时间戳

首页 > 解决方案 > 为 2 个模型颁发 sanctum 令牌,以验证 API 请求(不是默认用户模型)

php - 为 2 个模型颁发 sanctum 令牌,以验证 API 请求(不是默认用户模型)

问题描述

我正在为Mobile App构建管理面板API

对于管理面板,我使用默认的用户模型来验证 Web(将管理管理面板的用户,具有角色和权限)和门授权

对于 API,我想使用 2 个模型(MobileUser、StoreUser)

我的问题如下:

使用 sanctum 为两种模型验证/颁发令牌的正确方法是什么?

- 是否就像添加(在两个模型中):

use Laravel\Sanctum\HasApiTokens; 

use HasApiTokens; //as a treat

- 或者我应该添加更多(在两个模型中):

use Iluminate\Contract\Auth\Authinticatable as AuthinticatableContract;
use Iluminate\Auth\Authinticatable;
use Laravel\Sanctum\HasApiTokens;

Class MobileUser extends Model implements AuthinticatableContract
//Class StoreUser extends Model implements AuthinticatableContract
{
        use HasApiTokens, Authinticatable;

-我应该在 config/auth.php 中添加 MobileUser 和 StoreUser 作为提供者吗?

'providers' => [
        'users' => [
            'driver' => 'eloquent',
            'model'  => App\Models\User::class,
        ],
        'mobileusers' => [
            'driver' => 'eloquent',
            'model'  => App\Models\MobileUser::class,
        ],
        'storeusers' => [
            'driver' => 'eloquent',
            'model'  => App\Models\StoreUser::class,
        ],
    ],

-和 config/auth.php 中的守卫如下

'guards' => [
        'web' => [
            'driver'   => 'session',
            'provider' => 'users',
        ],

        'api' => [
            'driver'   => 'token',
            'provider' => 'mobileusers','storeusers',
            'hash'     => true,
        ],
    ],

这是 MobileUser 的 Api/AuthController

<?php
namespace App\Http\Controllers\Api;

use App\Http\Controllers\Controller;
use App\Models\MobileUser;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Hash;
use Illuminate\Validation\ValidationException;

class AuthController extends Controller
{
    public function register(Request $request)
    {
        $request->validate([
            'username' => 'required|min:3',
            'email' => 'required|email',
            'password' => 'required|min:6',
            'first_name' => 'required',
            'last_name' => 'required',
            'phone_number' => 'required',
        ]);

        $user = MobileUser::create([
            'username' => $request->username,
            'email' => $request->email,
            'password' => bcrypt($request->password),
            'first_name' => $request->first_name,
            'last_name' => $request->last_name,
            'phone_number' => $request->phone_number,
        ]);

        return response()->json($user);
    }

    public function login(Request $request)
    {
        $request->validate([
            'email' => 'email|required',
            'password' => 'required'
        ]);

        $user = MobileUser::where('email', $request->email)->first();

        if (! $user || ! Hash::check($request->password, $user->password)) {
            throw ValidationException::withMessages([
                'email' => ['The provided credentials are incorrect.'],
            ]);
        }

        $authToken = $user->createToken($request->email)->plainTextToken;

        return response()->json([
            'access_token' => $authToken,
        ]);
    }
}

并且 Sanctum 配置有点混乱https://laravel.com/docs/8.x/sanctum#configuration

提前致谢

标签: phplaravelauthenticationbearer-tokenlaravel-sanctum

解决方案

推荐阅读