Json REST api与laravel 4和sentry 2的认证
我正在用laravel 4和sentry 2构建一个RESTful API,我尝试用方法postSignin创建API,但失败。更正为postSignin中的beg 这是过滤器和路线 过滤器Json REST api与laravel 4和sentry 2的认证,json,api,rest,laravel,cartalyst-sentry,Json,Api,Rest,Laravel,Cartalyst Sentry,我正在用laravel 4和sentry 2构建一个RESTful API,我尝试用方法postSignin创建API,但失败。更正为postSignin中的beg 这是过滤器和路线 过滤器 Route::filter('api', function() { // Check if the user is logged in if ( ! Sentry::check()) { return Response::json(array('
Route::filter('api', function()
{
// Check if the user is logged in
if ( ! Sentry::check())
{
return Response::json(array('digle'=> array(
'status' => 1,
'desc' => 'Unauthorized',
)));
}
});
Route::group(array('prefix' => 'api/v1','before' => 'api'), function()
{
//Test
Route::get('/', array('as'=>'/', 'uses'=>'ApiTestController@getIndex'));
//Login
Route::get('signin', array('uses' => 'ApiTestController@getSignin'));
Route::post('signin', 'ApiTestController@postSignin');
//Logout
Route::get('logout', array('uses' => 'ApiTestController@getLogout'));
});
路线
Route::filter('api', function()
{
// Check if the user is logged in
if ( ! Sentry::check())
{
return Response::json(array('digle'=> array(
'status' => 1,
'desc' => 'Unauthorized',
)));
}
});
Route::group(array('prefix' => 'api/v1','before' => 'api'), function()
{
//Test
Route::get('/', array('as'=>'/', 'uses'=>'ApiTestController@getIndex'));
//Login
Route::get('signin', array('uses' => 'ApiTestController@getSignin'));
Route::post('signin', 'ApiTestController@postSignin');
//Logout
Route::get('logout', array('uses' => 'ApiTestController@getLogout'));
});
控制器
/**
* Route /signin
*
* @return Response POST
*/
public function postSignin()
{
//Declare the rules for the form validation
$rules = array(
'email' => 'required|email',
'password' => 'required|between:3,32',
);
// Create a new validator instance from our validation rules
$validator = Validator::make(Input::all(), $rules);
// If validation fails, we'll exit the operation now.
if ($validator->fails())
{
// Ooops.. something went wrong
//return Redirect::back()->withInput()->withErrors($validator);
return Response::json(array('digle' => array(
'Error' => 'error',
)));
}
try
{
$userdata = array(
'email' => Input::get('email'),
'password'=> Input::get('password')
);
// Try to log the user in
Sentry::authenticate($userdata, false);
return Response::json(array('digle' => array(
'status' => 0,
'desc' => 'succes'
)));
}
catch (Cartalyst\Sentry\Users\UserNotFoundException $e)
{
return Response::json(array('digle' => array(
'status' => $this->messageBag->add('email', Lang::get('auth/message.account_not_found'))
)));
}
catch (Cartalyst\Sentry\Users\UserNotActivatedException $e)
{
return Response::json(array('digle' => array(
'status' => $this->messageBag->add('email', Lang::get('auth/message.account_not_activated'))
)));
}
catch (Cartalyst\Sentry\Throttling\UserSuspendedException $e)
{
return Response::json(array('digle' => array(
'status' => $this->messageBag->add('email', Lang::get('auth/message.account_suspended'))
)));
}
catch (Cartalyst\Sentry\Throttling\UserBannedException $e)
{
return Response::json(array('digle' => array(
'status' => $this->messageBag->add('email', Lang::get('auth/message.account_banned'))
)));
}
//something went wrong
return Response::json(array('digle' => array(
'status' => 0
)));
}
使用params email和password发出get请求,然后我使用postman或restclient测试代码您的before=>'api'过滤器对于登录路径是活动的 筛选器阻止运行“@postSignin”操作,因此您将始终看到筛选器生成的“未经授权”响应
解决方案:您必须将“登录”路由移到“api”组之外,或者将该操作从sentry check筛选的组中排除 代替GET请求,执行POST请求。@RubensMariuzzo你能实现吗?你能精确地知道Laravel返回了什么错误吗?返回结果以过滤传入的哨兵,因为他不能检查用户这是其返回“status”=>1,“desc”=>“Unauthorized”的结果,