensExpireIn(now()->addDays(30));

不过你确定用了 passport？检查下 config/auth.php

@jltxwesley

我觉得用了吧。。

<?php

return [

    /*
    |--------------------------------------------------------------------------
    | Authentication Defaults
    |--------------------------------------------------------------------------
    |
    | This option controls the default authentication "guard" and password
    | reset options for your application. You may change these defaults
    | as required, but they're a perfect start for most applications.
    |
    */

    'defaults' => [
        'guard' => 'web',
        'passwords' => 'users',
    ],

    /*
    |--------------------------------------------------------------------------
    | Authentication Guards
    |--------------------------------------------------------------------------
    |
    | Next, you may define every authentication guard for your application.
    | Of course, a great default configuration has been defined for you
    | here which uses session storage and the Eloquent user provider.
    |
    | All authentication drivers have a user provider. This defines how the
    | users are actually retrieved out of your database or other storage
    | mechanisms used by this application to persist your user's data.
    |
    | Supported: "session", "token"
    |
    */

    'guards' => [
        'web' => [
            'driver' => 'session',
            'provider' => 'users',
        ],

        'api' => [
            // jhc 修改
            'driver' => 'passport',
            'provider' => 'users',
        ],
    ],

    /*
    |--------------------------------------------------------------------------
    | JUser Providers
    |--------------------------------------------------------------------------
    |
    | All authentication drivers have a user provider. This defines how the
    | users are actually retrieved out of your database or other storage
    | mechanisms used by this application to persist your user's data.
    |
    | If you have multiple user tables or models you may configure multiple
    | sources which represent each model / table. These sources may then
    | be assigned to any extra authentication guards you have defined.
    |
    | Supported: "database", "eloquent"
    |
    */

    'providers' => [
        'users' => [
            'driver' => 'eloquent',
            'model' => App\Models\User::class,//jhc 修改
        ],

        // 'users' => [
        //     'driver' => 'database',
        //     'table' => 'users',
        // ],
    ],

    /*
    |--------------------------------------------------------------------------
    | Resetting Passwords
    |--------------------------------------------------------------------------
    |
    | You may specify multiple password reset configurations if you have more
    | than one user table or model in the application and you want to have
    | separate password reset settings based on the specific user types.
    |
    | The expire time is the number of minutes that the reset token should be
    | considered valid. This security feature keeps tokens short-lived so
    | they have less time to be guessed. You may change this as needed.
    |
    */

    'passwords' => [
        'users' => [
            'provider' => 'users',
            'table' => 'password_resets',
            'expire' => 60,
        ],
    ],

    // jhc 添加
    'agent' => [

        'agent_id' => env('AUTH_AGENT_ID', ''),
        'redirect_url' => env('AUTH_REDIRECT_URL', ''),
        'platform_url' => env('AUTH_PALTFORM_URL', ''),
        'gateway_url' => env('AUTH_GATEWAY_URL', ''),
        'corp_user_api' => 'auth_user',
        'corp_token_api' => 'corp_tokens',
        'corp_info' => 'auth_corp',
        'token' => env('AUTH_TOKEN', ''),
        'encoding_key' => env('AUTH_ENCODING_KEY', '')
    ],

];