我正在使用刀片引擎做一个RESTful API(用于移动应用程序(和一个Web界面。我有两种用户,一种是"gestionnaire"(用于Web界面(,另一种是"客户端"(用于移动应用程序(。
现在,我可以使用php artisan make:auth命令对用户"gestionnaire"进行身份验证,但即使我修改了身份验证,我也无法对客户端进行身份验证.php如下所示:
'defaults' => [
'guard' => 'web',
'passwords' => 'clients',
],
'guards' => [
'api' => [
'driver' => 'passport',
'provider' => 'clients',
'hash' => false,
],
'web' => [
'driver' => 'session',
'provider' => 'gestionnaires',
],
],
'providers' => [
'clients' => [
'driver' => 'eloquent',
'model' => AppClient::class,
],
'gestionnaires' => [
'driver' => 'eloquent',
'model' => AppGestionnaire::class,
],
],
'passwords' => [
'clients' => [
'provider' => 'clients',
'table' => 'password_resets',
'expire' => 60,
],
],
目前我的控制器看起来像这样:
class LoginController extends Controller
{
use AuthenticatesUsers;
protected $redirectTo = '/home';
public function __construct()
{
$this->middleware('guest')->except('logout');
}
}
而这个:
class AuthController extends Controller
{
public function login(Request $request) {
$request->validate([
'email' => 'required|string|email',
'password' => 'required|string',
//'remember_me' => 'boolean'
]);
$credentials = request(['email', 'password']);
if(!Auth::attempt($credentials))
return response()->json([
'message' => 'Unauthorized'
], 401);
$user = $request->user();
$tokenResult = $user->createToken('Personal Access Token');
$token = $tokenResult->token;
if ($request->remember_me)
$token->expires_at = Carbon::now()->addWeeks(1);
$token->save();
return response()->json([
'access_token' => $tokenResult->accessToken,
'token_type' => 'Bearer',
'expires_at' => Carbon::parse(
$tokenResult->token->expires_at
)->toDateTimeString()
]);
}
public function user(Request $request)
{
return response()->json($request->user());
}
}
我在web.php的路线看起来像这样:
Route::get('/', function () { return view('welcome'); });
Auth::routes();
Route::get('/home', 'HomeController@index')->name('home');
在api.php
Route::group([
'prefix' => 'auth'
], function () {
Route::post('login', 'AuthAuthController@login')->name('login');
Route::post('register', 'AuthAuthController@register');
Route::group([
'middleware' => 'auth:api'
], function() {
Route::get('logout', 'AuthAuthController@logout');
Route::get('user', 'AuthAuthController@user');
});
});
使用此代码
我可以通过 Web 界面连接,但不能通过 API 连接。我正在使用Postman来处理请求,但我收到以下消息:Unauthorized当我尝试登录时。
我已经检查了我的请求正文(电子邮件和密码(,它是正确的。
有人知道我应该做什么吗?
您可以在
API 中使用Auth::shouldUse('api');。
或
您可以为此创建中间件
namespace AppHttpMiddleware;
use Closure;
use IlluminateSupportFacadesAuth;
use AppUser;
class ConditionalApisHandler
{
public function handle($request, Closure $next)
{
Auth::shouldUse('api');
return $next($request);
}
}
在 api 中.php
Route::group(['middleware' => 'conditionalApisHandler'], function(){
Route::post('example','APIExampleController@example');
});