stackoom
  简体   繁体   中英

Token based simple authentication in Laravel (No passport)

 原文  2020-04-12 19:21:18       laravel

Question

I am new to laravel and creating a REST API. The client of the API will be mobile app only. There is no front end view to be shown in browser. I have created the routes and the controllers to handle API requests. Furthermore I deleted the Users table (created by laravel) because I do not need an Web interface etc.

I just want simple token based authentication at this stage ( I am aware there is passport authentication) but I can not even understand that at this stage.

There is only one table in the project.

Candidates (id (PK), name, phone, details)

mobile app users are candidates also, should I create a token column in this table? and manually create token at the time of register API and return it back as response?

Please any simple guide or directions will help, I have search quite a bit online and there seems to be quite a lot many topics that show up such as guards, providers, passport which I am struggling to get. Thanks, Elliot.

1 answers

solution1
 0  2020-04-12 19:53:04

First of all, you didn't need to delete the users table. You can use it for api auth too. You just need to create a seperate token table. However, if you want to implementit manually you need to do a lot of things manually.

This is a huge thing to impelement manually and it's not possible to describe it in a single answer. I will try my best to explain it as simply as I can.

You have to create a authentication system yourself that is for login. Define a middleware to check the authorization of the token sent from client to check the validity of every request (this is the guard part).

Also keep track of the token expiry time. Refreshing the token after each expiry needs to be done too (this is the provider part).

Now there are a lot things inside. Like keeping track of the device the request is coming from, providing different tokens for differenet devices for a single user etc.

If you are into learning how everything works then you can try to build one yourself. But if you plan on deploying it to a professional website, I would suggest try to get accustomed with passport. Reinventing the wheel is really not necessary. I hope it gives you a basic idea. If you have any more questions feel free to comment.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Token based authentication vs JWT or passport laravel? Laravel API Authentication - Passport Token Laravel passport authentication and token generation Simple authentication using Laravel Passport Laravel Passport API Authentication not working with Bearer Token How to create Token-Based Authentication(oauth2) for AngularJS and Laravel Apps via passport create laravel passport token based on project Laravel token based User Authentication? Laravel Passport - oauth/token gives Client authentication failed Laravel Passport token lifetime
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM