文章转发自专业的Laravel开发者社区,原始连接: https://learnku.com/laravel/t...
咱们将会学习使用 Laravel 的 Passport API OAuth 来建立一个验证系统。php
咱们须要用如下命令来建立一个最新的 Laravel 应用,因此请打开终端执行:laravel
laravel new auth
Laravel Passport 能够在几分钟内为你的应用实现一个完整的 OAuth2 服务器。git
composer require laravel/passport
Passport 的迁移会建立你的应用用来存储客户端和 Access Token 的表。github
php artisan migrate
此命令会建立秘钥以用来生成安全的 Access Token。除此以外,它也会建立用来生成 Access Token 的 personal access 和 password grant:web
php artisan passport:install
执行完毕后,将 Laravel\Passport\HasApiTokens
trait 添加到你的 App\User
模型中。这个 trait 会为模型添加一系列助手函数用来验证用户的秘钥和做用域:数据库
<?php namespace App; use Illuminate\Notifications\Notifiable; use Illuminate\Foundation\Auth\User as Authenticatable; use Laravel\Passport\HasApiTokens; class User extends Authenticatable { use Notifiable, HasApiTokens; }
接下来,你应该在 AuthServiceProvider
中的 boot
方法中调用 Passport::routes
方法。这个方法会注册必要的路由去颁发访问令牌,撤销访问令牌,客户端和我的令牌:json
<?php namespace App\Providers; use Laravel\Passport\Passport; use Illuminate\Support\Facades\Gate; use Illuminate\Foundation\Support\Providers\AuthServiceProvider as ServiceProvider; class AuthServiceProvider extends ServiceProvider { /** * The policy mappings for the application. * * @var array */ protected $policies = [ 'App\Model' => 'App\Policies\ModelPolicy', ]; /** * Register any authentication / authorization services. * * @return void */ public function boot() { $this->registerPolicies(); Passport::routes(); } }
最后,在 config/auth.php
配置文件中,你应该设置 api
权限认证守卫的 driver
选项为 passport
。当须要权限认证的 API 请求进来时会告诉你的应用去使用 Passport's 的 TokenGuard
。api
'guards' => [ 'web' => [ 'driver' => 'session', 'provider' => 'users', ], 'api' => [ 'driver' => 'passport', 'provider' => 'users', ], ],
Laravel 提供了 routes/api.php
文件来给咱们编写 web 路由,所以在这个文件添加新的路由便可。安全
<?php use Illuminate\Http\Request; Route::group([ 'prefix' => 'auth' ], function () { Route::post('login', 'AuthController@login'); Route::post('signup', 'AuthController@signup'); Route::group([ 'middleware' => 'auth:api' ], function() { Route::get('logout', 'AuthController@logout'); Route::get('user', 'AuthController@user'); }); });
最后一步咱们必须建立新的控制器和 api 方法。所以咱们先建立 AuthController
而且把代码写进去:服务器
<?php namespace App\Http\Controllers; use Illuminate\Http\Request; use Illuminate\Support\Facades\Auth; use Carbon\Carbon; use App\User; class AuthController extends Controller { /** * Create user * * @param [string] name * @param [string] email * @param [string] password * @param [string] password_confirmation * @return [string] message */ public function signup(Request $request) { $request->validate([ 'name' => 'required|string', 'email' => 'required|string|email|unique:users', 'password' => 'required|string|confirmed' ]); $user = new User([ 'name' => $request->name, 'email' => $request->email, 'password' => bcrypt($request->password) ]); $user->save(); return response()->json([ 'message' => 'Successfully created user!' ], 201); } /** * Login user and create token * * @param [string] email * @param [string] password * @param [boolean] remember_me * @return [string] access_token * @return [string] token_type * @return [string] expires_at */ public function login(Request $request) { $request->validate([ 'email' => 'required|string|email', 'password' => 'required|string', 'remember_me' => 'boolean' ]); $credentials = request(['email', 'password']); if(!Auth::attempt($credentials)) return response()->json([ 'message' => 'Unauthorized' ], 401); $user = $request->user(); $tokenResult = $user->createToken('Personal Access Token'); $token = $tokenResult->token; if ($request->remember_me) $token->expires_at = Carbon::now()->addWeeks(1); $token->save(); return response()->json([ 'access_token' => $tokenResult->accessToken, 'token_type' => 'Bearer', 'expires_at' => Carbon::parse( $tokenResult->token->expires_at )->toDateTimeString() ]); } /** * Logout user (Revoke the token) * * @return [string] message */ public function logout(Request $request) { $request->user()->token()->revoke(); return response()->json([ 'message' => 'Successfully logged out' ]); } /** * Get the authenticated User * * @return [json] user object */ public function user(Request $request) { return response()->json($request->user()); } }
如今咱们已经准备好运行咱们的示例了,运行下面的命令以快速运行:
php artisan serve
如今,咱们能够使用 REST 客户端工具来简化测试,例如 Postman。我执行测试你能够看见如下的截图。
你要为这个 API 设置如下两个头信息:
Content-Type: application/json X-Requested-With: XMLHttpRequest
注册
登陆
登出
用户
感谢阅读!