您的位置 首页 技术

Laravel Passport 构建 API 身份验证和授权

第一步 执行以下命令: composer require laravel/passportphp artisan migratephp artisan passport:insta…

第一步

执行以下命令:

composer require laravel/passportphp artisan migratephp artisan passport:install

第二步

修改 config/auth.php 文件中的 Gurds:

...    'guards' => [        'web' => [            'driver' => 'session',            'provider' => 'users',        ],        'api' => [            'driver' => 'passport',            'provider' => 'users',        ],    ],...

第三步

app/User.php

<?phpnamespace App;use Illuminate\Foundation\Auth\User as Authenticatable;use Illuminate\Notifications\Notifiable;use Laravel\Passport\HasApiTokens;class User extends Authenticatable {    use Notifiable, HasApiTokens;    /**     * The attributes that are mass assignable.     *     * @var array     */    protected $fillable = [        'name', 'email', 'password',    ];    /**     * The attributes that should be hidden for arrays.     *     * @var array     */    protected $hidden = [        'password', 'remember_token',    ];    /**     * The attributes that should be cast to native types.     *     * @var array     */    protected $casts = [        'email_verified_at' => 'datetime',    ];}

第四步

app/Repositories/User/UserRepositoryInterface.php

<?phpnamespace App\Repositories\User;use Illuminate\Http\Request;interface UserRepositoryInterface {    public function register(Request $request);    public function login(Request $request);    public function refreshToken(Request $request);    public function details();    public function logout(Request $request);    public function response($data, int $statusCode);    public function getTokenAndRefreshToken(string $email, string $password);    public function sendRequest(string $route, array $formParams);    public function getOClient();}

第五步

创建 app/Repositories/User/UserRepository.php 文件

<?phpnamespace App\Repositories\User;use App\User;use GuzzleHttp\Client;use Illuminate\Http\Request;use Illuminate\Support\Facades\Auth;use Laravel\Passport\Client as OClient;use GuzzleHttp\Exception\ClientException;use App\Repositories\User\UserRepositoryInterface;class UserRepository implements UserRepositoryInterface {    const SUCCUSUS_STATUS_CODE = 200;    const UNAUTHORISED_STATUS_CODE = 401;    const BASE_URL = "http://mylemp-nginx";    public function __construct(Client $client) {        $this->http = $client;    }    public function register(Request $request) {        $email = $request->email;        $password = $request->password;        $input = $request->all();        $input['password'] = bcrypt($input['password']);        User::create($input);        $response = $this->getTokenAndRefreshToken($email, $password);        return $this->response($response["data"], $response["statusCode"]);    }    public function login(Request $request) {        $email = $request->email;        $password = $request->password;        if (Auth::attempt(['email' => $email, 'password' => $password])) {            $response = $this->getTokenAndRefreshToken($email, $password);            $data = $response["data"];            $statusCode =  $response["statusCode"];        } else {            $data = ['error'=>'Unauthorised'];            $statusCode =  self::UNAUTHORISED_STATUS_CODE;        }        return $this->response($data, $statusCode);    }    public function refreshToken(Request $request) {        if (is_null($request->header('Refreshtoken'))) {            return $this->response(['error'=>'Unauthorised'], self::UNAUTHORISED_STATUS_CODE);        }        $refresh_token = $request->header('Refreshtoken');        $Oclient = $this->getOClient();        $formParams = [ 'grant_type' => 'refresh_token',                        'refresh_token' => $refresh_token,                        'client_id' => $Oclient->id,                        'client_secret' => $Oclient->secret,                        'scope' => '*'];        return $this->sendRequest("/oauth/token", $formParams);    }    public function details() {        $user = Auth::user();        return $this->response($user, self::SUCCUSUS_STATUS_CODE);    }    public function logout(Request $request) {        $request->user()->token()->revoke();        return $this->response(['message' => 'Successfully logged out'], self::SUCCUSUS_STATUS_CODE);    }    public function response($data, int $statusCode) {        $response = ["data"=>$data, "statusCode"=>$statusCode];        return $response;    }    public function getTokenAndRefreshToken(string $email, string $password) {        $Oclient = $this->getOClient();        $formParams = [ 'grant_type' => 'password',                        'client_id' => $Oclient->id,                        'client_secret' => $Oclient->secret,                        'username' => $email,                        'password' => $password,                        'scope' => '*'];        return $this->sendRequest("/oauth/token", $formParams);    }    public function sendRequest(string $route, array $formParams) {        try {            $url = self::BASE_URL.$route;            $response = $this->http->request('POST', $url, ['form_params' => $formParams]);            $statusCode = self::SUCCUSUS_STATUS_CODE;            $data = json_decode((string) $response->getBody(), true);        } catch (ClientException $e) {            echo $e->getMessage();            $statusCode = $e->getCode();            $data = ['error'=>'OAuth client error'];        }        return ["data" => $data, "statusCode"=>$statusCode];    }    public function getOClient() {        return OClient::where('password_client', 1)->first();    }}

第六步

app/Http/Requests/UserLoginRequest.php

<?phpnamespace App\Http\Requests;use Illuminate\Foundation\Http\FormRequest;use Illuminate\Contracts\Validation\Validator;use Illuminate\Http\Exceptions\HttpResponseException;class UserLoginRequest extends FormRequest {    const UNPROCESSABLE_ENTITY = 422;    public function rules() {        return [            'email' => 'required|email',            'password' => 'required',          ];    }    protected function failedValidation(Validator $validator) {        throw new HttpResponseException(response()->json($validator->errors(), self::UNPROCESSABLE_ENTITY));    }}

第七步

app/Http/Requests/UserRegisterRequest.php

<?phpnamespace App\Http\Requests;use Illuminate\Foundation\Http\FormRequest;use Illuminate\Contracts\Validation\Validator;use Illuminate\Http\Exceptions\HttpResponseException;class UserRegisterRequest extends FormRequest {    const UNPROCESSABLE_ENTITY = 422;    public function rules() {        return [            'name' => 'required',            'email' => 'required|email|unique:users',            'password' => 'required',            'c_password' => 'required|same:password',          ];    }    protected function failedValidation(Validator $validator) {        throw new HttpResponseException(response()->json($validator->errors(), self::UNPROCESSABLE_ENTITY));    }}

第八步

app/Providers/AppServiceProvider.php

<?phpnamespace App\Providers;use App\Repositories\User\UserRepository;use App\Repositories\User\UserRepositoryInterface;use Illuminate\Support\ServiceProvider;class AppServiceProvider extends ServiceProvider {    /**     * Register any application services.     *     * @return void     */    public function register() {        $this->app->bind(UserRepositoryInterface::class, UserRepository::class);    }    /**     * Bootstrap any application services.     *     * @return void     */    public function boot() {        //    }}

第九步

app/Providers/AuthServiceProvider.php

<?phpnamespace App\Providers;use Illuminate\Foundation\Support\Providers\AuthServiceProvider as ServiceProvider;use Laravel\Passport\Passport;class AuthServiceProvider extends ServiceProvider {    /**     * The policy mappings for the application.     *     * @var array     */    protected $policies = [        // 'App\Model' => 'App\Policies\ModelPolicy',    ];    /**     * Register any authentication / authorization services.     *     * @return void     */    public function boot() {        $this->registerPolicies();        Passport::routes();    }}

第十步

app/Http/Controllers/UserController.php

<?phpnamespace App\Http\Controllers;use Illuminate\Http\Request;use App\Http\Requests\UserLoginRequest;use App\Http\Requests\UserRegisterRequest;use App\Repositories\User\UserRepositoryInterface;class UserController extends Controller {    const SUCCUSUS_STATUS_CODE = 200;    const UNAUTHORISED_STATUS_CODE = 401;    public function __construct(UserRepositoryInterface $userRepository) {        $this->userRepository = $userRepository;    }    public function login(UserLoginRequest $request) {        $response = $this->userRepository->login($request);        return response()->json($response["data"], $response["statusCode"]);    }    public function register(UserRegisterRequest $request) {        $response = $this->userRepository->register($request);        return response()->json($response["data"], $response["statusCode"]);    }    public function details() {        $response = $this->userRepository->details();        return response()->json($response["data"], $response["statusCode"]);    }    public function logout(Request $request) {        $response = $this->userRepository->logout($request);        return response()->json($response["data"], $response["statusCode"]);    }    public function refreshToken(Request $request) {        $response = $this->userRepository->refreshToken($request);        return response()->json($response["data"], $response["statusCode"]);    }}

第十一步

routes/api.php

<?phpuse Illuminate\Support\Facades\Route;Route::post('login', 'UserController@login');Route::post('register', 'UserController@register');Route::post('refreshtoken', 'UserController@refreshToken');Route::group(['middleware' => ['auth:api']], function () {    Route::post('logout', 'UserController@logout');    Route::post('details', 'UserController@details');});

推荐教程:《Laravel教程》

以上就是Laravel Passport 构建 API 身份验证和授权的详细内容,更多请关注24课堂在线网其它相关文章!

本文来自网络,不代表24小时课堂在线立场,转载请注明出处:https://www.24ketang.cn/73699.html

为您推荐

返回顶部