Laravel框架 之 Passport
2018-04-28 本文已影响150人
诺之林
本文的示例代码参考passport
目录
开始
composer create-project laravel/laravel passport && cd passport
- 生成数据库
php artisan migrate
- 填充表假数据
php artisan make:seed UsersTableSeeder
vim database/seeds/UsersTableSeeder.php
<?php
use Illuminate\Database\Seeder;
use App\User;
class UsersTableSeeder extends Seeder
{
public function run()
{
// 生成数据集合
$users = factory(User::class)
->times(2)
->make();
// 让隐藏字段可见,并将数据集合转换为数组
$user_array = $users->makeVisible(['password', 'remember_token'])->toArray();
// 插入到数据库中
User::insert($user_array);
// 单独处理第一个用户的数据
$user = User::find(1);
$user->name = 'test1';
$user->email = 'test1@test.com';
$user->save();
$user = User::find(2);
$user->name = 'test2';
$user->email = 'test2@test.com';
$user->save();
}
}
vim database/seeds/DatabaseSeeder.php
<?php
use Illuminate\Database\Seeder;
class DatabaseSeeder extends Seeder
{
public function run()
{
$this->call(UsersTableSeeder::class);
}
}
php artisan db:seed
关于填充数据库测试用数据 更多可以参考Laravel框架 之 RememberMe
passport
- 添加依赖
composer require laravel/passport
Tips: passport和laravel有版本兼容性问题 由于这里都是最新版本 所以暂无特殊处理
vim config/app.php
return [
'providers' => [
/*
* Package Service Providers...
*/
Laravel\Passport\PassportServiceProvider::class,
],
];
- 生成数据库和密钥
php artisan migrate
Migrating: 2016_06_01_000001_create_oauth_auth_codes_table
Migrated: 2016_06_01_000001_create_oauth_auth_codes_table
Migrating: 2016_06_01_000002_create_oauth_access_tokens_table
Migrated: 2016_06_01_000002_create_oauth_access_tokens_table
Migrating: 2016_06_01_000003_create_oauth_refresh_tokens_table
Migrated: 2016_06_01_000003_create_oauth_refresh_tokens_table
Migrating: 2016_06_01_000004_create_oauth_clients_table
Migrated: 2016_06_01_000004_create_oauth_clients_table
Migrating: 2016_06_01_000005_create_oauth_personal_access_clients_table
Migrated: 2016_06_01_000005_create_oauth_personal_access_clients_table
php artisan passport:keys
ls storage/*.key
# storage/oauth-private.key storage/oauth-public.key
- 创建客户端
php artisan passport:client --password --name='another-client'
Password grant client created successfully.
Client ID: 1
Client Secret: 71EopGdX3SBkXMIguJptHnry8iCY7rPyYvdfjp0J
- 注册路由
vim app/Providers/AuthServiceProvider.php
<?php
namespace App\Providers;
use Carbon\Carbon;
use Illuminate\Foundation\Support\Providers\AuthServiceProvider as ServiceProvider;
use Laravel\Passport\Passport;
class AuthServiceProvider extends ServiceProvider
{
protected $policies = [
'App\Model' => 'App\Policies\ModelPolicy',
];
public function boot()
{
$this->registerPolicies();
Passport::routes();
Passport::tokensExpireIn(Carbon::now()->addDays(15));
Passport::refreshTokensExpireIn(Carbon::now()->addDays(30));
}
}
令牌
- 启动服务
sudo sh -c "echo '192.168.10.10 passport.test' >> /etc/hosts"
php artisan serve
- 获取访问令牌
curl -X POST \
http://passport.test/oauth/token \
-H 'content-type: multipart/form-data' \
-F grant_type=password \
-F client_id=1 \
-F client_secret=71EopGdX3SBkXMIguJptHnry8iCY7rPyYvdfjp0J \
-F username=test1@test.com \
-F password=secret \
-F 'scope=*' | json
{
"token_type": "Bearer",
"expires_in": 1295999,
"access_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImp0aSI6ImMzY2Q5YjYxYWM3Zjg0N2VhYmRkNzZjZDg1MDk5M2Y0ZDJiNjFkNzc3NzMxNmZkZGE4NjhkNGRmODNjODI5Mzk5Y2E3Y2YwMGMwYWMyOTY4In0.eyJhdWQiOiIxIiwianRpIjoiYzNjZDliNjFhYzdmODQ3ZWFiZGQ3NmNkODUwOTkzZjRkMmI2MWQ3Nzc3MzE2ZmRkYTg2OGQ0ZGY4M2M4MjkzOTljYTdjZjAwYzBhYzI5NjgiLCJpYXQiOjE1MjQ4ODM2MTUsIm5iZiI6MTUyNDg4MzYxNSwiZXhwIjoxNTI2MTc5NjE0LCJzdWIiOiIxIiwic2NvcGVzIjpbIioiXX0.BXEQHDwZn6kiNaZcmerGpjkfP4mmhixAw-VsYjkqYuExrt4fbrazi7WvOUGI16Dfr78Mg9S47kqp4vVcpf_PfEpqStrEH8JbuiZmvfHmQLZAPnp2ylZtSrXlgMR2vnLWPYaj8KuaAhuWpuCOSLJrsF1dZKJfmrRCId0ie0jFdzl23hiEUTk-pTxzkou0Yi5QGsk7b9gjKdY2MlAxpR7Q_UeYyhry5ldQSfohJiwFrOisCcAKHpRLJp90Esv-y8JaagFbafieykvqXWnETr-g9rr7loNOjsvErebineA2dJr-UrHfw3CDD929bhbFRlFfV2TAwX1P9C7L6TeMYpI1Y-OFkfMCvkhndVHu9wseZxujoaVEfFY6Z-ncnYu2NZTZ-AzY0itp18UYgjLISD3HyHb2gLSD18BtI_0YdIc1QgU6n-JuiPVq50cbMBa45Ooke6-JdZqh3dlxV9PcXK1x5IYvO3lbtdma6xL8NvSpjw9CPIqDzlQsbZe8hICOAR_eZHtLDYaSYta36P5wjbW99bc3s_Up2GwdYm2pi3Oyjw9IoMuEDaG7a3Y2SdquYXwl2aYwMMFJnAiRjCin_z5clqopKUrh8R21t352oZtGfijUCmAn8COzhwxtnb9h53nMjir1iiF_65rx_rD2ahIsqYtfEBYoMoHs7ZLJ9ldt67A",
"refresh_token": "def50200db1442c83c79c1869344dc06357df84ec6e59dabf656190513b90a9ea866c825a6ec999932f1860479b1b24ed92f4c12ff14f8431aaf4f01dc3311f88643727ca7ea98ac5203571df7b36c985a2401487b2cac804c187ca144292dfb616ac082fdcc3cce9a16ef0e1a366ee48cdfef1de869727cfa178970576fb81473f8b833ea20f63e78d867376138a053a184b2c775b562cedee0bb6e41d533393119a8e78bce69f46a8eafe5c6cdea827c621f3b8a3a384b4a88431235dd73854bedf87f80cb6e38bb85c3ab7270def4cd37e740a401efd98f6172a8d7e97250ded874460dc28b7f59ef9261156d8494fbdcf5b9e9440f14f220372688f4ed4169423695564866f27413367ab88e5c092b18e295867455a67e0dc17a0ab8dfd1880173d64c0dbc03432f58c7bf6e3369e6816ef39763937096c62f958a41413b0006d18db18ee5748c6a80a2eac45a0b901a2847177e4dbb8680c434dee34bfc0c2b7647"
}
- 刷新访问令牌
curl -X POST \
http://passport.test/oauth/token \
-H 'content-type: multipart/form-data' \
-F grant_type=refresh_token \
-F client_id=1 \
-F client_secret=71EopGdX3SBkXMIguJptHnry8iCY7rPyYvdfjp0J \
-F refresh_token=def50200db1442c83c79c1869344dc06357df84ec6e59dabf656190513b90a9ea866c825a6ec999932f1860479b1b24ed92f4c12ff14f8431aaf4f01dc3311f88643727ca7ea98ac5203571df7b36c985a2401487b2cac804c187ca144292dfb616ac082fdcc3cce9a16ef0e1a366ee48cdfef1de869727cfa178970576fb81473f8b833ea20f63e78d867376138a053a184b2c775b562cedee0bb6e41d533393119a8e78bce69f46a8eafe5c6cdea827c621f3b8a3a384b4a88431235dd73854bedf87f80cb6e38bb85c3ab7270def4cd37e740a401efd98f6172a8d7e97250ded874460dc28b7f59ef9261156d8494fbdcf5b9e9440f14f220372688f4ed4169423695564866f27413367ab88e5c092b18e295867455a67e0dc17a0ab8dfd1880173d64c0dbc03432f58c7bf6e3369e6816ef39763937096c62f958a41413b0006d18db18ee5748c6a80a2eac45a0b901a2847177e4dbb8680c434dee34bfc0c2b7647 \
-F 'scope=*' | json
{
"token_type": "Bearer",
"expires_in": 1296000,
"access_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImp0aSI6IjdkOTY2YmVhMmI3ZTA3ZDA3ZDM0ODc5NWU0YjFmMzQyZWI2MjlkZjE1ZjllYWY1ZTdhYjQ4MDZiMTcwNGQ0NDg1OGY5ZTI2NzA4Yjg3YmQxIn0.eyJhdWQiOiIxIiwianRpIjoiN2Q5NjZiZWEyYjdlMDdkMDdkMzQ4Nzk1ZTRiMWYzNDJlYjYyOWRmMTVmOWVhZjVlN2FiNDgwNmIxNzA0ZDQ0ODU4ZjllMjY3MDhiODdiZDEiLCJpYXQiOjE1MjQ4ODM4MTgsIm5iZiI6MTUyNDg4MzgxOCwiZXhwIjoxNTI2MTc5ODE4LCJzdWIiOiIxIiwic2NvcGVzIjpbIioiXX0.GMYpkgxHYKSHaGov6MXxbcR8uK4xqERlBmbq5dPXrvu2I9mvgYMDQ8DGDjKqK6YOW7quyzmZWMHLwO4Mc76GUOHV2rihsMVdz37tkTOeqR5bVT9Jlq6BmJtyOqEXiYFYxr6PPPOt8rDdWNgG91Qv9XyKLReUJh9_aGcXYdTXpyAw4v6WOnTaHYOVzcfs6JS353RnJK7dzJlaQaTeISj-lAMkXbD8yVQsc7Hi2WdJtSVG28BQHafJbw4cHri-n-UXtpubTFaXL4zs1mncopwlJvldgLkKRyroVlahgpRYj0zSSV3sRyGupdy5zAEaRGhJHSCo0rX3FvJu9AC5FylEZkPXZCAh-aCAR8jydHunrCYwJqvDVvb2lHuPXZ-4twrB5UcmJz9Af4vDyRcl50gSlhzmZVZAzLxsORuFXqLz5YLwHwIckIHnoTvzT36J3rd02qYY609RIfufZ5tlJQ-wfpztyP0dQF0kyr3iBTJp3HuOgijYfJhYEZmGiQhSHCOm3yVah05UPmAo4nkDHV-mLgt-4z6Ub_z49b10Qg7M-sS2QxmdSgQXfkC58H8fg2UwxTyE3t2wcbMJVAceeDNGSeAODEC-CLFeKFrcwYJiHd5DoAxHn2h7xrptuaDKMLrcmI41xrqlous7Kb62OoagDdsKmdAurJ7_ZHK2D9qZYpg",
"refresh_token": "def502002d4b90e6650bf4a9c1d0a10cef609ccb5a2b39d3cd0873b0985ae65fc7ce80eabf62c1367b0ad561bed1f25d8ecd1203d390c9a21391d2e46692f8764e3898c77a14ce2dec28e6f0e0e3546e1547ed0f597219bf527eb8bfecf38f1f27f87100efe02f44a6a2424cdf65a9fe508094eb27322a40279876fc5861d16b268a17ddbca1ad3d8f143bc81048b57cad300921f64ac6f0922a2f41761e1a5f3f59f33aaf9bc8d97eb094dcc07477e3f4306f746b06565463b0286a20379096b8a6a464bd77716add9fce005f2a95dd84b53d50d0174e34d3629e0250a64388c1451094d1c3d18329e8ddd49c495062ad23b7a48499572adac2f7f78800b90d3cab2e199eca89d667f0f6ba56ecd587aba343672c1a12ad159b0b3100b2c1e7b4f4d2051a65fbcf40c118966bee1bad031105b2a9ef159e4eae05c9c2d570a67f8400a5cc066abb727e6bfe0adfd1cd348018c89d1bfbec4c58b03f52b8070a6dc8ae93"
}
路由
上述 基于默认路由(oauth/token)和控制器
下面 我们自定义路由和控制器
- 添加依赖
vim composer.json
"require": {
"dingo/api": "2.0.0-alpha1"
}
composer update
php artisan vendor:publish --provider="Dingo\Api\Provider\LaravelServiceProvider"
vim .env
# add api config to .env
API_STANDARDS_TREE=prs
API_SUBTYPE=queue
API_PREFIX=api
API_VERSION=v1
API_DEBUG=true
- 获取访问令牌
php artisan make:controller Api/AuthorizationsController
vim app/Http/Controllers/Api/AuthorizationsController.php
<?php
namespace App\Http\Controllers\Api;
use App\Http\Controllers\Controller;
use League\OAuth2\Server\AuthorizationServer;
use League\OAuth2\Server\RequestTypes\AuthorizationRequest;
use Psr\Http\Message\ServerRequestInterface;
use Zend\Diactoros\Response as Psr7Response;
class AuthorizationsController extends Controller
{
public function store(AuthorizationRequest $originRequest, AuthorizationServer $server, ServerRequestInterface $serverRequest)
{
try {
return $server->respondToAccessTokenRequest($serverRequest, new Psr7Response)->withStatus(201);
} catch(OAuthServerException $e) {
return $this->response->errorUnauthorized($e->getMessage());
}
}
}
vim routes/api.php
<?php
$api = app('Dingo\Api\Routing\Router');
$api->version('v1', [
'namespace' => 'App\Http\Controllers\Api'
], function($api) {
$api->post('authorizations', 'AuthorizationsController@store')
->name('api.authorizations.store');
});
curl -X POST \
http://passport.test/api/authorizations \
-H 'content-type: multipart/form-data' \
-F grant_type=password \
-F client_id=1 \
-F client_secret=71EopGdX3SBkXMIguJptHnry8iCY7rPyYvdfjp0J \
-F username=test1@test.com \
-F password=secret \
-F 'scope=*' | json
{
"token_type": "Bearer",
"expires_in": 1296000,
"access_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImp0aSI6IjA5Y2UyOWM2YTcwZDNkNWIxMmJiMjIwMjM5OTFjMDA1YjdkNjk1MmU4ODhkODY0OTI2NjcyNmZiYmI3MzFkYWM2Yzk0Y2JlMjZhYjZjYjhiIn0.eyJhdWQiOiIxIiwianRpIjoiMDljZTI5YzZhNzBkM2Q1YjEyYmIyMjAyMzk5MWMwMDViN2Q2OTUyZTg4OGQ4NjQ5MjY2NzI2ZmJiYjczMWRhYzZjOTRjYmUyNmFiNmNiOGIiLCJpYXQiOjE1MjQ4OTUxMDEsIm5iZiI6MTUyNDg5NTEwMSwiZXhwIjoxNTI2MTkxMTAxLCJzdWIiOiIxIiwic2NvcGVzIjpbIioiXX0.IVgrE609UbYQEM9wrBrhDjCBTXFavCAgZoKRYHTJoTC6hcCUnl-EyR_osI8H3IHoo_Dj1P99l8hm5FS8HKwbQE6FzMXcZqn2ZsyAtWZuTPGpfTy6FStJfItqNo8RQVUhaYyhhWJHEMJ_M0ZFlffET6CI2mrlaR1JUz-h-CWQ50Qff2cy1qDfQdKVIvhcxiaI34j30YfnrLlo28yw-DSNWq7y9SrR34vBn2sDgJ_xHKNgjb2r05zedw2ltLmn8Sia2TpN-x-rsqP4HAE5g4vvElec95WeYkSDiNti0vhSDTL8XjhbxvOG5Io5evXZbXguM93fefZgFSh6sRXdJEHTFoDKVZKUBo8FaXeJIk5RbktItveRUDiM_btzL1597G2Ga3nSTWFap8S5unnjOtT_IPMl2ktMAV4lVRrcwNNlUEczh4PG1k2Ls16Q_JT_FnfuDmN1Oxrk7dlUse5gsBc2c9hAIOUACdkMmPd2FOsfesNV5V4i7N3Svw42X93sySbEaHAMrwxi_4l3We7fyg7N_8fv0xdGHHRV-n-7mQgscYliMwu22er3w0F-d4EO-rsCJv9hgakd2o2mHWq-9WTwXlzUDEqQ3oMUbgoRjxtEZtbeihrfrSjHTD15XkiZaYCBYfC1C_BeL74B--hIR1wrndDwekKGEjIbDgNpX5hcrqk",
"refresh_token": "def50200a83789f4799987a7ce73ea10b975b668ffcef39bba96be9094355e24d3dfe0d06b6e26b29666c3463e1b709425d36a74e8d5d99902fa4faaace5b4e0fc322f3966035956bb3c7134d5aa43c92d93444db26689dbf58a87ba0c7f232e877db40c18d189fc13a066523fdd6aff1e77117be27cb4b2689e82bf7a5f048bae51d1d2a01cc34f8304e8364fa195bd462aa4311d89f516d9b2af2d5d211963e1e5ea3d2010fcaa882824142a87d0c8f9b0bf62af05d95b093c007aaeec051d26f4738b7af04f67f05aab60e5a9fb4cf9310b043fc28fcd3f8986ba0c9a64f351fdd191d8403e2264481bb69547594b3a58bc3cadd954c3636c54eda0bb3244f506827bb3ec731e4febb9356e35433c02cb37487aa23434d748f577d6cbd72772e8567e5eb626ecab283aefc5f3e0084e94ac419eaadc372672d4c4eb0845690d8e9e6be0fb24f02ffcbdef95e22257794136c006edfc17bf80f88ffedb1870b7db79e0"
}
- 刷新访问令牌
vim app/Http/Controllers/Api/AuthorizationsController.php
// 省略了未修改代码
public function update(AuthorizationServer $server, ServerRequestInterface $serverRequest)
{
try {
return $server->respondToAccessTokenRequest($serverRequest, new Psr7Response);
} catch(OAuthServerException $e) {
return $this->response->errorUnauthorized($e->getMessage());
}
}
// 省略了未修改代码
vim routes/api.php
// 省略了未修改代码
// 刷新token
$api->put('authorizations/current', 'AuthorizationsController@update')
->name('api.authorizations.update');
// 省略了未修改代码
curl -X PUT \
http://passport.test/api/authorizations/current \
-H 'content-type: application/x-www-form-urlencoded' \
-d 'grant_type=refresh_token&client_id=1&client_secret=71EopGdX3SBkXMIguJptHnry8iCY7rPyYvdfjp0J&refresh_token=def5020088a11bdf29cddb7faa67ca3667f4ea3786565fbb914dd6b30d7a558fb5bd2fca0b6f9356b5d7a5034a9ea9c7b19bbea91b00fbd4fe8fb23c974ac4957057b77a42201c0b31b656d801f30c29e109e982d39270fa8f0bb7391a484b45c86b49118249377d38b68e0c9bf1de1d3ffc9b36fef7b6a95a8a0de507bfd2e85b3fb7ee8f620449e75a21ef857b6eb33e026b85466b5936e551caf61135b824a9ac4842c80f693e794bdcd387ad1a04d43e59457e479fbad2895709b8039382d4f435690476a4abb28ddf46e9eb0279b9be97e72fb5496d515662f3432aaa01f0b77f3973ee045ac66280d881e20d6b83335f1c60f17c7881123e395182bace5e500acf7e60db2281f51804fd2d1fa38b967594878c9972a63422ccca8e6e46d9580336a96ddc985895b0a8e6aab0eb05f9fd3f72c52086ce28f27e0e8ef52960961c0a610a5b560d121207aea337fc5fe2e6cb92134d15e6df0ab9f721b50626be44e9' | json
{
"token_type": "Bearer",
"expires_in": 1295999,
"access_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImp0aSI6IjBiOGJjZTY0NmI0MTE4MzEyYTU1YTkzZDAzN2YwZGRiMzhmYWUzMDFiYTM1NTE5YzQ2ZDRiMDAwNWRlMTBiM2QzNTZiY2U0MjhkODVlN2FiIn0.eyJhdWQiOiIxIiwianRpIjoiMGI4YmNlNjQ2YjQxMTgzMTJhNTVhOTNkMDM3ZjBkZGIzOGZhZTMwMWJhMzU1MTljNDZkNGIwMDA1ZGUxMGIzZDM1NmJjZTQyOGQ4NWU3YWIiLCJpYXQiOjE1MjQ4OTU3MDQsIm5iZiI6MTUyNDg5NTcwNCwiZXhwIjoxNTI2MTkxNzAzLCJzdWIiOiIxIiwic2NvcGVzIjpbIioiXX0.ewegrKxu1GQvnHww9NcuPKIRI7ws4T26xjzQYIRjBN9YGYJGyz036Q6YsgKm_tyMFfiCyXGBoYKBD509lzRO5Mulz6ljw5FpvdesCGg7NA0NYXWa-K3BgVSUg8Y2cu0PlAmfQJ3XL_eFydt7Bj170c3eErzF3LVL9G46UdTEU90mqcGX6TjS05mMM5fmsFWjyCFNPTp7qSdbFhEaj4EI9oY720V_252Rzm0ld7vDruAtQp3zbd8XHU4hSE6B0jK7HthgcluomIlp3aLB2ete1JaNDiIKyosk-17hZlp00fWXw16RTx7wRWHf-FemiiA2zvgqzboOrV1karOiDBcbk-efGOVs9L953UM8v0kGfTIvLaCgp7dBB_zT0FrVdLbiJukumhPh4mnGmAsAs-dzgi6BCduNOAK-7Iq_1r9lNIEqy8A4beJJcYxD4MjzBwAslKcM54rQBE58fivaY8f19_zzGShVJaV9hzzh1aGyqIj1fLzGeNnTz6edvj30l_5qmAWDkPdEid08YWSTIYz9lk4Ei8f9r31WZj9c8aDOjxa760j-yrr9Igm7d07jEOf1q3ctVkt8Hmzrl95MYy4iwcuLruF5zcAhS5shEeNVSiVCvNa7WErpqFyMevD478Lddtn4aOITZB0hZJJtT1wDGBWuC7rbdkAKNxAc5vc-j1w",
"refresh_token": "def502004facef25dc6cddf75bcb35fc82e3ec477d857d545783c346fe6d0145234006670d7462cd01eba5b506202a8dfa3d6ae9c21a4d7dc5b764ee0f95929e1fb7cf2dd6d62e8f07a63eeb8a63e634d2db1cea5557467507b4dafb8f0e5692181e926e225779fe8937d7581b1abda1c34e27a43ed1691ba509086afe3630de4e12081aab6c4dfc22af976b2b5005affbc902fd40c936aae31107d0d7663d5eb89357d0c04e582e92cc4f0099ba290ac85a5633e1df8517968098cd43cc17fc4f63e26623b9346a65ebeeb7c257392a87ada059d4df7537f5d3a6895f5a1e7d49e0cd32943cdae1219189bf11d274d41594b855e1ac3e13a0691be1119de7674cdd36d290d5f49903fe874cdd698ff6e3030519368937271883e9395c79dabc7dd41df9819917f5d597c9adeb8a257b816b4009c2a22e0963778f41e5461d48ce7d92d569ff99f26611b7211de00bb0aa60e181c9be6cd0aea30b7568658e3dc8797c39"
}
鉴权
- 设置Guard
#Linux
sed -i "s/'token'/'passport'/g" config/auth.php
# MacOS
sed -i "" "s/'token'/'passport'/g" config/auth.php
php artisan make:provider PassportDingoProvider
vim app/Providers/PassportDingoProvider.php
<?php
namespace App\Providers;
use Dingo\Api\Routing\Route;
use Illuminate\Http\Request;
use Illuminate\Auth\AuthManager;
use Dingo\Api\Auth\Provider\Authorization;
use Symfony\Component\HttpKernel\Exception\UnauthorizedHttpException;
class PassportDingoProvider extends Authorization
{
protected $auth;
protected $guard = 'api';
public function __construct(AuthManager $auth)
{
$this->auth = $auth->guard($this->guard);
}
public function authenticate(Request $request, Route $route)
{
if (! $user = $this->auth->user()) {
throw new UnauthorizedHttpException(
get_class($this),
'Unable to authenticate with invalid API key and token.'
);
}
return $user;
}
public function getAuthorizationMethod()
{
return 'Bearer';
}
}
vim config/api.php
return [
'auth' => [
'oauth' => \App\Providers\PassportDingoProvider::class,
],
];
- 添加路由和控制器
vim routes/api.php
// 省略了未修改代码
// 需要 token 验证的接口
$api->group(['middleware' => 'api.auth'], function($api) {
// 当前登录用户信息
$api->get('user', 'UsersController@me')
->name('api.user.show');
});
// 省略了未修改代码
vim app/User.php
<?php
namespace App;
use Illuminate\Notifications\Notifiable;
use Illuminate\Foundation\Auth\User as Authenticatable;
use Laravel\Passport\HasApiTokens;
class User extends Authenticatable
{
use Notifiable, HasApiTokens;
protected $fillable = [
'name', 'email', 'password',
];
protected $hidden = [
'password', 'remember_token',
];
}
mkdir app/Transformers
vim app/Transformers/UserTransformer.php
<?php
namespace App\Transformers;
use App\User;
use League\Fractal\TransformerAbstract;
class UserTransformer extends TransformerAbstract
{
public function transform(User $user)
{
return [
'id' => $user->id,
'name' => $user->name,
'email' => $user->email
];
}
}
php artisan make:controller Api/UsersController
vim app/Http/Controllers/Api/UsersController.php
<?php
namespace App\Http\Controllers\Api;
use App\Http\Controllers\Controller;
use App\Transformers\UserTransformer;
use Dingo\Api\Routing\Helpers;
class UsersController extends Controller
{
use Helpers;
public function me()
{
return $this->response->item($this->user(), new UserTransformer());
}
}
- 测试
curl -X GET \
http://passport.test/api/user | json
{
"message": "Unable to authenticate with invalid API key and token.",
"status_code": 401,
"debug": {
"line": 24,
"file": "/home/vagrant/Code/passport/app/Providers/PassportDingoProvider.php",
"class": "Symfony\\Component\\HttpKernel\\Exception\\UnauthorizedHttpException"
}
}
curl -X GET \
http://passport.test/api/user \
-H 'authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImp0aSI6IjBiOGJjZTY0NmI0MTE4MzEyYTU1YTkzZDAzN2YwZGRiMzhmYWUzMDFiYTM1NTE5YzQ2ZDRiMDAwNWRlMTBiM2QzNTZiY2U0MjhkODVlN2FiIn0.eyJhdWQiOiIxIiwianRpIjoiMGI4YmNlNjQ2YjQxMTgzMTJhNTVhOTNkMDM3ZjBkZGIzOGZhZTMwMWJhMzU1MTljNDZkNGIwMDA1ZGUxMGIzZDM1NmJjZTQyOGQ4NWU3YWIiLCJpYXQiOjE1MjQ4OTU3MDQsIm5iZiI6MTUyNDg5NTcwNCwiZXhwIjoxNTI2MTkxNzAzLCJzdWIiOiIxIiwic2NvcGVzIjpbIioiXX0.ewegrKxu1GQvnHww9NcuPKIRI7ws4T26xjzQYIRjBN9YGYJGyz036Q6YsgKm_tyMFfiCyXGBoYKBD509lzRO5Mulz6ljw5FpvdesCGg7NA0NYXWa-K3BgVSUg8Y2cu0PlAmfQJ3XL_eFydt7Bj170c3eErzF3LVL9G46UdTEU90mqcGX6TjS05mMM5fmsFWjyCFNPTp7qSdbFhEaj4EI9oY720V_252Rzm0ld7vDruAtQp3zbd8XHU4hSE6B0jK7HthgcluomIlp3aLB2ete1JaNDiIKyosk-17hZlp00fWXw16RTx7wRWHf-FemiiA2zvgqzboOrV1karOiDBcbk-efGOVs9L953UM8v0kGfTIvLaCgp7dBB_zT0FrVdLbiJukumhPh4mnGmAsAs-dzgi6BCduNOAK-7Iq_1r9lNIEqy8A4beJJcYxD4MjzBwAslKcM54rQBE58fivaY8f19_zzGShVJaV9hzzh1aGyqIj1fLzGeNnTz6edvj30l_5qmAWDkPdEid08YWSTIYz9lk4Ei8f9r31WZj9c8aDOjxa760j-yrr9Igm7d07jEOf1q3ctVkt8Hmzrl95MYy4iwcuLruF5zcAhS5shEeNVSiVCvNa7WErpqFyMevD478Lddtn4aOITZB0hZJJtT1wDGBWuC7rbdkAKNxAc5vc-j1w' | json
{
"data": {
"id": 1,
"name": "test1",
"email": "test1@test.com"
}
}
