Laravel使用Passport来建立API用户认证
本文来自pilishen.com----原文连接; 欢迎做客咱们的php&Laravel学习群:109256050php
好比说你要给你的手机APP用户建立API,使用的是你已有的Laravel系统里的数据库,尤为是用户数据。如今咱们来看一下,这里使用的是Laravel Passport组件。html
咱们将要建立三个api,分别是:laravel
- Login API
- Register API
- Details API
(一)安装和配置Passport
composer require laravel/passport
复制代码
在config/app.php中注册provider:数据库
'providers' => [
....
Laravel\Passport\PassportServiceProvider::class,
],
复制代码
建立Passport须要的数据表:json
php artisan migrate
复制代码
而后初始化Passport,执行:api
php artisan passport:install
复制代码
该命令会生成用之后期建立安全令牌(access token)的秘钥,同时也会建立personal access和password grant两个客户端(clients)。安全
接下来,在app/User.php中添加HasApiTokens trait:bash
<?php
namespace App;
use Laravel\Passport\HasApiTokens;
use Illuminate\Notifications\Notifiable;
use Illuminate\Foundation\Auth\User as Authenticatable;
class User extends Authenticatable
{
use HasApiTokens, Notifiable;
}
复制代码
而后在app/Providers/AuthServiceProvider.php中添加Passport::routes();:app
<?php
namespace App\Providers;
use Laravel\Passport\Passport;
use Illuminate\Support\Facades\Gate;
use Illuminate\Foundation\Support\Providers\AuthServiceProvider as ServiceProvider;
class AuthServiceProvider extends ServiceProvider
{
...
public function boot()
{
$this->registerPolicies();
Passport::routes();
}
}
复制代码
在config/auth.php中将api的driver改为passport:composer
<?php
return [
.....
'guards' => [
...
'api' => [
'driver' => 'passport',
'provider' => 'users',
],
],
.....
]
复制代码
(二)建立相应的api路由
在你的routes/api.php中
Route::post('login', 'API\UserController@login');
Route::post('register', 'API\UserController@register');
Route::group(['middleware' => 'auth:api'], function(){
Route::post('details', 'API\UserController@details');
});
复制代码
(三)建立相应的controller
路径app/Http/Controllers/API/UserController.php
<?php
namespace App\Http\Controllers\API;
use Illuminate\Http\Request;
use App\Http\Controllers\Controller;
use App\User;
use Illuminate\Support\Facades\Auth;
use Validator;
class UserController extends Controller
{
public $successStatus = 200;
public function login(){
if(Auth::attempt(['email' => request('email'), 'password' => request('password')])){
$user = Auth::user();
$success['token'] = $user->createToken('MyApp')->accessToken;
return response()->json(['success' => $success], $this->successStatus);
}
else{
return response()->json(['error'=>'Unauthorised'], 401);
}
}
public function register(Request $request)
{
$validator = Validator::make($request->all(), [
'name' => 'required',
'email' => 'required|email',
'password' => 'required',
'c_password' => 'required|same:password',
]);
if ($validator->fails()) {
return response()->json(['error'=>$validator->errors()], 401);
}
$input = $request->all();
$input['password'] = bcrypt($input['password']);
$user = User::create($input);
$success['token'] = $user->createToken('MyApp')->accessToken;
$success['name'] = $user->name;
return response()->json(['success'=>$success], $this->successStatus);
}
public function details()
{
$user = Auth::user();
return response()->json(['success' => $user], $this->successStatus);
}
}
复制代码
(四)使用rest client来测试api
Login API:
Register API:
Details API:
这个测试前须要添加一些header信息:
'headers' => [
'Accept' => 'application/json',
'Authorization' => 'Bearer '.$accessToken,
]
复制代码