Php API中的Laravel策略始终403未经授权_Php_Laravel_Authorization_Laravel Passport

Php API中的Laravel策略始终403未经授权

php laravel

Php API中的Laravel策略始终403未经授权,php,laravel,authorization,laravel-passport,Php,Laravel,Authorization,Laravel Passport,我尝试使用策略授权userController中的用户。我看了一些文档和一些教程，但它似乎无论如何都不起作用 api.php Route::resource('users', 'User\UserController', ['except' => ['create', 'edit']]); namespace App\Http\Controllers\User; use App\Http\Controllers\ApiController; use Illuminate\Http\Re

我尝试使用策略授权userController中的用户。我看了一些文档和一些教程，但它似乎无论如何都不起作用

api.php

Route::resource('users', 'User\UserController', ['except' => ['create', 'edit']]);

namespace App\Http\Controllers\User;

use App\Http\Controllers\ApiController;
use Illuminate\Http\Request;
use App\User;
use App\Mail\UserCreated;
use App\Mail\UserEmailUpdated;
use Illuminate\Support\Facades\Hash;
use Illuminate\Support\Facades\Mail;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\Gate;
class UserController extends ApiController
{
  public function __construct()
  {
    $this->middleware('can:view,user')->only('show');
    //$this->middleware('can:update,user')->only('update');
    //$this->middleware('can:delete,user')->only('destroy');
  }

    public function show(User $user)
    {
        //$this->authorize('view', $user);
        return $this->showOne($user);
    }

namespace App\Policies;

use App\User;
use App\Traits\AdminPolicyTrait;
use Illuminate\Auth\Access\HandlesAuthorization;

class UserPolicy
{
    use HandlesAuthorization;

    public function view(User $user, User $model)
    {
        //return $user->id === $model->id
        return true;
    }
}

namespace App\Providers;

use Illuminate\Foundation\Support\Providers\AuthServiceProvider as ServiceProvider;
use Illuminate\Support\Facades\Gate;
use Laravel\Passport\Passport;
use Carbon\Carbon;

class AuthServiceProvider extends ServiceProvider
{

    protected $policies = [
        App\User::class => App\Policies\UserPolicy::class,
    ];

    public function boot()
    {
        $this->registerPolicies();
    }
}

UserController.php

Route::resource('users', 'User\UserController', ['except' => ['create', 'edit']]);

namespace App\Http\Controllers\User;

use App\Http\Controllers\ApiController;
use Illuminate\Http\Request;
use App\User;
use App\Mail\UserCreated;
use App\Mail\UserEmailUpdated;
use Illuminate\Support\Facades\Hash;
use Illuminate\Support\Facades\Mail;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\Gate;
class UserController extends ApiController
{
  public function __construct()
  {
    $this->middleware('can:view,user')->only('show');
    //$this->middleware('can:update,user')->only('update');
    //$this->middleware('can:delete,user')->only('destroy');
  }

    public function show(User $user)
    {
        //$this->authorize('view', $user);
        return $this->showOne($user);
    }

namespace App\Policies;

use App\User;
use App\Traits\AdminPolicyTrait;
use Illuminate\Auth\Access\HandlesAuthorization;

class UserPolicy
{
    use HandlesAuthorization;

    public function view(User $user, User $model)
    {
        //return $user->id === $model->id
        return true;
    }
}

namespace App\Providers;

use Illuminate\Foundation\Support\Providers\AuthServiceProvider as ServiceProvider;
use Illuminate\Support\Facades\Gate;
use Laravel\Passport\Passport;
use Carbon\Carbon;

class AuthServiceProvider extends ServiceProvider
{

    protected $policies = [
        App\User::class => App\Policies\UserPolicy::class,
    ];

    public function boot()
    {
        $this->registerPolicies();
    }
}

UserPolicy.php

Route::resource('users', 'User\UserController', ['except' => ['create', 'edit']]);

namespace App\Http\Controllers\User;

use App\Http\Controllers\ApiController;
use Illuminate\Http\Request;
use App\User;
use App\Mail\UserCreated;
use App\Mail\UserEmailUpdated;
use Illuminate\Support\Facades\Hash;
use Illuminate\Support\Facades\Mail;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\Gate;
class UserController extends ApiController
{
  public function __construct()
  {
    $this->middleware('can:view,user')->only('show');
    //$this->middleware('can:update,user')->only('update');
    //$this->middleware('can:delete,user')->only('destroy');
  }

    public function show(User $user)
    {
        //$this->authorize('view', $user);
        return $this->showOne($user);
    }

namespace App\Policies;

use App\User;
use App\Traits\AdminPolicyTrait;
use Illuminate\Auth\Access\HandlesAuthorization;

class UserPolicy
{
    use HandlesAuthorization;

    public function view(User $user, User $model)
    {
        //return $user->id === $model->id
        return true;
    }
}

namespace App\Providers;

use Illuminate\Foundation\Support\Providers\AuthServiceProvider as ServiceProvider;
use Illuminate\Support\Facades\Gate;
use Laravel\Passport\Passport;
use Carbon\Carbon;

class AuthServiceProvider extends ServiceProvider
{

    protected $policies = [
        App\User::class => App\Policies\UserPolicy::class,
    ];

    public function boot()
    {
        $this->registerPolicies();
    }
}

AuthServiceProvider.php

Route::resource('users', 'User\UserController', ['except' => ['create', 'edit']]);

namespace App\Http\Controllers\User;

use App\Http\Controllers\ApiController;
use Illuminate\Http\Request;
use App\User;
use App\Mail\UserCreated;
use App\Mail\UserEmailUpdated;
use Illuminate\Support\Facades\Hash;
use Illuminate\Support\Facades\Mail;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\Gate;
class UserController extends ApiController
{
  public function __construct()
  {
    $this->middleware('can:view,user')->only('show');
    //$this->middleware('can:update,user')->only('update');
    //$this->middleware('can:delete,user')->only('destroy');
  }

    public function show(User $user)
    {
        //$this->authorize('view', $user);
        return $this->showOne($user);
    }

namespace App\Policies;

use App\User;
use App\Traits\AdminPolicyTrait;
use Illuminate\Auth\Access\HandlesAuthorization;

class UserPolicy
{
    use HandlesAuthorization;

    public function view(User $user, User $model)
    {
        //return $user->id === $model->id
        return true;
    }
}

namespace App\Providers;

use Illuminate\Foundation\Support\Providers\AuthServiceProvider as ServiceProvider;
use Illuminate\Support\Facades\Gate;
use Laravel\Passport\Passport;
use Carbon\Carbon;

class AuthServiceProvider extends ServiceProvider
{

    protected $policies = [
        App\User::class => App\Policies\UserPolicy::class,
    ];

    public function boot()
    {
        $this->registerPolicies();
    }
}

$this->middleware

和

$this->authorize

都不起作用。如果我从控制器中删除策略授权，则一切正常。另外，我在请求中从Passport传递个人访问令牌，它也可以正常工作。如果我故意在策略文件中输入错误，则会抛出错误，使策略似乎正确连接到控制器。

您很可能引用了错误的类。

AutheServiceProvider

的命名空间声明为

App\Providers

。除非另有别名，否则所有引用（不是完全限定类名）都是从声明的此命名空间引用的

App\User::class     would be   'App\Providers\App\User'

您需要为

应用程序

命名空间添加别名，为这些类添加别名或使用它们的FQCN

use App;
...
App\User::class

或

或-不太首选（使用FQCN的字符串）

欢迎来到苏。。。除非您在

AuthServiceProvider

中对

App

命名空间使用别名，否则您引用的类是错误的

App\User:：class

将指

App\Providers\App\User

，与

App\Policies\UserPolicy:：class

相同，我在每个文件中都有应用程序名称空间，只是没有将它们粘贴到此处是的，这是正确的解决方案，谢谢你，伙计，我只是假设名称空间是App，没有注意到这一点。谢谢