更新时间:2023-12-04 10:26:28
我使用一个简单的中间件成功地创建了多个身份验证(使用 laravel/passport).
I managed to create multiple auths (with laravel/passport) by using a simple middlware.
第一步:config/auth.php
将您的用户类添加到提供者
Add your user classes to providers
'guards' => [
'web' => [
'driver' => 'session',
'provider' => 'users',
],
'api' => [
'driver' => 'passport',
'provider' => 'basic_users', // default
],
],
...
'providers' => [
'users' => [
'driver' => 'eloquent',
'model' => AppUser::class,
],
'admin_users' => [
'driver' => 'eloquent',
'model' => AppAdminUser::class,
],
'basic_users' => [
'driver' => 'eloquent',
'model' => AppBasicUser::class,
],
],
通过 CLI 清理缓存
Clean the cache via CLI
php artisan config:cache
第 2 步:创建中间件
php artisan make:middleware AdminUserProvider
在app/Http/Middleware中打开新创建的中间件,更新hand方法如下
Open the newly created middleware in app/Http/Middleware and update the hand method like below
public function handle($request, Closure $next)
{
config(['auth.guards.api.provider' => 'admin_users']);
return $next($request);
}
第 3 步:注册您的中间件
将新创建的中间件添加到 $routeMiddleware
Add the newly created middleware to $routeMiddleware
protected $routeMiddleware = [
...
'auth.admin' => AppHttpMiddlewareAdminUserProvider::class,
];
并确保它位于 $middlewarePriority 的顶部
and make sure it's at the top of $middlewarePriority
protected $middlewarePriority = [
AppHttpMiddlewareAdminUserProvider::class,
...
];
第 4 步:向路由添加中间件
Route::group(['middleware' => ['auth.admin','auth:api']], function() {
第 5 步:登录控制器(AdminUserController 和 BasicUserController)
public function login()
{
$validatedData = request()->validate([
'email' => 'required',
'password' => 'required|min:6'
]);
// get user object
$user = AdminUser::where('email', request()->email)->first();
// do the passwords match?
if (!Hash::check(request()->password, $user->password)) {
// no they don't
return response()->json(['error' => 'Unauthorized'], 401);
}
// log the user in (needed for future requests)
Auth::login($user);
// get new token
$tokenResult = $user->createToken($this->tokenName);
// return token in json response
return response()->json(['success' => ['token' => $tokenResult->accessToken]], 200);
}
总结:
登录控制器使用 Eloquent 模型获取用户对象,然后通过 Auth::login($user) 登录用户
The login controllers use Eloquent models to get the user object and then log the user in through Auth::login($user)
然后对于需要身份验证的未来请求,新的中间件会将 api auth 防护提供程序更改为正确的类.
Then for future requests that need authentication, the new middleware will change the api auth guard provider to the correct class.