Laravel 当用户注销时,如何删除令牌?
我制作了一个UserController,当用户在页面上成功注册时,它会生成一个accessTokenLaravel 当用户注销时,如何删除令牌?,laravel,vue.js,Laravel,Vue.js,我制作了一个UserController,当用户在页面上成功注册时,它会生成一个accessToken class UserController extends Controller { /** * Login Method: in here we call Auth::attempt with the credentials the user supplied. * If authentication is successful, we create acces
class UserController extends Controller
{
/**
* Login Method: in here we call Auth::attempt with the credentials the user supplied.
* If authentication is successful, we create access tokens and return them to the user.
* This access token is what the user would always send along with all API calls to have access to the APIs.
* Register Method: like the login method, we validated the user information,
* created an account for the user and generated an access token for the user.
*/
public function login()
{
$credentials = [
'email' => request('email'),
'password' => request('password')
];
if (Auth::attempt($credentials)) {
$success['token'] = Auth::user()->createToken('MyApp')->accessToken;
return response()->json(['success' => $success]);
}
$status = 401;
$response = ['error' => 'Unauthorized'];
return response()->json($response, $status);
}
public function register(Request $request)
{
$validator = Validator::make($request->all(), [
'name' => 'required',
'email' => 'required|email',
'password' => 'required',
]);
if ($validator->fails()) {
return response()->json(['error' => $validator->errors()], 401);
}
$input = $request->all();
$input['password'] = bcrypt($input['password']);
$user = User::create($input);
$success['token'] = $user->createToken('MyApp')->accessToken;
$success['name'] = $user->name;
return response()->json(['success' => $success]);
}
public function getDetails()
{
return response()->json(['success' => Auth::user()]);
}
}
public function logout()
{
Auth::user()->tokens->each(function($token, $key) {
$token->delete();
});
return response()->json([
'message' => 'Logged out successfully!',
'status_code' => 200
], 200);
}
更新 这是我的api.php文件:
Route::resource('categories', 'App\Http\Controllers\CategoryController');
Route::post('register', 'App\Http\Controllers\UserController@register');
Route::post('login', 'App\Http\Controllers\UserController@login');
/**
* We can group the routes we need auth for
* under common middleware. It secures our routes
*/
Route::group(['middleware' => 'auth:api'], function(){
Route::get('logout', 'App\Http\Controllers\UserController@logout');
});
我正在邮递员中使用route:测试它,并将我从登录请求中获得的承载令牌作为值传递。在您的注销函数中,它应该使令牌过期,而不是删除它
public function logout(Request $request)
{
$request->user()->token()->revoke();
return response()->json([], Response::HTTP_NO_CONTENT);
}
use Illuminate\Support\Facades\Auth;
public function logout(Request $request)
{
$userTokens = Auth::user()->tokens();
foreach($userTokens as $token)
{
$token->revoke();
}
}
它应该是POST请求而不是GET请求,因为您正在删除/更改数据库 路线应如下所示:
Route::POST('logout', 'App\Http\Controllers\UserController@logout')->middleware('auth:api');
UserControllerpublic function logout()
{
auth()->user()->tokens->each(function ($token, $key) {
$token->delete();
});
return response()->json([
'message' => 'Logged out successfully!',
'status_code' => 200
], 200);
}
错误:对null或nil对象标记调用成员函数token()。不适用于meIt可能是因为您的注销请求不包含令牌。发送注销请求时,请确保您传递了令牌。我使用授权密钥和承载令牌作为值在邮递员中传递了令牌。请尝试这种方法。在Authorization->Type->选择Bear-Token,并在Token字段中仅通过access\u-Token,同时确保注销路由受到auth中间件的保护。因为用户必须先登录,然后才能注销。我更新了我答案上的注销路径。我尝试了两种方法。错误:调用上的成员函数token()null@Preefix,请检查第二个功能,我编辑了它。您是否已经在邮递员中为请求设置了承载令牌??身份验证中间件是否应用于注销路由?不要撤销令牌,因为每次用户登录时都将创建一个新令牌,并且当用户注销时,创建的令牌将设置为撤销(1)。它不会删除数据库中的令牌。现在想象一下桌子会变得多大。