堆栈内存溢出
  简体   繁体   English

laravel 护照:请求 user() 在 auth:api 中间件之外返回 null,在返回用户对象内部

[英]laravel passport: Request user() returning null outside auth:api middleware, and inside returning user object

 原文  2017-09-08 06:56:20       php/ laravel

问题描述

When I am tring to get loggedin user details using auth:api middleware, it returns user object with details in my controller function.当我试图使用 auth:api 中间件获取登录用户详细信息时,它会在我的控制器函数中返回包含详细信息的用户对象。

api.php (with auth:api middleware returns User object)

Route::group(['middleware' => 'auth:api'], function() {
    Route::get('users/mentor_details/{uuid}','UserController@getMentorProfileDetails');
});

But when I am trying to get loggedin user details outside this auth:api middleware, it returns null.但是,当我尝试在此 auth:api 中间件之外获取登录用户详细信息时,它返回 null。

api.php (without auth:api middleware return null)

Route::get('users/mentor_details/{uuid}','UserController@getMentorProfileDetails');

4 个解决方案

解决方案1
 48 已采纳  2017-09-08 07:54:59

When the auth middleware is not provided, or is provided without specifying the guard, the default guard is used to determine the user.当没有提供 auth 中间件,或者提供了没有指定守卫时,使用默认守卫来确定用户。 Unless you have changed this in your config/auth.php file, the default guard is the web guard.除非您在config/auth.php文件中更改了此设置,否则默认防护是web防护。

So, when you go to a route that is not protected by a specific auth middleware, the user that is loaded is the one provided by the web guard.因此,当您转到不受特定身份验证中间件保护的路由时,加载的用户是web警卫提供的用户。

Therefore, even though you may be sending the bearer token to use a specific user, the web guard doesn't know anything about that, and since you have no user logged in via the web guard, you are getting a null user.因此,即使您可能正在发送不记名令牌以使用特定用户,但web Guard 对此一无所知,并且由于您没有通过web Guard 登录的用户,您将获得一个null用户。

You've got four options:你有四个选择:

  1. Make sure the route is protected by the auth:api middleware, which specifies the api guard.确保路由受到auth:api中间件的保护,该中间件指定了api保护。 This, however, will not allow guests to access the url.但是,这将不允许客人访问该网址。

  2. Change your default guard to api in your config/auth.php file.config/auth.php文件中将默认保护更改为api This is probably not what you want to do, especially if you do have normal web users.这可能不是您想要做的,尤其是如果您确实有普通的网络用户。

  3. Tell the request you want the user from the api guard.api守卫告诉你想要用户的请求。 The $request->user() method takes a guard as an argument, so if you do $request->user('api') , it will retrieve the user using the api guard. $request->user()方法需要一个守卫作为参数,所以如果你执行$request->user('api') ,它将使用api守卫检索用户。

  4. Get the user from the api guard directly: auth()->guard('api')->user() .直接从api guard 获取用户: auth()->guard('api')->user()

解决方案2
 3  2017-09-08 07:15:39

The auth middleware is the one returning the user. auth 中间件是返回用户的中间件。 auth:api just indicates to use the API guard. auth:api 只是表示使用 API 防护。 In the source code of laravel, the file vendor/laravel/framework/src/Illuminate/Auth/Middleware/Authenticate.php line 62 , the function shouldUse is the one setting the Auth::user() object.在 laravel 的源代码中,文件vendor/laravel/framework/src/Illuminate/Auth/Middleware/Authenticate.php62行,函数 shouldUse 是设置 Auth::user() 对象的函数。 Check out also vendor/laravel/framework/src/Illuminate/Auth/AuthManager.php shouldUse function还可以查看vendor/laravel/framework/src/Illuminate/Auth/AuthManager.php shouldUse 函数

解决方案3
 0  2021-02-12 12:36:22

override createToken() method app\Models\User.php like below.覆盖 createToken() 方法 app\Models\User.php 如下所示。

public function createToken($user_id,$name, array $scopes = [])
{
    return Container::getInstance()->make(PersonalAccessTokenFactory::class)
    ->make(
        $user_id, $name, $scopes
    );
}

And create token as given below wherever you want and explicitly pass $user_id.并在您想要的任何地方创建如下所示的令牌并显式传递 $user_id。

$user= new user();
$accessToken = $user->createToken($user_id,'authToken')->accessToken;

Now you will get $request->user()现在你会得到 $request->user()

解决方案4
 0  2022-06-29 07:14:37

override register() method app\Exceptions\Handler.php like below-覆盖 register() 方法 app\Exceptions\Handler.php 如下 -

public function register() {公共功能寄存器(){

$this->renderable(function (\Illuminate\Auth\AuthenticationException $e, $request) {
    if ($request->is('api/*')) {
        return response()->json([
            'message' => 'Not authenticated'
        ], 401);
    }
});

} }

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 Auth 用户在 auth api 护照之外显示 Null - Auth user showing Null in outside of auth api passport Laravel 5.2 - > 5.3 Auth :: user()返回null - Laravel 5.2 -> 5.3 Auth::user() returning null Laravel $ request-> all()在中间件句柄函数内返回null - Laravel $request->all() returning null inside the middleware handle function Laravel 5.3中间件(Auth :: user())= null - Laravel 5.3 middleware (Auth::user()) = null Laravel auth :: guard('web')-> user()在身份验证中间件中为null - Laravel auth::guard('web')->user() is null in auth middleware Laravel Passport“auth:api”中间件充当“web,auth”中间件 - Laravel Passport “auth:api” middleware acts as “web, auth” middleware 如何在 Laravel 中全局访问当前登录的用户,Auth::user() 返回 null - How to access currently logged in user globally in Laravel, Auth::user() returning null Laravel 5.4 Passport 日志用户操作(可选 auth:api) - Laravel 5.4 Passport Log user action (Optional auth:api) Laravel 中间件 - 跳过护照验证 - Laravel Middleware - Skip Passport Auth Laravel 6 - auth()->user()||Auth::user() 在禁用 verifycsrfToken 中间件的路由上不起作用,返回空对象 - Laravel 6 - auth()->user()||Auth::user() not working on a route where verifycsrfToken middleware is disabled, return empty object
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM