基于API响应调用的laravel自定义身份验证 [英] laravel custom authentication based on API response call

查看:112
本文介绍了基于API响应调用的laravel自定义身份验证的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

当前,我使用Laravel 5.7并尝试建立登录机制.类似于基于响应的自定义用户身份验证的案例API调用的次数.

Currently I using Laravel 5.7 and trying to build login mechanism. Case similar to Custom user authentication base on the response of an API call.

我的情况是我在本地没有自己的数据库和用户表.所有需要的是调用API以通过传递用户名,密码,客户端ID,客户端密码来进行验证.

My case is I don't have own database and user table locally. All need is to call API to validate by passing username, password, client id, client secret.

我对邮递员对API的请求:

My request to API in postman:

POST Body   
{
  "username": "tester",
  "password": "ps",
  "CLIENT_ID": "xx",
  "CLIENT_SECRET": "yy"
}

API对邮递员成功事件的响应.用户信息通过解码在此JWT令牌中.

The response from API for success event in postman. The user information is in this JWT token by decode it.

{
    "token_type": "Bearer",
    "id_token": "eyJraWQiOiNGUvdFZC...",
    "access_token": "eyJraWQiOi....",
    "expire_in": 3600,
    "refresh_token": "eyJjdHkiOiJK..."
}

我希望在loginContoller中做类似的事情,并使用Auth :: **:

I wish to do something like in loginContoller and use Auth::**: 

public function postSignIn(Request $request)
{
    $username = strtolower($request->username);
    $password = $request->password;

    if (Auth::attempt(['username' => $username, 'password' => $password])) {
        return Redirect::to('/dashboard')->with('success', 'Hi '. $username .'! You have been successfully logged in.');
    } else {
        return Redirect::to('/')->with('error', 'Username/Password Wrong')->withInput(Request::except('password'))->with('username', $username);
    }
}

问题:

  1. 如何在laravel中实现API身份验证? (使用枪口,服务提供商,可认证合同和驱动程序Auth?)

  1. How can I implement API authentication in laravel? (using guzzle, service provider, Authenticatable Contract and driver Auth?)

如何将访问令牌存储在会话/cookie中,以附加到以后每次发送给API的每个请求中?

How to store the access token in session/cookie to attach in every request sent to API every time afterward?

如何存储刷新令牌并在无效后使用它来获取访问令牌?

How to store the refresh token and use it to gain the access token after it is invalid?

我感谢所有帮助或任何示例/指导.

I appreciate all the helps or any example/guidance.

推荐答案

您不必自己动手,很多插件可以像lavael护照一样为您解决问题,它使用起来非常简单看看

you don't have to do it your self thre's a lot of plugins that can do the trick for you like like lavael passport it so simple to use you have to make a look

这篇关于基于API响应调用的laravel自定义身份验证的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
相关文章
PHP最新文章
热门教程
热门工具
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆