身份验证使用 Laravel Sanctum
https://learnku.com/docs/laravel/8.x/sanctum/9421
安装 Laravel Sanctum
composer require laravel/sanctum
php artisan vendor:publish --provider="Laravel\Sanctum\SanctumServiceProvider"
php artisan migrate
修改 app/Http/Kernel.php
use Laravel\Sanctum\Http\Middleware\EnsureFrontendRequestsAreStateful;
'api' => [
EnsureFrontendRequestsAreStateful::class,
'throttle:api',
\Illuminate\Routing\Middleware\SubstituteBindings::class,
],
修改 config/sanctum.php
# 增加
'prefix' => 'admin/api/sanctum'
在 .env 和 .env.example 中增加
SANCTUM_STATEFUL_DOMAINS=jk.cn
接下来,增加路由配置。
增加路由配置
修改 app/Providers/RouteServiceProvider
public function boot()
{
$this->configureRateLimiting();
$this->routes(function () {
Route::middleware('web')
->group(base_path('routes/web.php'));
Route::prefix('api')
->middleware('api')
->group(base_path('routes/api.php'));
Route::prefix('admin/api')
->middleware('api')
->group(base_path('routes/admin.php'));
});
}
增加 routes/admin.php
<?php
use Illuminate\Support\Facades\Route;
Route::namespace('Admin')->group(function(){
Route::post('login', 'UserController@login')->name('admin.api.login');
Route::group([
'middleware' => ['auth:sanctum'],
], function () {
Route::post('logout', 'UserController@logout')->name('admin.api.logout');
Route::get('user/info', 'UserController@userInfo')->name('admin.api.userInfo');
});
});
上边是 laravel 8 以前的路由的写法, laravel 8 换成下边这样的了
<?php
use Illuminate\Support\Facades\Route;
use App\Http\Controllers\Admin\UserController;
Route::post('login', [UserController::class, 'login'])->name('admin.api.login');
Route::group([
'middleware' => ['auth:sanctum'],
], function () {
Route::post('logout', [UserController::class, 'logout'])->name('admin.api.logout');
Route::get('user/info', [UserController::class, 'userInfo'])->name('admin.api.userInfo');
});
增加控制器 app/Http/Controllers/Admin/UserController.php,由 artisan 生成
php artisan make:controller Admin/UserController
增加 app/Http/Requests/Admin 由 artisan 生成。
php artisan make:request Admin/LoginRequest
<?php
namespace App\Http\Requests\Admin;
use Illuminate\Foundation\Http\FormRequest;
class LoginRequest extends FormRequest
{
public function authorize()
{
return true;
}
public function rules()
{
$rules = [
'account' => [
'required',
'regex:/^((13[0-9])|(14[5,7])|(15[0-3,5-9])|(17[0,3,5-8])|(18[0-9])|166|198|199)\d{8}$/'
// 'unique:users',
],
'password' => 'required|string|min:6|max:20'
];
return $rules;
}
public function messages()
{
return [];
}
public function attributes()
{
return [
'account' => '账号',
'password' => '密码'
];
}
}
再来看 UserController 控制器逻辑
<?php
namespace App\Http\Controllers\Admin;
use Illuminate\Http\Request;
use App\Http\Controllers\Controller;
use Illuminate\Support\Facades\Auth;
use Carbon\Carbon;
use App\Http\Requests\Admin\LoginRequest;
class UserController extends Controller
{
/**
* 登录
*/
public function login(LoginRequest $request)
{
$data = $request->only(['account', 'password']);
$remember = $request->remember ?? false;
if (Auth::attempt($data, $remember)) {
$user = auth()->user();
$expiredAt = null;
if (!$remember) {
$expiredAt = Carbon::now()->addMinute(config('session.lifetime'))->toDateTimeString();
}
$user->expiredAt = $expiredAt;
return response()->json($user, 200);
} else {
return response()->json(['message' => '账号或密码错误'], 401);
}
}
/**
* 登出
*/
public function logout()
{
Auth::guard('web')->logout();
return response()->json(['message' => '登出成功'], 200);
}
/**
* 获取当前用户信息
*/
public function userInfo(Request $request)
{
$user = $request->user();
return response()->json($user, 200);
}
}
到此,服务端基础逻辑完成。提交下 git。
git add .
git commit -m '安装 Sanctum,并配置路由,以及增加登录登出相关逻辑'
下一步,生成几个用户,来正式测试测试。