Warning: file_get_contents(/data/phpspider/zhask/data//catemap/0/laravel/10.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
Laravel 如何使用同一身份验证保护[Lumen]对多种类型的用户进行身份验证_Laravel_Authentication_Jwt_Middleware_Lumen - Fatal编程技术网
Fatal编程技术网
  • laravel/
  • Laravel 如何使用同一身份验证保护[Lumen]对多种类型的用户进行身份验证

Laravel 如何使用同一身份验证保护[Lumen]对多种类型的用户进行身份验证

laravel authentication jwt

Laravel 如何使用同一身份验证保护[Lumen]对多种类型的用户进行身份验证,laravel,authentication,jwt,middleware,lumen,Laravel,Authentication,Jwt,Middleware,Lumen,我正在使用Lumen 8开发一个API应用程序。我有3种类型的用户。对于他们,我使用3种不同的型号。我使用的是JWT身份验证[packege-tymon/JWT auth] 这是我的Auth.php配置。我使用3种类型的auth-guard return [ 'defaults' => [ 'guard' => env('AUTH_GUARD', 'user'), 'passwords' => 'users', ], 'guards' => [

我正在使用Lumen 8开发一个API应用程序。我有3种类型的用户。对于他们,我使用3种不同的型号。我使用的是JWT身份验证[packege-tymon/JWT auth]

这是我的Auth.php配置。我使用3种类型的auth-guard

return [
'defaults' => [
    'guard' => env('AUTH_GUARD', 'user'),
    'passwords' => 'users',
],

'guards' => [
    'user' => [
        'driver' => 'jwt',
        'provider' => 'users',
    ],
    'vendor_user' => [
        'driver' => 'jwt',
        'provider' => 'vendor_users',
    ],
    'super_user' => [
        'driver' => 'jwt',
        'provider' => 'super_users',
    ],
],

'providers' => [
    'users' => [
        'driver' => 'eloquent',
        'model' => \App\Models\User::class
    ],
    'vendor_users' => [
        'driver' => 'eloquent',
        'model' => \App\Models\VendorUser::class
    ],
    'super_users' => [
        'driver' => 'eloquent',
        'model' => \App\Models\SuperUser::class
    ]
],
'passwords' => [
    'users' => [
        'provider' => 'users',
        'table' => 'password_resets',
        'expire' => 60,
        'throttle' => 60,
    ],
    'vendor_users' => [
        'provider' => 'vendor_users',
        'table' => 'password_resets',
        'expire' => 60,
        'throttle' => 60,
    ],
    'super_users' => [
        'provider' => 'super_users',
        'table' => 'password_resets',
        'expire' => 60,
        'throttle' => 60,
    ],
],
'password_timeout' => 10800,
])

对于登录,我使用3种不同的路由,使用上面提到的auth-guard

    protected function login(Request $request, $guard = 'user')
{
    //validate incoming request
    $this->validate($request, [
        'email' => 'required|string',
        'password' => 'required|string',
    ]);

    $credentials = $request->only(['email', 'password']);

    if (! $token = Auth::guard($guard)->attempt($credentials)) {
        return response()->json(responseFormat(ERROR,___('Unauthorized')), 401);
    }

    return $this->respondWithToken($token);
}

public function userLogin(Request $request)
{
    return $this->login($request,'user');
}

public function superUsersLogin(Request $request)
{
    return $this->login($request,'super_user');
}

public function vendorUsersLogin(Request $request)
{
    return $this->login($request,'vendor_user');
}
我已经设法从所有3种类型的用户那里获得了成功登录的令牌

但是当我使用authenticate中间件对所有用户进行身份验证时,我面临一个问题

public function handle($request, Closure $next, $guard = null)
{
    if ($this->auth->guard($guard)->guest()) {
        return response(responseFormat(ERROR,'Unauthorized.'), 401);
    }

    return $next($request);
}



    public function handle(Request $request, Closure $next, ...$guards)
    {
        $guards = empty($guards) ? [null] : $guards;
        $credentials = $request->only('email','password');
        foreach ($guards as $guard) {
            if (Auth::guard($guard)->attempt($credentials)) {
                Auth::shouldUse($guard);
            }
        }
        return $next($request);
    }
它仅适用于默认的身份验证保护类型用户(即用户保护)。如果我想对其他用户类型进行身份验证,我必须使用不同的路由,并说明要使用哪个身份验证保护

$router->group(['middleware' => 'auth','prefix' => 'api'], function ($router)
{
    $router->get('/send-email', 'EmailController@sendEmail');
    $router->get('/users', 'UsersController@users');


});
$router->group(['middleware' => 'auth:vendor_user','prefix' => 'api/vendor'], function ($router)
{
    $router->get('/send-email', 'EmailController@sendEmail');
    $router->get('/users', 'UsersController@users');

});
$router->group(['middleware' => 'auth:super_user','prefix' => 'api/super_user'], function ($router)
{
    $router->get('/send-email', 'EmailController@sendEmail');
    $router->get('/users', 'UsersController@users');

});
是否有任何方法可以验证同一路由的所有3种类型的用户?这样我就不必为每种类型的用户选择不同的路线

$router->group(['middleware' => 'auth','prefix' => 'api'], function ($router)
{
    $router->get('/send-email', 'EmailController@sendEmail');
    $router->get('/users', 'UsersController@users');
});
与此类似,所有3种类型的用户都可以使用API,并通过相同的身份验证卫士或其他方式进行身份验证

BS:我必须为3种类型的用户使用3个不同的表。

创建一个单独的中间件来尝试凭证。然后,设置Auth应该使用的默认保护。你不必通过警卫就能登录

登录控制器

    public function  __construct()
    {
        $this->middleware('SetAuthGuard:user')->except('logout');
        $this->middleware('SetAuthGuard:vendor_users')->except('logout');
        $this->middleware('SetAuthGuard:super_users')->except('logout');
    }
SetAuthGuard中间件

public function handle($request, Closure $next, $guard = null)
{
    if ($this->auth->guard($guard)->guest()) {
        return response(responseFormat(ERROR,'Unauthorized.'), 401);
    }

    return $next($request);
}



    public function handle(Request $request, Closure $next, ...$guards)
    {
        $guards = empty($guards) ? [null] : $guards;
        $credentials = $request->only('email','password');
        foreach ($guards as $guard) {
            if (Auth::guard($guard)->attempt($credentials)) {
                Auth::shouldUse($guard);
            }
        }
        return $next($request);
    }