使用Laravel 5.4和Passport的多重身份验证 [英] Multi Auth with Laravel 5.4 and Passport

问题描述

我正在尝试使用Laravel Passport设置多重身份验证，但似乎不支持它.我正在使用密码授予来颁发令牌，这要求我传递想要访问令牌的用户的用户名/密码.

I am trying to setup multi auth with Laravel Passport, but it doesn't seem to support it. I am using the Password Grant to issue tokens which requires me to pass username/password of the user wanting access tokens.

我有3个身份验证卫士/提供者设置，总共4个.用户，供应商，管理员和API

I have 3 auth guards/providers setup, 4 in total. Users, Vendors, Admins and API

2个身份验证需要通行证，因此每个用户都需要能够发行令牌.但是Passport会自动采用API身份验证提供程序，但是我希望根据登录的用户进行更改..

2 of the Auths need passport access, so each user needs to be able to issue tokens. But Passport automatically takes the API auth provider, but I want this to change based on which user is logging in.. If user does then the User provider and if its a vendor then the Vendor provider.

但是Passport目前仅支持1种用户类型的方式，因此默认为 API提供程序.

But the way Passport currently only supports only 1 user type, so its defaulting to the API provider.

这有更好的选择吗?还是应该使用基于角色的身份验证.

Is there something better for this? or should I go with roles based authentication instead.

推荐答案

如果您仍然需要.

我更喜欢角​​色扮演，有一个很棒的插件: https://github.com/larapacks/授权

I prefer go with roles, there is an amazing plugin for that: https://github.com/larapacks/authorization

但是，如果您出于某种原因需要它，则可以按照以下步骤使用.

But if you somehow needs that, you will be able to use following the steps bellow.

对于多后卫，您将不得不覆盖一些代码.

For multi guards, you will have to overwrite some code.

您可以创建自己的并扩展PassportServiceProvider并覆盖方法makePasswordGrant，而不是加载PassportServiceProvider.使用此方法，您将为自己的扩展存储库更改Passport UserRepository.在用户存储库上，您必须将静态模型配置更改为动态模型配置(我从请求属性加载，但是可以从任何地方获取).

Instead of loading PassportServiceProvider, you create your own and extends the PassportServiceProvider and overwrites the method makePasswordGrant. On this method, you will change the Passport UserRepository for your own repository extended. On user repository you must to change the static model config for a dynamic one (I load from request attributes, but you can get from anywhere).

您可能不得不覆盖其他内容，但我进行了测试并可以工作.

You may have to overwrite something else, but I made a test and works.

例如:

PassportServiceProvider

PassportServiceProvider

namespace App\Providers;

use League\OAuth2\Server\AuthorizationServer;
use League\OAuth2\Server\Grant\PasswordGrant;
use Laravel\Passport\PassportServiceProvider as BasePassportServiceProvider;
use Laravel\Passport\Passport;

class PassportServiceProvider extends BasePassportServiceProvider
{
    /**
     * Create and configure a Password grant instance.
     *
     * @return PasswordGrant
     */
    protected function makePasswordGrant()
    {
        $grant = new PasswordGrant(
            $this->app->make(\App\Repositories\PassportUserRepository::class),
            $this->app->make(\Laravel\Passport\Bridge\RefreshTokenRepository::class)
        );

        $grant->setRefreshTokenTTL(Passport::refreshTokensExpireIn());

        return $grant;
    }

}

UserRepository

UserRepository

namespace App\Repositories;

use App;
use Illuminate\Http\Request;
use League\OAuth2\Server\Entities\ClientEntityInterface;
use Laravel\Passport\Bridge\UserRepository;
use Laravel\Passport\Bridge\User;
use RuntimeException;

class PassportUserRepository extends UserRepository
{
    /**
     * {@inheritdoc}
     */
    public function getUserEntityByUserCredentials($username, $password, $grantType, ClientEntityInterface $clientEntity)
    {
        $guard = App::make(Request::class)->attributes->get('guard') ?: 'api';
        $provider = config("auth.guards.{$guard}.provider");


        if (is_null($model = config("auth.providers.{$provider}.model"))) {
            throw new RuntimeException('Unable to determine user model from configuration.');
        }


        if (method_exists($model, 'findForPassport')) {
            $user = (new $model)->findForPassport($username);
        } else {
            $user = (new $model)->where('email', $username)->first();
        }


        if (! $user ) {
            return;
        } elseif (method_exists($user, 'validateForPassportPasswordGrant')) {
            if (! $user->validateForPassportPasswordGrant($password)) {
                return;
            }
        } elseif (! $this->hasher->check($password, $user->password)) {
            return;
        }

        return new User($user->getAuthIdentifier());
    }
}

PS:对不起，我的英语不好.

PS: Sorry my bad english.

这篇关于使用Laravel 5.4和Passport的多重身份验证的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！