Laravel web auth运行良好。我正在尝试使用jwt-auth模块。这是我使用jwt身份验证模块的代码
---authcontroller.php
public function login(Request $request)
{
$validator = Validator::make($request->all(), [
'email' => 'required|email',
'password' => 'required|string|min:6',
]);
if ($validator->fails()) {
// return response()->json($validator->errors(), 200);
session()->flash('error', json_encode($validator->errors()));
return back()->withInput();
}
if (!$token = auth()->attempt($validator->validated())) {
// return response()->json(['error' => 'Unauthorized'], 200);
session()->flash('error', 'These credentials do not match.');
return back()->withInput();
}
//////// this is test code
echo auth()->check();
//////////////////
$response_token = $this->createNewToken($token);
session()->flash('token', $response_token);
return Redirect::to('/');
}
---web.php
Route::group([
'middleware' => 'api',
'prefix' => 'auth'
],
function ($router) {
Route::post('/login', [AuthController::class, 'login']);
Route::post('/register', [AuthController::class, 'register']);
Route::post('/logout', [AuthController::class, 'logout']);
Route::post('/refresh', [AuthController::class, 'refresh']);
Route::get('/user-profile', [AuthController::class, 'userProfile']);
}
);
---auth.php
'defaults' => [
'guard' => 'api',
'passwords' => 'users',
],
'guards' => [
'web' => [
'driver' => 'session',
'provider' => 'users',
],
'api' => [
'driver' => 'jwt',
'provider' => 'users',
'hash' => false,
],
],
问题是*测试代码返回true,但在重定向控制器中,auth((->check((返回false。即auth((->check((仅在登录控制器时返回true,但对于其他控制器则返回false
怎么了?
---更新(重定向页面代码(
<!DOCTYPE html>
<html lang="{{ str_replace('_', '-', app()->getLocale()) }}">
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<meta name="csrf-token" content="{{ csrf_token() }}">
<title>@yield('title')</title>
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css">
<!-- Fonts -->
<link href="https://fonts.googleapis.com/css?family=Nunito:400,600,700" rel="stylesheet">
<!-- Styles -->
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/css/all.min.css" integrity="sha512-1PKOgIY59xJ8Co8+NE6FZ+LOAZKjy+KY8iq0G4B3CyeY6wYHN3yt9PW0XpSriVlkMXe40PTKnXrLnZ9+fkDaog==" crossorigin="anonymous" />
<!-- Scripts -->
<script src="https://cdn.jsdelivr.net/gh/alpinejs/alpine@v2.7.0/dist/alpine.js" defer></script>
<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js"></script>
<script src="https://maxcdn.bootstrapcdn.com/bootstrap/4.5.2/js/bootstrap.min.js"></script>
@yield('extra-css')
<link rel="stylesheet" href="{{ asset('css/style.css') }}">
</head>
<body>
<header>
<div class="logo">
<a href="/">
<img src="{{ asset('images/blue-logo.png')}}"/>
</a>
</div>
<div class="navigation">
<a class="mr-3" href="{{ route('audition') }}">Audition</a>
<a class="mr-3" href="{{ route('about') }}">About</a>
<a class="mr-3" href="{{ route('playing') }}">Playing</a>
<a class="mr-3" href="{{ route('faq') }}">Faq</a>
@if(!auth('api')->check())
<a class="mr-3" href="{{ route('login') }}">Login</a>
<a class="mr-3" href="{{ route('userType') }}">Register</a>
@else
<a class="mr-3" href="{{ route('support') }}">Support</a>
<a class="mr-3" href="{{ route('dashboard') }}">{{ Auth::user()->name }}</a>
<form class="d-inline-block" method="POST" action="{{ route('logout') }}">
@csrf
<a class="mr-3" href="#" onclick="event.preventDefault(); this.closest('form').submit();">Logout</a>
</form>
@endif
</div>
</header>
@yield('content')
<footer id="footer">
<ul class="icons">
<li><a href="#" class="icon brands fa-twitter"><span class="label">Twitter</span></a></li>
<li><a href="#" class="icon brands fa-instagram"><span class="label">Instagram</span></a></li>
<li><a href="#" class="icon brands fa-github"><span class="label">GitHub</span></a></li>
<li><a href="#" class="icon fa-envelope"><span class="label">Email</span></a></li>
</ul>
<ul class="copyright">
<li>© Untitled.</li><li>Credits: <a href="http://html5up.net">HTML5 UP</a></li>
</ul>
</footer>
@yield('extra-js')
</body>
</html>
使用auth('api'),因此使用auth('api')->check()
默认情况下,auth()helper函数返回经过身份验证的用户并将其存储在会话和cookie中,用于jwt或任何其他api身份验证方法使用auth('api'),它将检查Bearer令牌以及用户是否经过身份验证。