Laravel-创建API令牌以供每个用户在内部使用 [英] Laravel - Creating API tokens to use internally for each user

问题描述

我的应用程序中的每个user都只能在Vue中在应用程序中使用API​​ .旧的api_token解决方案对我有用，但是似乎不安全，因为api_token是唯一将用户与数据区分开的东西.

Every user of my application may use the API only within the application with Vue. The old api_token solution works for me, but it seems to be insecure since the api_token is the only thing that separates the user from the data.

我已经阅读了有关使用OAuth2方法的Passport的信息，该方法比简单的api_token安全得多.

I've read about Passport that uses OAuth2 methodology which is far more secure than a simple api_token.

是否可以使用Passport实现此目的?请注意，每次创建user时，我都必须为其创建一个API令牌.

Is there a way to use Passport to achieve this? Note that every time a user is created, I must create a API token to him.

我们没有计划为外部应用程序打开此API.

We have no plans to open this API for external applications.

推荐答案

您可以为每个用户创建令牌，请看下面的代码.

you can create tokens for every user, have a look at below code.

// find specific user
$user = App\User::find(1);

// Creating a token without scopes...
$token = $user->createToken('Token Name')->accessToken;

// Creating a token with scopes...
$token = $user->createToken('My Token', ['place-orders'])->accessToken;

您也可以在创建用户后创建令牌，只需在创建用户后添加令牌逻辑即可.

you can create token after user creation too, just add logic of token after a user has been created.

这篇关于Laravel-创建API令牌以供每个用户在内部使用的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！