[英]Laravel API with Bearer token - Middleware auth:api
I'm trying to create an API with Bearer Token but I can't figure it out:我正在尝试使用 Bearer Token 创建 API,但我无法弄清楚:
route::middleware('auth:api')
do route::middleware('auth:api')
做了什么route::middleware('auth:api')
route::middleware('auth:api')
的代码在哪里So, I have the following code in my Routes\\Api.php
file:所以,我的
Routes\\Api.php
文件中有以下代码:
Route::get('/login', function (Request $request)
{
if(Auth::guard()->attempt(['email' => $request->email, 'password' => $request->password]) == FALSE)
return response()->json(['status' => FALSE]);
$user = Users::select('id', 'name', 'api_token', 'created_at')->where('email', $request->email)->firstOrFail();
return response()->json(['status' => TRUE, 'user' => $user]);
});
Route::middleware('auth:api')->get('/bookings', function (Request $request)
{
return response()->json(['its working!']);
});
I'm able to successfully connect to the route /login
and retrieve the api_token
.我能够成功连接到路由
/login
并检索api_token
。 Now this token must be used in the /bookings
route in order to authenticate.现在必须在
/bookings
路由中使用此令牌才能进行身份验证。
I was hopping the middleware('auth:api')
verify my CURL headers for the Authorization: Bearer zzzzzzzzz
, but its not working.我正在使用
middleware('auth:api')
验证我的 CURL 标头以获取Authorization: Bearer zzzzzzzzz
,但它不起作用。
So basically I need to understand how do I change the code logic behind auth:api
or if I should create a new middleware and check for the request headers?所以基本上我需要了解如何更改
auth:api
背后的代码逻辑,或者我是否应该创建一个新的中间件并检查请求标头?
If you need custom code to handle authentication you should create your own middleware and authentication guard and use it instead of the default one that Laravel provides.如果您需要自定义代码来处理身份验证,您应该创建自己的中间件和身份验证防护并使用它而不是 Laravel 提供的默认代码。
What does the
route::middleware('auth:api')
doroute::middleware('auth:api')
做了什么
It states that the route should implement the middleware "auth" and the middleware group "api".它指出路由应该实现中间件“auth”和中间件组“api”。
Where's the code of
route::middleware('auth:api')
route::middleware('auth:api')
的代码在哪里
All middleware in Laravel is defined in app/Http/Kernel.php
. Laravel 中的所有中间件都在
app/Http/Kernel.php
定义。
In there you will probably see something like在那里你可能会看到类似的东西
protected $middlewareGroups = [
....,
'api' => [
'throttle:60,1',
'bindings',
],
];
and和
protected $routeMiddleware = [
...,
'auth' => \Illuminate\Auth\Middleware\Authenticate::class,
'bindings' => \Illuminate\Routing\Middleware\SubstituteBindings::class,
'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class,
];
This means that a route using the middleware auth:api
implements the api middleware group (in this case the ThrottleRequests
and SubstituteBinding
middleware) and the auth middleware ( Authenticate
).这意味着使用中间件
auth:api
的路由实现了 api 中间件组(在本例中为ThrottleRequests
和SubstituteBinding
中间件)和 auth 中间件( Authenticate
)。
The actual authentication guard used depends on the configuration in your auth.php
config file:实际使用的身份验证保护取决于
auth.php
配置文件中的配置:
'guards' => [
'api' => [
'driver' => 'token',
'provider' => 'users',
],
],
In the case above a TokenGuard is used ( laravel/framework/src/Illuminate/Auth/TokenGuard.php
).在上面的例子中,使用了 TokenGuard (
laravel/framework/src/Illuminate/Auth/TokenGuard.php
)。
So to answer your question, the code for the auth middleware can be found at因此,要回答您的问题,可以在以下位置找到身份验证中间件的代码
laravel/framework/src/Illuminate/Auth/Middleware/Authenticate.php
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.