Warning: file_get_contents(/data/phpspider/zhask/data//catemap/9/three.js/2.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
Php 在中间件Laravel 5.5中获取会话值_Php_Laravel - Fatal编程技术网
Fatal编程技术网
  • php/
  • Php 在中间件Laravel 5.5中获取会话值

Php 在中间件Laravel 5.5中获取会话值

php laravel

Php 在中间件Laravel 5.5中获取会话值,php,laravel,Php,Laravel,我已经创建了使用angular 4前端和Larvel后端创建Rest Api的Web应用程序 它使用中间件,使用令牌保护APi。 当用户从前端登录时,“令牌”在后端(laravel)生成,存储在会话中并发送响应。该令牌在登录到标题“Authorization”后通过每个请求发送 自定义控制器:LoginController use Session; class LoginController extends Controller { public function authenticat

我已经创建了使用angular 4前端和Larvel后端创建Rest Api的Web应用程序

它使用中间件,使用令牌保护APi。 当用户从前端登录时,“令牌”在后端(laravel)生成,存储在会话中并发送响应。该令牌在登录到标题“Authorization”后通过每个请求发送

自定义控制器:LoginController

use Session;
class LoginController extends Controller
{
    public function authenticate(Request $request)
    {
        //....validate user login data.....

        $token = md5(uniqid(rand(), true));
        Session::put('token', $token);
        // ....send token in response...
    }
}
中间件:rolemidware

use Session;
class RoleMiddleware
{
   public function handle($request, Closure $next)
   {
      $token = Session::get('token');
      //why token appears empty here
       $header = $request->header('Authorization');
     if($header == $token){
       return $next($request);
     }

   }
}

Api路线:

Route::post('login', 'Settings\LoginController@authenticate');
Route::get('users/get/{email}', 'UserController@profile')->middleware('token');
kernel.php:

class Kernel extends HttpKernel
{

  protected $middleware = [
          /////.........
               ......
               .....
          \Illuminate\Session\Middleware\StartSession::class,
   ];


protected $middlewareGroups = [
    'web' => [
        \App\Http\Middleware\EncryptCookies::class,
        \Illuminate\Session\Middleware\StartSession::class,
        \Illuminate\Session\Middleware\AuthenticateSession::class,
        \Illuminate\View\Middleware\ShareErrorsFromSession::class,
        \App\Http\Middleware\VerifyCsrfToken::class,
        \Illuminate\Routing\Middleware\SubstituteBindings::class,
    ],

    'api' => [
        \App\Http\Middleware\EncryptCookies::class,
        \Illuminate\Session\Middleware\StartSession::class,
        'throttle:60,1',
        'bindings',
    ],
];

/**
 * The application's route middleware.
 *
 * These middleware may be assigned to groups or used individually.
 *
 * @var array
 */
protected $routeMiddleware = [
    'auth' => \Illuminate\Auth\Middleware\Authenticate::class,
    'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
    'bindings' => \Illuminate\Routing\Middleware\SubstituteBindings::class,
    'can' => \Illuminate\Auth\Middleware\Authorize::class,
    'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class,
    'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class,
    'token' => \App\Http\Middleware\RoleMiddleware::class,
];
}
首先:
API身份验证
是无状态的,这意味着
会话/cookie
不用于对系统中的用户进行身份验证

Second:Laravel会话仅在web路由上启动,但是您可以将其切换为在api路由中启动,但我认为这不是正确的选择。不过,如果您想让它工作,请确保在启动RoleMiddle软件之前在api组上启动这些中间件

'api' => [
    \App\Http\Middleware\EncryptCookies::class,
    \Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class,
    \Illuminate\Session\Middleware\StartSession::class,
    \App\Http\Middleware\RoleMiddleware::class
    'throttle:60,1',
    'bindings',
];
Third:使用
[JWT Authentication][1]
,其中包括一个中间件,用于检查用户是否有权在api中执行操作

它的工作原理是在用户登录时生成JWT令牌并返回 把那个令牌放在你前面的地方 结束状态文件

因此,在向后端发送每个请求时,您都会发送JWT令牌,然后 JWT中间件将检查用户是否“登录”以执行特定任务 行动

好的,谢谢你的回复。但是如何在不使用用户模型的情况下生成jwt令牌呢?我正在使用查询生成器来管理数据库。