基于API响应调用的laravel自定义认证 [英] laravel custom authentication based on API response call

查看:26
本文介绍了基于API响应调用的laravel自定义认证的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

目前我使用 Laravel 5.7 并尝试构建登录机制.案例类似于 基于响应的自定义用户身份验证一个 API 调用.

Currently I using Laravel 5.7 and trying to build login mechanism. Case similar to Custom user authentication base on the response of an API call.

我的情况是我在本地没有自己的数据库和用户表.只需调用API,通过传递用户名、密码、客户端ID、客户端密码进行验证.

My case is I don't have own database and user table locally. All need is to call API to validate by passing username, password, client id, client secret.

我在 postman 中对 API 的请求:

My request to API in postman:

POST Body   
{
  "username": "tester",
  "password": "ps",
  "CLIENT_ID": "xx",
  "CLIENT_SECRET": "yy"
}

API 对 postman 中成功事件的响应.用户信息通过解码在这个 JWT 令牌中.

The response from API for success event in postman. The user information is in this JWT token by decode it.

{
    "token_type": "Bearer",
    "id_token": "eyJraWQiOiNGUvdFZC...",
    "access_token": "eyJraWQiOi....",
    "expire_in": 3600,
    "refresh_token": "eyJjdHkiOiJK..."
}

我希望在 loginContoller 中做一些事情并使用 Auth::**:

I wish to do something like in loginContoller and use Auth::**: 

public function postSignIn(Request $request)
{
    $username = strtolower($request->username);
    $password = $request->password;

    if (Auth::attempt(['username' => $username, 'password' => $password])) {
        return Redirect::to('/dashboard')->with('success', 'Hi '. $username .'! You have been successfully logged in.');
    } else {
        return Redirect::to('/')->with('error', 'Username/Password Wrong')->withInput(Request::except('password'))->with('username', $username);
    }
}

问题:

  1. 如何在laravel中实现API认证?(使用 guzzle、服务提供者、可验证合约和驱动程序验证?)

  1. How can I implement API authentication in laravel? (using guzzle, service provider, Authenticatable Contract and driver Auth?)

如何将访问令牌存储在 session/cookie 中,以便在之后每次发送到 API 的每个请求中附加?

How to store the access token in session/cookie to attach in every request sent to API every time afterward?

如何存储刷新令牌并在失效后使用它来获取访问令牌?

How to store the refresh token and use it to gain the access token after it is invalid?

感谢所有帮助或任何示例/指导.

I appreciate all the helps or any example/guidance.

推荐答案

您不必自己动手 有很多插件可以为您解决问题,就像 lavael 护照一样,使用起来如此简单,您拥有去看看

you don't have to do it your self thre's a lot of plugins that can do the trick for you like like lavael passport it so simple to use you have to make a look

这篇关于基于API响应调用的laravel自定义认证的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
相关文章
PHP最新文章
热门教程
热门工具
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆