Laravel 和 jwt-auth。 如何检查用户电子邮件是否经过验证
[英]Laravel and jwt-auth. How to check if user email is verified
问题描述
I'm using Jwt auth: "tymon/jwt-auth": "0.5.*" in laravel.
我在 Laravel 中使用 Jwt auth: "tymon/jwt-auth": "0.5.*" 。 I need to add a check in it's login call of API to check if user email is verified or not.我需要在 API 的登录调用中添加一个检查,以检查用户电子邮件是否经过验证。 If not verified then return error message.如果未验证,则返回错误消息。
I'm unable to find the code of it.我找不到它的代码。 Where does "oauth/token" API call goes? “oauth/token”API 调用在哪里?
I'm unable to find it's code so that I can integrate that check there.我找不到它的代码,以便我可以在那里集成该检查。
3 个解决方案
解决方案1
1 2020-04-29 06:21:33
I had also faces the simile difficulty, and there is no direct solution for that, so after auth attempt I added my own method/logic to check the same.我也遇到过类似的困难,并且没有直接的解决方案,所以在auth attempt我添加了我自己的方法/逻辑来检查相同的问题。
Here is a sample code for that.这是一个示例代码。
public function login(Request $request)
{
try
{
$credentials = $request->only(['email', 'password']);
if (!$token = auth()->attempt($credentials))
{
return response()->json(['error' => 'invalid credentials'], 401);
}
//if you reached here then user has been authenticated
if (empty(auth()->user()->email_verified_at))
{
return response()->json(['error' => 'Your have not verified your email.'], 401);
}
return response()->json([
'access_token' => $token,
'token_type' => 'bearer',
'expires_in' => auth()->factory()->getTTL() * 60
], 200);
}
catch (JWTException $e)
{
// something went wrong whilst attempting to encode the token
return response()->json(['error' => 'could not create token'], 500);
}
}
Please Note: In the above example I used tymon/jwt-auth v1.0 & Laravel v7请注意:在上面的例子中,我使用了tymon/jwt-auth v1.0 & Laravel v7
Hope this helps!希望这可以帮助!
解决方案2
0 2018-11-30 21:44:55
I can make you direction how you can make it.我可以让你指导你如何做到。 Fistable add column in users table for example 'confirmed' and add it into fillable in User model. Fistable 在用户表中添加列,例如“已确认”并将其添加到用户模型中的可填写中。 That column will be 0 or false by default and 'validation_string' which be default null.该列默认为 0 或 false,'validation_string' 默认为 null。 And after user register send him a link to his mail.并在用户注册后向他发送一个链接到他的邮件。 And when he click into link he will visit your website link you will set that validation_string to be null and that user is valid.当他点击链接时,他将访问您的网站链接,您会将验证字符串设置为 null 并且该用户有效。 And when he will login he will get JWT token but before you generate him token, and after validation username/email with password check that 'confirmed' is it 1 or true.当他登录时,他将获得 JWT 令牌,但在您生成他的令牌之前,并在验证用户名/电子邮件和密码后检查“已确认”是 1 还是 true。 And that is that :)就是这样:)
解决方案3
0 2020-07-30 13:16:13
This will validate the data coming in, attempt a login, then check their email verification status.这将验证传入的数据,尝试登录,然后检查他们的电子邮件验证状态。
NOTE - I'm using custom helper methods for the response.注意 - 我正在使用自定义帮助程序方法进行响应。
/**
* Get a JWT via given credentials.
*
* @return \Illuminate\Http\JsonResponse
*/
public function login(Request $request)
{
$validator = Validator::make($request->all(), [
'email' => 'required|email:filter',
'password' => 'required|string|min:8',
]);
if ($validator->fails()) {
return $this->responseUnprocessable($validator->errors());
}
if (! $token = auth()->attempt($validator->validated())) {
return $this->responseUnauthorized();
}
if (! auth()->user()->hasVerifiedEmail()) {
return $this->responseForbidden('Please verify your email address before logging in. You may request a new link here [xyz.com] if your verification has expired.');
}
return $this->createNewToken($token);
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.