Php 我可以使用具有laravel身份验证结构的api进行身份验证吗?
我想制作一个用于前端和管理面板的API,使用Laravel身份验证结构(带make:auth)和API身份验证(带Passport)来管理所有操作 我的“routes/api.php”文件 我的Auth\LoginController文件Php 我可以使用具有laravel身份验证结构的api进行身份验证吗?,php,laravel,oauth-2.0,laravel-passport,Php,Laravel,Oauth 2.0,Laravel Passport,我想制作一个用于前端和管理面板的API,使用Laravel身份验证结构(带make:auth)和API身份验证(带Passport)来管理所有操作 我的“routes/api.php”文件 我的Auth\LoginController文件 <?php namespace App\Http\Controllers\Admin\Auth; use App\Http\Controllers\Controller; use Illuminate\Foundation\Auth\Authenti
<?php
namespace App\Http\Controllers\Admin\Auth;
use App\Http\Controllers\Controller;
use Illuminate\Foundation\Auth\AuthenticatesUsers;
use Illuminate\Http\Request;
class LoginController extends Controller
{
/*
|--------------------------------------------------------------------------
| Login Controller
|--------------------------------------------------------------------------
|
| This controller handles authenticating users for the application and
| redirecting them to your home screen. The controller uses a trait
| to conveniently provide its functionality to your applications.
|
*/
use AuthenticatesUsers;
/**
* Where to redirect users after login.
*
* @var string
*/
protected $redirectTo = '/admin';
/**
* Create a new controller instance.
*
* @return void
*/
public function __construct()
{
$this->middleware('guest')->except('logout');
}
/**
* Show the application's login form.
*
* @return \Illuminate\Http\Response
*/
public function showLoginForm()
{
return view('admin.auth.login');
}
public function logout(Request $request)
{
auth()->logout();
session()->flash('message', 'Some goodbye message');
return redirect()->route('admin.login');
}
}
Route::group(['namespace' => 'Admin', 'prefix' => 'admin', 'as' => 'api.admin.'], function () {
Route::post('login', 'Auth\LoginController@login')->name('login');
Route::post('logout', 'Auth\LoginController@logout')->name('logout');
Route::group(['middleware' => 'auth:api'], function () {
//
});
});
谢谢大家。尝试将会话作为中间件单独添加到$middlewareGroup中 它应该包含\lighting\Session\Middleware\StartSession::class,
protected $middlewareGroups = [
'web' => [
\App\Http\Middleware\EncryptCookies::class,
\Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class,
\Illuminate\Session\Middleware\StartSession::class,
\Illuminate\View\Middleware\ShareErrorsFromSession::class,
\App\Http\Middleware\VerifyCsrfToken::class,
],
'api' => [
'throttle:60,1',
],
'sessions' => [
\Illuminate\Session\Middleware\StartSession::class,
]
];
Route::group(['middleware' => ['sessions']], function () {
Route::resource(...);
});
这是可能的,尽管这比切换登录url要复杂一些。您将访问,以便用户可以使用其现有的电子邮件和密码凭据进行身份验证 您无需启用会话即可使其工作。基本的缺点是将电子邮件和密码发布到一个路由,该路由将请求代理到OAuth2服务器。您将把身份验证和刷新令牌中继回用户,然后用户负责使用
Authorization:Bearer longEncryptedTokenher…CreateFreshAPITokes密码$http = new GuzzleHttp\Client;
$response = $http->post('http://your-app.com/oauth/token', [
'form_params' => [
'grant_type' => 'password',
'client_id' => 'client-id',
'client_secret' => 'client-secret',
'username' => 'taylor@laravel.com',
'password' => 'my-password',
'scope' => '',
],
]);
return json_decode((string) $response->getBody(), true);
从开始,您是否打算发出
postRoute::getRoute::group(['middleware' => ['sessions']], function () {
Route::resource(...);
});
$http = new GuzzleHttp\Client;
$response = $http->post('http://your-app.com/oauth/token', [
'form_params' => [
'grant_type' => 'password',
'client_id' => 'client-id',
'client_secret' => 'client-secret',
'username' => 'taylor@laravel.com',
'password' => 'my-password',
'scope' => '',
],
]);
return json_decode((string) $response->getBody(), true);