Laravel使用Passport來建立API用戶認證

本文來自pilishen.com---- 原文連接; 歡迎做客咱們的php&Laravel學習羣：109256050

好比說你要給你的手機APP用戶建立API，使用的是你已有的Laravel系統裏的數據庫，尤爲是用戶數據。如今咱們來看一下，這裏使用的是Laravel Passport組件。

咱們將要建立三個api，分別是：

1. Login API
2. Register API
3. Details API

（一）安裝和配置Passport

composer require laravel/passport

在config/app.php中註冊provider：

'providers' => [
    ....
    Laravel\Passport\PassportServiceProvider::class,
],

建立Passport須要的數據表：

php artisan migrate

而後初始化Passport，執行：

php artisan passport:install

該命令會生成用之後期建立安全令牌（access token）的祕鑰，同時也會建立personal access和password grant兩個客戶端（clients）。

接下來，在app/User.php中添加HasApiTokens trait：

<?php

namespace App;

use Laravel\Passport\HasApiTokens;
use Illuminate\Notifications\Notifiable;
use Illuminate\Foundation\Auth\User as Authenticatable;

class User extends Authenticatable
{
    use HasApiTokens, Notifiable;
}

而後在app/Providers/AuthServiceProvider.php中添加Passport::routes();：

<?php

namespace App\Providers;

use Laravel\Passport\Passport;
use Illuminate\Support\Facades\Gate;
use Illuminate\Foundation\Support\Providers\AuthServiceProvider as ServiceProvider;

class AuthServiceProvider extends ServiceProvider
{
    ...
    public function boot()
    {
        $this->registerPolicies();
        Passport::routes();
    }
}

在config/auth.php中將api的driver改爲passport:

<?php

return [
    .....
    'guards' => [
       ...
        'api' => [
            'driver' => 'passport',
            'provider' => 'users',
        ],
    ],
    .....
]

（二）建立相應的api路由

在你的routes/api.php中

Route::post('login', 'API\UserController@login');
Route::post('register', 'API\UserController@register');

Route::group(['middleware' => 'auth:api'], function(){
    Route::post('details', 'API\UserController@details');
});

（三）建立相應的controller

路徑app/Http/Controllers/API/UserController.php

<?php

namespace App\Http\Controllers\API;

use Illuminate\Http\Request;
use App\Http\Controllers\Controller;
use App\User;
use Illuminate\Support\Facades\Auth;
use Validator;

class UserController extends Controller
{

    public $successStatus = 200;

    
    public function login(){
        if(Auth::attempt(['email' => request('email'), 'password' => request('password')])){
            $user = Auth::user();
            $success['token'] =  $user->createToken('MyApp')->accessToken;
            return response()->json(['success' => $success], $this->successStatus);
        }
        else{
            return response()->json(['error'=>'Unauthorised'], 401);
        }
    }

    
    public function register(Request $request)
    {
        $validator = Validator::make($request->all(), [
            'name' => 'required',
            'email' => 'required|email',
            'password' => 'required',
            'c_password' => 'required|same:password',
        ]);

        if ($validator->fails()) {
            return response()->json(['error'=>$validator->errors()], 401);            
        }

        $input = $request->all();
        $input['password'] = bcrypt($input['password']);
        $user = User::create($input);
        $success['token'] =  $user->createToken('MyApp')->accessToken;
        $success['name'] =  $user->name;

        return response()->json(['success'=>$success], $this->successStatus);
    }

     public function details()
    {
        $user = Auth::user();
        return response()->json(['success' => $user], $this->successStatus);
    }
}

（四）使用rest client來測試api

Login API:

Register API:

Details API:

這個測試前須要添加一些header信息：

'headers' => [
    'Accept' => 'application/json',
    'Authorization' => 'Bearer '.$accessToken,
]

[譯文出處： //itsolutionstuff.com/post/laravel-5-how-to-create-api-authentication-using-passport-example.html](//itsolutionstuff.com/post/laravel-5-how-to-create-api-authentication-using-passport-example.html)