Laravel Sanctum 在不创建新令牌的情况下检索 PlainTextToken
[英]Laravel Sanctum Retrieve PlainTextToken without creating a new token
问题描述
I am creating a SPA with vue and laravel.
我正在用 vue 和 laravel 创建一个 SPA。 I know i can issue out tokens for every user and store it as a new entry on the database.我知道我可以为每个用户发出令牌并将其作为新条目存储在数据库中。 And from the documentation, I can only list out all the tokens available to a user in hashed format with laravel and the property $token->plainTextToken is not accessible from the eloquent query.从文档中,我只能使用 laravel 以散列格式列出用户可用的所有令牌,并且无法从 eloquent 查询访问属性$token->plainTextToken 。 I use both normal authentication and sanctum authentication and i sometimes have the need to give back the token to the user.我同时使用普通身份验证和密室身份验证,有时我需要将令牌返还给用户。 Must i issue out new tokens on every page refresh or is there a way to go about this?我必须在每次页面刷新时发出新令牌,还是有办法解决这个问题?
2 个解决方案
解决方案1
1 2020-12-03 11:15:11
I don't know if I understand your question correctly.我不知道我是否正确理解你的问题。 But do you intend to issue out the token to user after authentication?但是您是否打算在身份验证后向用户发出令牌?
The token is stored in the DB as you rightly stated.正如您正确所述,令牌存储在数据库中。 But what is stored is the hashed copy.但是存储的是散列副本。 The moment you have created the token, you can call the plainTextToken property to get the unhashed copy of the token.创建令牌的那一刻,您可以调用 plainTextToken 属性来获取未散列的令牌副本。 This is the one your vue app should send for authorization during each request.这是您的 vue 应用程序应在每个请求期间发送以进行授权的一个。
$token = $user->createToken('token-name')->plainTextToken;
This token value is what should be issued out to your vue app to store and use subsequently.这个令牌值是应该发给你的 vue 应用程序以便随后存储和使用的值。
Secondly, the value of $token that will be returned (as at Laravel <= 8.**) may likely contain the id of the table and the unhashed copy of the token.其次,将返回的 $token 值(如 Laravel <= 8.**)可能包含表的 id 和令牌的未散列副本。 For instance例如
4|92paqtuqnd92920101ijdkksksn 4|92paqtuqnd92920101ijdkksksn
You are to explode that string and only send the value after the pipe sign.您将分解该字符串并仅在管道符号之后发送值。 The first value there only shows the id of the table row.那里的第一个值仅显示表行的 id。
Lastly, I don't understand why the need to issue out new tokens after each page refresh.最后,我不明白为什么每次页面刷新后都需要发出新令牌。 Maybe I didn't understand your question correctly.也许我没有正确理解你的问题。 But you can simply pass the token back to your vue app in your response, or if it's a synchronous request, you can store it in session and pick it up when you need to.但是你可以简单地在你的响应中将令牌传递回你的 vue 应用程序,或者如果它是一个同步请求,你可以将它存储在会话中并在需要时获取它。
解决方案2
0 2021-01-28 12:46:18
there is way i think like bearer token有一种方式我认为像不记名令牌
$token = null;
$headers = apache_request_headers();
if(isset($headers['Authorization'])){
if (strpos($headers['Authorization'], 'Bearer') !== false) {
$token = str_replace('Bearer ', '',$headers['Authorization']);
}
}
it will return given token它将返回给定的令牌
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.