堆栈内存溢出
  繁体   English   中英

Auth::user 通过 Stripe webhook 在 Laravel 5.8 中返回 null(或页面已过期)

[英]Auth::user returns null (or Page Expired) in Laravel 5.8 via Stripe webhook

 原文  2019-09-21 08:39:20       php/ laravel/ stripe-payments

问题描述

我无法让我的 Laravel 设置在我的 StripeController 中找到经过身份验证的用户。 我正在尝试设置 Stripe webhook 以在成功付款后执行操作。

我已经阅读了很多类似的问题,但是在尝试了我阅读过的修复之后,其中大多数都继续返回 null。

我最近的尝试是返回status code 419Page Expired

StripeController.php

class StripeController extends Controller
{

    public function __construct(){
      \Stripe\Stripe::setApiKey(env('STRIPE_SECRET'));

    }

    public function paymentSuccess()
    {
      // The commented code fetches the first User OK but I want the logged in user.

      // $userDetails = User::first();
      // $userDetails->is_subscribed = 1;
      // $userDetails->save();

      //This always returns null, as does any other user() command.
      return Auth::user();  
    }

    public function createSession(Request $request)
    {

        $session =  \Stripe\Checkout\Session::create([
          "success_url" => "https://www.mymarketingwizard.io/#/dashboard",
          "cancel_url" => "https://example.com/cancel",
          "payment_method_types" => ["card"],
          "line_items" => [[
            "name" => "Lifetime Access",
            "description" => "Lifetime Access",
            "amount" => 15000,
            "currency" => "gbp",
            "quantity" => 1
          ]]
        ]);

        return $session;

      }

我的登录脚本: AuthController.php

 public function login(Request $request)
   {
       $request->validate([
           'email' => 'required|string|email',
           'password' => 'required|string'
       ]);
       $credentials = request(['email', 'password']);
       $credentials['active'] = 1;
       $credentials['deleted_at'] = null;

       if(!Auth::attempt($credentials))

        return response()->json(['error' => 'unauthorized'],404);


       $user = $request->user();
       $tokenResult = $user->createToken('Personal Access Token');
       $token = $tokenResult->token;
       if ($request->remember_me)
           $token->expires_at = Carbon::now()->addWeeks(1);
       $token->save();
       return response()->json([

           'access_token' => $tokenResult->accessToken,
           'token_type' => 'Bearer',
           'expires_at' => Carbon::parse(
               $tokenResult->token->expires_at
           )->toDateTimeString()
       ]);
   }

我已经阅读了很多关于这个问题的其他类似问题,许多指向'middleware' => 'web'必须用于您要访问Auth::user的地方,所以这是我的最新尝试:

api.php

Route::group(['prefix' => '/'], function () {

  Route::group(['middleware' => 'web'], function () {

      Route::auth();

 Route::post('paymentSuccess','StripeController@paymentSuccess'); // Route I'm a hitting via Stripe
  });

    Route::post('login', 'AuthController@login');
    Route::post('send-token', 'AuthController@sendToken');
    Route::post('validate-token', 'AuthController@validateToken');
    Route::post('reset-password', 'AuthController@resetPassword');

    Route::group(['middleware' => 'auth:api'], function() {
        Route::post('session','StripeController@createSession');

我还阅读了有关将'web'类从middlewareGroups组中移出并进入 Kernel.php 中的全局middleware的其他解决方案,但这对我也不起作用。

Kernel.php


namespace App\Http;

use Illuminate\Foundation\Http\Kernel as HttpKernel;

class Kernel extends HttpKernel
{
    /**
     * The application's global HTTP middleware stack.
     *
     * These middleware are run during every request to your application.
     *
     * @var array
     */
    protected $middleware = [
        \App\Http\Middleware\CheckForMaintenanceMode::class,
        \Illuminate\Foundation\Http\Middleware\ValidatePostSize::class,
        \App\Http\Middleware\TrimStrings::class,
        \Illuminate\Foundation\Http\Middleware\ConvertEmptyStringsToNull::class,
        \App\Http\Middleware\TrustProxies::class,
        \Spatie\Cors\Cors::class,


    ];

    /**
     * The application's route middleware groups.
     *
     * @var array
     */
    protected $middlewareGroups = [
        'web' => [
            \App\Http\Middleware\EncryptCookies::class,
            \Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class,
            \Illuminate\Session\Middleware\StartSession::class,
            \Illuminate\Session\Middleware\AuthenticateSession::class,
            \Illuminate\View\Middleware\ShareErrorsFromSession::class,
            \App\Http\Middleware\VerifyCsrfToken::class,
            \Illuminate\Routing\Middleware\SubstituteBindings::class,

        ],

        'api' => [

            'throttle:60,1',
            'bindings',
        ],
    ];

    /**
     * The application's route middleware.
     *
     * These middleware may be assigned to groups or used individually.
     *
     * @var array
     */
    protected $routeMiddleware = [
        'auth' => \App\Http\Middleware\Authenticate::class,
        'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
        'bindings' => \Illuminate\Routing\Middleware\SubstituteBindings::class,
        'cache.headers' => \Illuminate\Http\Middleware\SetCacheHeaders::class,
        'can' => \Illuminate\Auth\Middleware\Authorize::class,
        'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class,
        'signed' => \Illuminate\Routing\Middleware\ValidateSignature::class,
        'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class,
        'verified' => \Illuminate\Auth\Middleware\EnsureEmailIsVerified::class,

    ];

    /**
     * The priority-sorted list of middleware.
     *
     * This forces non-global middleware to always be in the given order.
     *
     * @var array
     */
    protected $middlewarePriority = [
        \Illuminate\Session\Middleware\StartSession::class,
        \Illuminate\View\Middleware\ShareErrorsFromSession::class,
        \App\Http\Middleware\Authenticate::class,
        \Illuminate\Session\Middleware\AuthenticateSession::class,
        \Illuminate\Routing\Middleware\SubstituteBindings::class,
        \Illuminate\Auth\Middleware\Authorize::class,
    ];
}

Payment.vue这是我的 Vue 组件,它在首次创建组件时创建了 Stripe session。 当用户单击proceed to checkout按钮时,将执行该方法。

 methods: {
    checkout() {
      stripe
        .redirectToCheckout({

          sessionId: this.sessionId.id
        })
        .then(result => {
          // If `redirectToCheckout` fails due to a browser or network
          // error, display the localized error message to your customer
          // using `result.error.message`.
        })
    }
  },
   created() {
    api
      .post('/session')
      .then(response => {
        this.sessionId = response.data
      })
      .catch(error => {
      })
  }

我的目标是更新我的用户表,说明处理付款的用户现在已订阅。

1 个解决方案

解决方案1
 0  2021-05-20 14:55:17

这通常发生在 CSRF 检查失败时。 VerifyCsrfToken中间件中添加您的 webhook 端点作为例外:

    protected $except = [
        'paymentSuccess',
    ];

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 Auth::user() 在 Laravel 5.8 中返回 null 多重身份验证Auth :: user()显示空Laravel 5.8 令牌会话到期时将用户重定向到登录页面-Laravel 5.8 Auth::user() 在 Laravel 中返回 null Laravel webhook 上的身份验证用户 Laravel 5.8 - 419 页面已过期 - docker 容器 419 页面已过期 Laravel 5.8 - 登录后 laravel Auth::user() 认证后返回 null Laravel 5.8,Auth::user() 未使用用户 model Laravel 8 授权返回 null
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM