Laravel-创建API令牌以供每个用户在内部使用 [英] Laravel - Creating API tokens to use internally for each user
问题描述
我的应用程序中的每个user
都只能在Vue中在应用程序中使用API .旧的api_token
解决方案对我有用,但是似乎不安全,因为api_token
是唯一将用户与数据区分开的东西.
Every user
of my application may use the API only within the application with Vue. The old api_token
solution works for me, but it seems to be insecure since the api_token
is the only thing that separates the user from the data.
我已经阅读了有关使用OAuth2方法的Passport的信息,该方法比简单的api_token
安全得多.
I've read about Passport that uses OAuth2 methodology which is far more secure than a simple api_token
.
是否可以使用Passport实现此目的?请注意,每次创建user
时,我都必须为其创建一个API令牌.
Is there a way to use Passport to achieve this? Note that every time a user
is created, I must create a API token to him.
我们没有计划为外部应用程序打开此API.
We have no plans to open this API for external applications.
推荐答案
您可以为每个用户创建令牌,请看下面的代码.
you can create tokens for every user, have a look at below code.
// find specific user
$user = App\User::find(1);
// Creating a token without scopes...
$token = $user->createToken('Token Name')->accessToken;
// Creating a token with scopes...
$token = $user->createToken('My Token', ['place-orders'])->accessToken;
您也可以在创建用户后创建令牌,只需在创建用户后添加令牌逻辑即可.
you can create token after user creation too, just add logic of token after a user has been created.
这篇关于Laravel-创建API令牌以供每个用户在内部使用的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!