Laravel 圣所登录

Question

I need to create a login with Laravel 8 and Sanctum .我需要使用Laravel 8和Sanctum创建登录。 I have a Laravel application without Vue.js / React or Angular and I need to create tokens for api.我有一个没有Vue.js / React或Angular的Laravel应用程序，我需要为 Z8A5DA52ED126447D35AZE70C05A8A 创建令牌。

When I create a token, authorization on the API works great but doesn't work for the web.当我创建令牌时， API上的授权效果很好，但不适用于 web。

I just need to log in and then create a token that can be used for API and of course let the data be stored in the session or cookies so that he can use the web. I just need to log in and then create a token that can be used for API and of course let the data be stored in the session or cookies so that he can use the web.

Or can you recommend something to me about how it could be solved?或者你能向我推荐一些关于如何解决它的东西吗？

Answer 1

Laravel Sanctum is a new powerful package that makes authentication easier for different scenarios: Laravel Sanctum是一款新的强大的 package，它使不同场景的身份验证更容易：

Laravel Sanctum provides a featherweight authentication system for SPAs (single page applications), mobile applications, and simple, token based APIs. Laravel Sanctum 为 SPA（单页应用程序）、移动应用程序和简单的基于令牌的 API 提供轻量级的身份验证系统。 Sanctum allows each user of your application to generate multiple API tokens for their account. Sanctum 允许您的应用程序的每个用户为其帐户生成多个 API 令牌。 These tokens may be granted abilities / scopes which specify which actions the tokens are allowed to perform.这些令牌可以被授予指定允许令牌执行哪些操作的能力/范围。

The following Controller allows an user to login and create a token via Laravel sanctum:以下Controller允许用户通过 Laravel sanctum 登录并创建token ：

<?php

namespace App\Http\Controllers;

use App\Models\User;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Hash;

class AuthController extends Controller
{
   public function store(Request $request)
   {
      $request->validate([
         'email' => 'required|email',
         'password' => 'required',
         'device_name' => 'required',
      ]);

      $user = User::where('email', $request->email)->first();

      if (!$user || !Hash::check($request->password, $user->password)) {
         return response('Login invalid', 503);
      }

      return $user->createToken($request->device_name)->plainTextToken;
   }
}

We can register a route that will be managed by the Controller above:我们可以注册一个将由上面的Controller管理的route ：

// routes/web.php or routes/api.php
Route::post('/login', [AuthController::class, 'store']);
Route::group(['middleware' => 'auth:sanctum'], function () {
// Route that needs the user to be logged in
/*
Route
   ::get('/dashboard', [DashboardController::class, 'index'])
   ->name('dashboard');
      */
});

Therefore, the following POST request with valid credentials will return a token:因此，以下具有有效凭据的POST请求将返回一个令牌：

curl -d "email=admin&password=123&device_name=test" -X POST https://localhost:8000/login

Which we can then use to make the next authenticated API calls:然后我们可以使用它来进行下一个经过身份验证的API调用：

curl -i https://localhost:8000/dashboard \
  -H "Authorization: Bearer <TOKEN_FROM_PREVIUOS_COMMAND>" \

Laravel 圣所登录

问题描述

1 个解决方案

解决方案1
0 2020-12-29 14:14:10

Laravel 圣所登录

问题描述

1 个解决方案

解决方案1 0 2020-12-29 14:14:10

解决方案1
0 2020-12-29 14:14:10