Write the Code. Change the World.

9月 16

身份验证使用 Laravel Sanctum

https://learnku.com/docs/laravel/8.x/sanctum/9421

安装 Laravel Sanctum

composer require laravel/sanctum

php artisan vendor:publish --provider="Laravel\Sanctum\SanctumServiceProvider"

php artisan migrate


修改 app/Http/Kernel.php

use Laravel\Sanctum\Http\Middleware\EnsureFrontendRequestsAreStateful;

'api' => [
     EnsureFrontendRequestsAreStateful::class,
     'throttle:api',
     \Illuminate\Routing\Middleware\SubstituteBindings::class,
],

修改 config/sanctum.php

# 增加

'prefix' => 'admin/api/sanctum'

在 .env 和 .env.example 中增加

SANCTUM_STATEFUL_DOMAINS=jk.cn

接下来,增加路由配置。

增加路由配置

修改 app/Providers/RouteServiceProvider

    public function boot()
    {
        $this->configureRateLimiting();

        $this->routes(function () {
            Route::middleware('web')
                ->group(base_path('routes/web.php'));

            Route::prefix('api')
                ->middleware('api')
                ->group(base_path('routes/api.php'));

            Route::prefix('admin/api')
                ->middleware('api')
                ->group(base_path('routes/admin.php'));
        });
    }

增加 routes/admin.php

<?php

use Illuminate\Support\Facades\Route;

Route::namespace('Admin')->group(function(){

    Route::post('login', 'UserController@login')->name('admin.api.login');

    Route::group([
        'middleware' => ['auth:sanctum'],
    ], function () {
        Route::post('logout', 'UserController@logout')->name('admin.api.logout');

        Route::get('user/info', 'UserController@userInfo')->name('admin.api.userInfo');
    });
});

上边是 laravel 8 以前的路由的写法, laravel 8 换成下边这样的了

<?php

use Illuminate\Support\Facades\Route;

use App\Http\Controllers\Admin\UserController;

Route::post('login', [UserController::class, 'login'])->name('admin.api.login');

Route::group([
    'middleware' => ['auth:sanctum'],
], function () {
    Route::post('logout', [UserController::class, 'logout'])->name('admin.api.logout');

    Route::get('user/info', [UserController::class, 'userInfo'])->name('admin.api.userInfo');
});

增加控制器 app/Http/Controllers/Admin/UserController.php,由 artisan 生成

php artisan make:controller Admin/UserController

增加 app/Http/Requests/Admin 由 artisan 生成。

php artisan make:request Admin/LoginRequest

<?php

namespace App\Http\Requests\Admin;

use Illuminate\Foundation\Http\FormRequest;

class LoginRequest extends FormRequest
{
    public function authorize()
    {
        return true;
    }

    public function rules()
    {
        $rules = [
            'account' => [
                'required',
                'regex:/^((13[0-9])|(14[5,7])|(15[0-3,5-9])|(17[0,3,5-8])|(18[0-9])|166|198|199)\d{8}$/'
                // 'unique:users',
            ],
            'password' => 'required|string|min:6|max:20'
        ];

        return $rules;
    }

    public function messages()
    {
        return [];
    }

    public function attributes()
    {
        return [
            'account' => '账号',
            'password' => '密码'
        ];
    }
}

再来看 UserController 控制器逻辑

<?php

namespace App\Http\Controllers\Admin;

use Illuminate\Http\Request;
use App\Http\Controllers\Controller;
use Illuminate\Support\Facades\Auth;
use Carbon\Carbon;
use App\Http\Requests\Admin\LoginRequest;

class UserController extends Controller
{
    /**
     * 登录 
     */ 
    public function login(LoginRequest $request)
    {
        $data = $request->only(['account', 'password']);

        $remember = $request->remember ?? false;

        if (Auth::attempt($data, $remember)) {
            $user = auth()->user();
            $expiredAt = null;
            if (!$remember) {
                $expiredAt = Carbon::now()->addMinute(config('session.lifetime'))->toDateTimeString();
            }
            $user->expiredAt = $expiredAt;
            return response()->json($user, 200);
        } else {
            return response()->json(['message' => '账号或密码错误'], 401);
        }
    }

    /**
     * 登出 
     */ 
    public function logout()
    {
        Auth::guard('web')->logout();

        return response()->json(['message' => '登出成功'], 200);
    }

    /**
     * 获取当前用户信息
     */ 
    public function userInfo(Request $request)
    {
        $user = $request->user();

        return response()->json($user, 200);
    }
}

到此,服务端基础逻辑完成。提交下 git。

git add .
git commit -m '安装 Sanctum,并配置路由,以及增加登录登出相关逻辑'

下一步,生成几个用户,来正式测试测试。

发表评论

电子邮件地址不会被公开。 必填项已用*标注