stackoom
  简体   繁体   中英

Retrieve user by Sanctum plainTextToken

 原文  2020-07-01 21:35:35       laravel/ laravel-sanctum

Question

How to retrieve the 'logged in' user from a Sanctum token.

For logging in I have the following method

public function login(Request $request)
{
    if (Auth::attempt($request->toArray())) {

        /* @var User $user */
        $user = $request->user();

        $token = $user->createToken('web-token')->plainTextToken;

        return response()->json([
            'user' => $user,
            'token' => $token,
        ], Response::HTTP_OK);
    }
}

Now for logging out I use a custom method.

public function logout(Request $request)
{
    dd($request->user()); // <- Always returns null
}

I want to revoke the token, but I don't know how to retrieve the currently logged in user. Obviously for logging out I send the Authorization header with the Bearer and plainTextToken as value.

4 answers

solution1
 5  2021-01-28 12:14:57

for sure you have first add token in bearer token

and to get user out of sanctum middleware now token is optional

$user = auth('sanctum')->user();

than log out

if ($user) {
    $user->currentAccessToken()->delete();
}

note: this delete only current token

if u need all tokens use

foreach ($user->tokens as $token) {
     $token->delete();
}

solution2
 1  2022-04-27 09:38:12

If you don't use the default Sanctum middleware, you can get the user from the plain text token as follow:

use \Laravel\Sanctum\PersonalAccessToken;

/** @var PersonalAccessToken personalAccessToken */
$personalAccessToken = PersonalAccessToken::findToken($plainTextToken);

/** @var mixed $user */
$user = $personalAccessToken->tokenable;

solution3
 0  2020-10-01 05:51:07

simply add the route within middleware('auth:sanctum') grouped routes then from inside the targeted function you can get user like this auth()->user() or if you just want to log out the user you can revoke token like this $request->user()->currentAccessToken()->delete();

solution4
 -1  2020-07-01 21:56:22

Since you're sending the bearer/token to the Logout url you can try to override the logout function of the AuthenticatesUsers :

    /**
* Log the user out of the application.
*
* @param  \Illuminate\Http\Request  $request
* @return \Illuminate\Http\Response
*/
public function logout(Request $request)
{
    $this->guard()->logout();

    $request->user()->tokens()->delete();

    return redirect('/');
}

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Laravel Sanctum Retrieve PlainTextToken without creating a new token Why does Laravel Sanctum append token key to the plainTextToken? get user by sanctum token Laravel sanctum getting wrong user Getting user data with Laravel Sanctum Laravel sanctum getting the right user Laravel sanctum check if user is authenticated Laravel Sanctum Nuxt User Registration Error Laravel Sanctum check if user has tokens Laravel Sanctum - Logged in user best practise
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM