第一步
执行以下命令:
composer require laravel/passportphp artisan migratephp artisan passport:install
第二步
修改 config/auth.php 文件中的 Gurds:
... 'guards' => [ 'web' => [ 'driver' => 'session', 'provider' => 'users', ], 'api' => [ 'driver' => 'passport', 'provider' => 'users', ], ],...
第三步
app/User.php
<?phpnamespace App;use Illuminate\Foundation\Auth\User as Authenticatable;use Illuminate\Notifications\Notifiable;use Laravel\Passport\HasApiTokens;class User extends Authenticatable { use Notifiable, HasApiTokens; /** * The attributes that are mass assignable. * * @var array */ protected $fillable = [ 'name', 'email', 'password', ]; /** * The attributes that should be hidden for arrays. * * @var array */ protected $hidden = [ 'password', 'remember_token', ]; /** * The attributes that should be cast to native types. * * @var array */ protected $casts = [ 'email_verified_at' => 'datetime', ];}
第四步
app/Repositories/User/UserRepositoryInterface.php
<?phpnamespace App\Repositories\User;use Illuminate\Http\Request;interface UserRepositoryInterface { public function register(Request $request); public function login(Request $request); public function refreshToken(Request $request); public function details(); public function logout(Request $request); public function response($data, int $statusCode); public function getTokenAndRefreshToken(string $email, string $password); public function sendRequest(string $route, array $formParams); public function getOClient();}
第五步
创建 app/Repositories/User/UserRepository.php 文件
<?phpnamespace App\Repositories\User;use App\User;use GuzzleHttp\Client;use Illuminate\Http\Request;use Illuminate\Support\Facades\Auth;use Laravel\Passport\Client as OClient;use GuzzleHttp\Exception\ClientException;use App\Repositories\User\UserRepositoryInterface;class UserRepository implements UserRepositoryInterface { const SUCCUSUS_STATUS_CODE = 200; const UNAUTHORISED_STATUS_CODE = 401; const BASE_URL = "http://mylemp-nginx"; public function __construct(Client $client) { $this->http = $client; } public function register(Request $request) { $email = $request->email; $password = $request->password; $input = $request->all(); $input['password'] = bcrypt($input['password']); User::create($input); $response = $this->getTokenAndRefreshToken($email, $password); return $this->response($response["data"], $response["statusCode"]); } public function login(Request $request) { $email = $request->email; $password = $request->password; if (Auth::attempt(['email' => $email, 'password' => $password])) { $response = $this->getTokenAndRefreshToken($email, $password); $data = $response["data"]; $statusCode = $response["statusCode"]; } else { $data = ['error'=>'Unauthorised']; $statusCode = self::UNAUTHORISED_STATUS_CODE; } return $this->response($data, $statusCode); } public function refreshToken(Request $request) { if (is_null($request->header('Refreshtoken'))) { return $this->response(['error'=>'Unauthorised'], self::UNAUTHORISED_STATUS_CODE); } $refresh_token = $request->header('Refreshtoken'); $Oclient = $this->getOClient(); $formParams = [ 'grant_type' => 'refresh_token', 'refresh_token' => $refresh_token, 'client_id' => $Oclient->id, 'client_secret' => $Oclient->secret, 'scope' => '*']; return $this->sendRequest("/oauth/token", $formParams); } public function details() { $user = Auth::user(); return $this->response($user, self::SUCCUSUS_STATUS_CODE); } public function logout(Request $request) { $request->user()->token()->revoke(); return $this->response(['message' => 'Successfully logged out'], self::SUCCUSUS_STATUS_CODE); } public function response($data, int $statusCode) { $response = ["data"=>$data, "statusCode"=>$statusCode]; return $response; } public function getTokenAndRefreshToken(string $email, string $password) { $Oclient = $this->getOClient(); $formParams = [ 'grant_type' => 'password', 'client_id' => $Oclient->id, 'client_secret' => $Oclient->secret, 'username' => $email, 'password' => $password, 'scope' => '*']; return $this->sendRequest("/oauth/token", $formParams); } public function sendRequest(string $route, array $formParams) { try { $url = self::BASE_URL.$route; $response = $this->http->request('POST', $url, ['form_params' => $formParams]); $statusCode = self::SUCCUSUS_STATUS_CODE; $data = json_decode((string) $response->getBody(), true); } catch (ClientException $e) { echo $e->getMessage(); $statusCode = $e->getCode(); $data = ['error'=>'OAuth client error']; } return ["data" => $data, "statusCode"=>$statusCode]; } public function getOClient() { return OClient::where('password_client', 1)->first(); }}
第六步
app/Http/Requests/UserLoginRequest.php
<?phpnamespace App\Http\Requests;use Illuminate\Foundation\Http\FormRequest;use Illuminate\Contracts\Validation\Validator;use Illuminate\Http\Exceptions\HttpResponseException;class UserLoginRequest extends FormRequest { const UNPROCESSABLE_ENTITY = 422; public function rules() { return [ 'email' => 'required|email', 'password' => 'required', ]; } protected function failedValidation(Validator $validator) { throw new HttpResponseException(response()->json($validator->errors(), self::UNPROCESSABLE_ENTITY)); }}
第七步
app/Http/Requests/UserRegisterRequest.php
<?phpnamespace App\Http\Requests;use Illuminate\Foundation\Http\FormRequest;use Illuminate\Contracts\Validation\Validator;use Illuminate\Http\Exceptions\HttpResponseException;class UserRegisterRequest extends FormRequest { const UNPROCESSABLE_ENTITY = 422; public function rules() { return [ 'name' => 'required', 'email' => 'required|email|unique:users', 'password' => 'required', 'c_password' => 'required|same:password', ]; } protected function failedValidation(Validator $validator) { throw new HttpResponseException(response()->json($validator->errors(), self::UNPROCESSABLE_ENTITY)); }}
第八步
app/Providers/AppServiceProvider.php
<?phpnamespace App\Providers;use App\Repositories\User\UserRepository;use App\Repositories\User\UserRepositoryInterface;use Illuminate\Support\ServiceProvider;class AppServiceProvider extends ServiceProvider { /** * Register any application services. * * @return void */ public function register() { $this->app->bind(UserRepositoryInterface::class, UserRepository::class); } /** * Bootstrap any application services. * * @return void */ public function boot() { // }}
第九步
app/Providers/AuthServiceProvider.php
<?phpnamespace App\Providers;use Illuminate\Foundation\Support\Providers\AuthServiceProvider as ServiceProvider;use Laravel\Passport\Passport;class AuthServiceProvider extends ServiceProvider { /** * The policy mappings for the application. * * @var array */ protected $policies = [ // 'App\Model' => 'App\Policies\ModelPolicy', ]; /** * Register any authentication / authorization services. * * @return void */ public function boot() { $this->registerPolicies(); Passport::routes(); }}
第十步
app/Http/Controllers/UserController.php
<?phpnamespace App\Http\Controllers;use Illuminate\Http\Request;use App\Http\Requests\UserLoginRequest;use App\Http\Requests\UserRegisterRequest;use App\Repositories\User\UserRepositoryInterface;class UserController extends Controller { const SUCCUSUS_STATUS_CODE = 200; const UNAUTHORISED_STATUS_CODE = 401; public function __construct(UserRepositoryInterface $userRepository) { $this->userRepository = $userRepository; } public function login(UserLoginRequest $request) { $response = $this->userRepository->login($request); return response()->json($response["data"], $response["statusCode"]); } public function register(UserRegisterRequest $request) { $response = $this->userRepository->register($request); return response()->json($response["data"], $response["statusCode"]); } public function details() { $response = $this->userRepository->details(); return response()->json($response["data"], $response["statusCode"]); } public function logout(Request $request) { $response = $this->userRepository->logout($request); return response()->json($response["data"], $response["statusCode"]); } public function refreshToken(Request $request) { $response = $this->userRepository->refreshToken($request); return response()->json($response["data"], $response["statusCode"]); }}
第十一步
routes/api.php
<?phpuse Illuminate\Support\Facades\Route;Route::post('login', 'UserController@login');Route::post('register', 'UserController@register');Route::post('refreshtoken', 'UserController@refreshToken');Route::group(['middleware' => ['auth:api']], function () { Route::post('logout', 'UserController@logout'); Route::post('details', 'UserController@details');});
推荐教程:《Laravel教程》
以上就是Laravel Passport 构建 API 身份验证和授权的详细内容,更多请关注24课堂在线网其它相关文章!