且构网

分享程序员开发的那些事...
且构网 - 分享程序员编程开发的那些事
您所在的位置:首页 > Laravel Passport代币生成

Laravel Passport代币生成

更新时间:2023-12-04 10:52:28

请勿使用Guzzle HTTP创建内部请求,而是将请求转发至Passport路由,并且不要让用户发布安全性问题的客户端机密,并将其存储例如在以环境为背景的配置中

Do not use Guzzle HTTP to create internal requests, forward the request to Passport route instead, and do not let users post the client secret for security issues, store them in an env backed config for example

这就是我要怎么做

<?php

namespace App\Http\Controllers\Auth;

use Illuminate\Http\Request;
use App\Http\Controllers\Controller;
use Illuminate\Support\Facades\Route;
use Illuminate\Support\Facades\Validator;
use Illuminate\Foundation\Auth\AuthenticatesUsers;

class LoginController extends Controller
{
    /** @var Response $api_response Response returned from oauth */
    public $api_response = null;
    /*
    |--------------------------------------------------------------------------
    | Login Controller
    |--------------------------------------------------------------------------
    |
    | This controller handles authenticating users for the application and
    | redirecting them to your home screen. The controller uses a trait
    | to conveniently provide its functionality to your applications.
    |
    */

    use AuthenticatesUsers;

    public function __construct(Request $request)
    {
        $request->request->add([
            'username' => $request->email,
            'grant_type' => 'password',
            'client_id' => '2',
            'client_secret' => config('passport.client_secret'),
            'scope' => '',
        ]);
    }

    /**
     * Handle a login request to the application.
     *
     * @param  \Illuminate\Http\Request  $request
     * @return \Illuminate\Http\RedirectResponse|\Illuminate\Http\Response|\Illuminate\Http\JsonResponse
     *
     * @throws \Illuminate\Validation\ValidationException
     */
    public function login(Request $request)
    {
        $validation = $this->validateLogin($request);
        if ($validation->fails()) {
            return response(['error' => $validation->errors()], 401);
        }

        // If the class is using the ThrottlesLogins trait, we can automatically throttle
        // the login attempts for this application. We'll key this by the username and
        // the IP address of the client making these requests into this application.
        if ($this->hasTooManyLoginAttempts($request)) {
            $this->fireLockoutEvent($request);

            return $this->sendLockoutResponse($request);
        }
        if ($this->attemptLogin($request)) {
            return $this->sendLoginResponse($request);
        }

        // If the login attempt was unsuccessful we will increment the number of attempts
        // to login and redirect the user back to the login form. Of course, when this
        // user surpasses their maximum number of attempts they will get locked out.
        $this->incrementLoginAttempts($request);

        return $this->sendFailedLoginResponse($request);
    }

    /**
     * Validate the user login request.
     *
     * @param  \Illuminate\Http\Request  $request
     * @return void
     *
     * @throws \Illuminate\Validation\ValidationException
     */
    protected function validateLogin(Request $request)
    {
        return Validator::make($request->all(), [
            $this->username() => 'required|string',
            'password' => 'required|string',
        ]);
    }

    /**
     * Attempt to log the user into the application.
     *
     * @param  \Illuminate\Http\Request  $request
     * @return bool
     */
    protected function attemptLogin(Request $request)
    {
        // forward the request to the oauth token request endpoint
        $res = Route::dispatch(request()->create('oauth/token', 'POST', $this->credentials($request)));
        // Set api response for successful login
        $this->api_response = json_decode($res->getContent());
        // Return true or false based on response status code
        return $res->getStatusCode() === 200 ? true : false;
    }

    /**
     * Get the needed authorization credentials from the request.
     *
     * @param  \Illuminate\Http\Request  $request
     * @return array
     */
    protected function credentials(Request $request)
    {
        return $request->only('email', 'password', 'grant_type', 'client_id', 'client_secret', 'scope');
    }

    /**
     * The user has been authenticated.
     *
     * @param  \Illuminate\Http\Request  $request
     * @param  mixed  $user
     * @return mixed
     */
    protected function authenticated(Request $request, $user)
    {
        return response()->json(['success' => $this->api_response], 200);
    }

    /**
     * Get the failed login response instance.
     *
     * @param  \Illuminate\Http\Request  $request
     * @return \Symfony\Component\HttpFoundation\Response
     *
     */
    protected function sendFailedLoginResponse(Request $request)
    {
        return response([$this->username() => trans('auth.failed')], 401);
    }

    /**
     * Send the response after the user was authenticated.
     *
     * @param  \Illuminate\Http\Request  $request
     * @return \Illuminate\Http\Response
     */
    protected function sendLoginResponse(Request $request)
    {
        $this->clearLoginAttempts($request);
        return $this->authenticated($request, $this->guard()->user());
    }

    /**
     * Log the user out of the application.
     *
     * @param  \Illuminate\Http\Request  $request
     * @return \Illuminate\Http\Response
     */
    public function logout(Request $request)
    {
        $request->user()->token()->revoke();
        return $this->loggedOut($request);
    }
}

这应该是一种功能齐全且安全的方法,希望对您有所帮助

This should be a fully functional and secure approach, I hope this helps

上一篇 : :格式dojo DataGrid标题行下一篇 : 在控制台上的Windows上的java中打印回车

相关阅读

推荐文章

网站首页网站地图Copyright © 2021-2022 且购网

免责声明:本站文章部分来源于互联网,如有侵权请联系站长,我们将在72小时内删除。