使用社交身份验证功能保护Lumen REST API的最佳方法
[英]Best way to secure Lumen REST API with Social Authentication Feature
问题描述
I am kinda new to building rest api with social authentication feature . 
我对构建具有社交身份验证功能的REST API有点陌生。
I will have a custom registration and login system of my lumen api and also social login and registration system. 我将拥有我的lumen api的自定义注册和登录系统,以及社交登录和注册系统。
I am confused about two things - 我对两件事感到困惑-
1. What is the best way to secure or implement authentication in Lumen REST API ? 1.在Lumen REST API中保护或实现身份验证的最佳方法是什么? (Like how people do it nowadays, using OAuth1.0a, OAuth2, OAuth, or simply Lumen Authentication with api_token or JWT or public key/private key) (就像当今人们如何使用OAuth1.0a,OAuth2,OAuth或仅通过api_token或JWT或公钥/私钥的Lumen身份验证来做到这一点一样)
2. If I want to add social login/registration feature in my Lumen REST API, which directions should I follow? 2.如果要在Lumen REST API中添加社交登录/注册功能,应遵循哪些指示? and for that do I need to structure my user table in database in a different way ? 为此,我需要以其他方式在数据库中构造用户表吗? and as those social media uses OAuth2, which authentication of Lumen will be adaptive for that feature's requirement. 并且由于这些社交媒体使用OAuth2,因此流明的身份验证将适应该功能的要求。
Currently I am using default authentication system of Lumen , with the user database structure - 目前,我正在使用Lumen的默认身份验证系统,用户数据库结构为-
- user_id 用户身份
- user_email user_email
- user_passowrd (Hashed) user_passowrd(哈希)
- user_api_token user_api_token
- user_status user_status
- user_created_at user_created_at
- user_updated_at user_updated_at
As you can see here I am not using any Auth Method, and expiration system of the token. 如您所见,我没有使用任何Auth方法和令牌的到期系统。
Any kind of help would be appreciated. 任何帮助将不胜感激。 Thanks in Advance ! 提前致谢 !
1 个解决方案
解决方案1
0 2018-06-30 04:21:05
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.