Laravel结合了Passport身份验证和普通身份验证 [英] Laravel combine Passport authentication and normal authentication

问题描述

如何结合使用Passport身份验证和常规laravel身份验证?

我希望用户登录到Web中间件和api中间件的页面.登录路由在api-middleware中.目前，我已经设置了Passport身份验证，它适用于所有api中间件路由.如何使用户也登录Web中间件?

编辑#1

我在做什么:

登录代码

$http = new \GuzzleHttp\Client();

    try {
        $response = $http->post(config('services.passport.login_endpoint'), [
            'form_params' => [
                'grant_type' => 'password',
                'client_id' => config('services.passport.client_id'),
                'client_secret' => config('services.passport.client_secret'),
                'username' => $args['email'],
                'password' => $args['password']
            ]
        ]);

        $user = User::where('email', $args['email'])->first();

        Auth::guard('web')->login($user);
        return [
            "token" => $response->getBody()->getContents(),
            "user" => $user
        ];

    } // ...

某些Web中间件路由中的某处

return auth()->check() ? "logged in" : "not logged in";

返回未登录"

解决方案

在理想情况下，您不应该这样做，因为护照身份验证用于与API通信的单独应用，而laravel预装运身份验证用于MVC，因此它们是独立的用户会话. /p>

但是假设您知道自己在做什么，请通过API在用户登录时调用Auth::login($user);，或者在用户通过Web中间件auth登录时生成护照令牌，以先发生的登录为准...

记住Auth::login($user);创建一个用户会话并设置cookie来引用该会话...因此，您自己创建了一个新问题，即注销时，有两个地方可以从...注销，因为从技术上讲，该用户已登录两次，带护照令牌和一个Cookie，代表他的会话...

How do I combine Passport authentication and normal laravel authentication?

I want the user to be logged in on pages of web-middleware and api-middleware. The login route is in api-middleware. Currently I have set up Passport authentication and it works fine for all api-middleware routes. How to make the user logged in in web-middleware as well?

Edit #1

What Im doing:

Login code

$http = new \GuzzleHttp\Client();

    try {
        $response = $http->post(config('services.passport.login_endpoint'), [
            'form_params' => [
                'grant_type' => 'password',
                'client_id' => config('services.passport.client_id'),
                'client_secret' => config('services.passport.client_secret'),
                'username' => $args['email'],
                'password' => $args['password']
            ]
        ]);

        $user = User::where('email', $args['email'])->first();

        Auth::guard('web')->login($user);
        return [
            "token" => $response->getBody()->getContents(),
            "user" => $user
        ];

    } // ...

Somewhere in some web-middleware route

return auth()->check() ? "logged in" : "not logged in";

returns "not logged in"

解决方案

Ideally you shouldn't, as passport auth is for a separate app communicating to the API and laravel preshipped auth is for MVC, they are separate user sessions.

But assuming you know what you are doing, either call Auth::login($user); on user login via API, or generate the passport token when the user login through web middleware auth, whichever login happens first...

Remember Auth::login($user); creates a user session and sets cookies to refer to that session... So you create for yourself a new problem were on logout, there are two places to logout from... as technically the user is logged in twice, with passport token and with a cookie referring to his session...

这篇关于Laravel结合了Passport身份验证和普通身份验证的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！