[英]Auth::user returns null (or Page Expired) in Laravel 5.8 via Stripe webhook
我无法让我的 Laravel 设置在我的 StripeController 中找到经过身份验证的用户。 我正在尝试设置 Stripe webhook 以在成功付款后执行操作。
我已经阅读了很多类似的问题,但是在尝试了我阅读过的修复之后,其中大多数都继续返回 null。
我最近的尝试是返回status code 419
和Page Expired
。
StripeController.php
class StripeController extends Controller
{
public function __construct(){
\Stripe\Stripe::setApiKey(env('STRIPE_SECRET'));
}
public function paymentSuccess()
{
// The commented code fetches the first User OK but I want the logged in user.
// $userDetails = User::first();
// $userDetails->is_subscribed = 1;
// $userDetails->save();
//This always returns null, as does any other user() command.
return Auth::user();
}
public function createSession(Request $request)
{
$session = \Stripe\Checkout\Session::create([
"success_url" => "https://www.mymarketingwizard.io/#/dashboard",
"cancel_url" => "https://example.com/cancel",
"payment_method_types" => ["card"],
"line_items" => [[
"name" => "Lifetime Access",
"description" => "Lifetime Access",
"amount" => 15000,
"currency" => "gbp",
"quantity" => 1
]]
]);
return $session;
}
我的登录脚本: AuthController.php
public function login(Request $request)
{
$request->validate([
'email' => 'required|string|email',
'password' => 'required|string'
]);
$credentials = request(['email', 'password']);
$credentials['active'] = 1;
$credentials['deleted_at'] = null;
if(!Auth::attempt($credentials))
return response()->json(['error' => 'unauthorized'],404);
$user = $request->user();
$tokenResult = $user->createToken('Personal Access Token');
$token = $tokenResult->token;
if ($request->remember_me)
$token->expires_at = Carbon::now()->addWeeks(1);
$token->save();
return response()->json([
'access_token' => $tokenResult->accessToken,
'token_type' => 'Bearer',
'expires_at' => Carbon::parse(
$tokenResult->token->expires_at
)->toDateTimeString()
]);
}
我已经阅读了很多关于这个问题的其他类似问题,许多指向'middleware' => 'web'
必须用于您要访问Auth::user
的地方,所以这是我的最新尝试:
api.php
Route::group(['prefix' => '/'], function () {
Route::group(['middleware' => 'web'], function () {
Route::auth();
Route::post('paymentSuccess','StripeController@paymentSuccess'); // Route I'm a hitting via Stripe
});
Route::post('login', 'AuthController@login');
Route::post('send-token', 'AuthController@sendToken');
Route::post('validate-token', 'AuthController@validateToken');
Route::post('reset-password', 'AuthController@resetPassword');
Route::group(['middleware' => 'auth:api'], function() {
Route::post('session','StripeController@createSession');
我还阅读了有关将'web'
类从middlewareGroups
组中移出并进入 Kernel.php 中的全局middleware
的其他解决方案,但这对我也不起作用。
Kernel.php
namespace App\Http;
use Illuminate\Foundation\Http\Kernel as HttpKernel;
class Kernel extends HttpKernel
{
/**
* The application's global HTTP middleware stack.
*
* These middleware are run during every request to your application.
*
* @var array
*/
protected $middleware = [
\App\Http\Middleware\CheckForMaintenanceMode::class,
\Illuminate\Foundation\Http\Middleware\ValidatePostSize::class,
\App\Http\Middleware\TrimStrings::class,
\Illuminate\Foundation\Http\Middleware\ConvertEmptyStringsToNull::class,
\App\Http\Middleware\TrustProxies::class,
\Spatie\Cors\Cors::class,
];
/**
* The application's route middleware groups.
*
* @var array
*/
protected $middlewareGroups = [
'web' => [
\App\Http\Middleware\EncryptCookies::class,
\Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class,
\Illuminate\Session\Middleware\StartSession::class,
\Illuminate\Session\Middleware\AuthenticateSession::class,
\Illuminate\View\Middleware\ShareErrorsFromSession::class,
\App\Http\Middleware\VerifyCsrfToken::class,
\Illuminate\Routing\Middleware\SubstituteBindings::class,
],
'api' => [
'throttle:60,1',
'bindings',
],
];
/**
* The application's route middleware.
*
* These middleware may be assigned to groups or used individually.
*
* @var array
*/
protected $routeMiddleware = [
'auth' => \App\Http\Middleware\Authenticate::class,
'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
'bindings' => \Illuminate\Routing\Middleware\SubstituteBindings::class,
'cache.headers' => \Illuminate\Http\Middleware\SetCacheHeaders::class,
'can' => \Illuminate\Auth\Middleware\Authorize::class,
'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class,
'signed' => \Illuminate\Routing\Middleware\ValidateSignature::class,
'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class,
'verified' => \Illuminate\Auth\Middleware\EnsureEmailIsVerified::class,
];
/**
* The priority-sorted list of middleware.
*
* This forces non-global middleware to always be in the given order.
*
* @var array
*/
protected $middlewarePriority = [
\Illuminate\Session\Middleware\StartSession::class,
\Illuminate\View\Middleware\ShareErrorsFromSession::class,
\App\Http\Middleware\Authenticate::class,
\Illuminate\Session\Middleware\AuthenticateSession::class,
\Illuminate\Routing\Middleware\SubstituteBindings::class,
\Illuminate\Auth\Middleware\Authorize::class,
];
}
Payment.vue这是我的 Vue 组件,它在首次创建组件时创建了 Stripe session。 当用户单击proceed to checkout
按钮时,将执行该方法。
methods: {
checkout() {
stripe
.redirectToCheckout({
sessionId: this.sessionId.id
})
.then(result => {
// If `redirectToCheckout` fails due to a browser or network
// error, display the localized error message to your customer
// using `result.error.message`.
})
}
},
created() {
api
.post('/session')
.then(response => {
this.sessionId = response.data
})
.catch(error => {
})
}
我的目标是更新我的用户表,说明处理付款的用户现在已订阅。
这通常发生在 CSRF 检查失败时。 在VerifyCsrfToken中间件中添加您的 webhook 端点作为例外:
protected $except = [
'paymentSuccess',
];
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.