基于Laravel令牌的用户身份验证?
[英]Laravel token based User Authentication?
问题描述
I have developed a web application using Laravel 5.1 and I am using Laravel Authentication for User Authorization and User Authentication. 
我使用Laravel 5.1开发了一个Web应用程序,我正在使用Laravel身份验证进行用户授权和用户身份验证。
And Now I want to Rest API for the same application with Token Based, stateless user Authorization. 现在,我希望Rest API用于基于令牌的无状态用户授权的相同应用程序。
Is there any way to do it directly with minimal modification in current code or using the same authorization for mobile applications but token based, if not then what is the quickest possible way to achieve this. 有没有办法直接进行,只需对当前代码进行最少的修改,或者对移动应用程序使用相同的授权,但基于令牌,如果没有,那么实现这一目标的最快方法是什么。
I have already checked oauth2-server-laravel But I don't think that, it will be useful in my case. 我已经检查过oauth2-server-laravel但是我不认为,这对我来说很有用。
Thanks in advance!!! 提前致谢!!!
2 个解决方案
解决方案1
1 已采纳 2015-11-26 14:12:54
You can use JWT-Auth for token based authentication on Laravel applications. 您可以在Laravel应用程序上使用JWT-Auth进行基于令牌的身份验证。 Refer to the documentation on how to use it. 请参阅有关如何使用它的文档 。
解决方案2
1 2015-11-27 11:09:57
I am adding this answer just addition to above answer 我在上面的回答中添加了这个答案
First, I have added "tymon/jwt-auth": "0.5.*" to my composer.json file and ran composer update for pulling the JWT-Auth . 首先,我在我的composer.json文件中添加了"tymon/jwt-auth": "0.5.*"并运行了composer update来拉取JWT-Auth 。
then, I have added check for Rest Request in my Authenticate Middleware and added JWT token validation for the request in authenticate Middleware 然后,我在我的Authenticate Middleware中添加了Rest请求检查,并在认证中间件中为请求添加了JWT令牌验证
public function handle($request, Closure $next)
{
if($request->has('token')){
$this->auth = JWTAuth::parseToken()->authenticate();
return $next($request);
}
else{
if ($this->auth->guest()) {
if ($request->ajax()) {
return response('Unauthorized.', 401);
} else {
return redirect()->guest('auth/login');
}
}
return $next($request);
}
}
Then I have Modified Login and added check for Rest Request and Returning Rest API token for Rest Requests 然后我进行了修改登录,并添加了Rest请求的Rest请求和返回Rest令牌的检查
if(isRestRequest){
// grab credentials from the request
$credentials = Input::only('email', 'password');
try {
// attempt to verify the credentials and create a token for the user
if (! $token = JWTAuth::attempt($credentials)) {
return Response::json(['error' => 'invalid_credentials'], 401);
}
} catch (JWTException $e) {
// something went wrong whilst attempting to encode the token
return Response::json(['error' => 'could_not_create_token'], 500);
}
// all good so return the token
return Response::json(compact('token'));
}
And rest everything is working as it was without much modification, even Auth::user() returns the User object with all the values. 休息一切正常,因为它没有太多修改,甚至Auth::user()返回带有所有值的User对象。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.