Laravel + React，通过Laravel认证使用API [英] Laravel + React, consume api with Laravel authentication

问题描述

我们有一个Laravel项目，其中有react作为前端.基本上react是在laravel项目内部，我们使用php artisan preset react进行添加.

we have a Laravel project with react as the front-end. Basically react is inside the laravel project, we used php artisan preset react to add it.

由于此应用程序需要身份验证，因此我们使用了自定义的laravel auth来授予用户访问权限.然后，当身份验证正确时，我们将用户重定向到将由react和react路由器管理的路由. 问题在于我们需要使用同一应用程序的API端点，并且这些端点必须受到保护. laravel Auth在那里不起作用，不会在每个请求上发送sessión信息.我已经尝试过 https://laravel.com/docs/5.7/authentication#stateless-http-basic-authentication 尽管它解决了问题，但登录并不方便，然后在要消耗其他资源时显示提示再次登录.也不能将api路由更改为Web中间件.

As this application needs authentication, we used the custom laravel auth to give access to the users. Then when the authentication is correct, we redirect the user to a route that will be managed by react and react router. The problem is that we need to consume our API endpoints from the same app, and those endpoints MUST be protected. The laravel Auth is not working there, the sessión information is not being sent on each request. I’ve tried https://laravel.com/docs/5.7/authentication#stateless-http-basic-authentication that although it solves the problem is not convenient to log in and then when want to consume another resource show a prompt to log in again. Also change the api routes to a web middleware is not an option.

有人知道如何通过普通的laravel身份验证来保护laravel API路由

Does someone knows how to protect the laravel API routes with the normal laravel authentication

推荐答案

解决方案很简单，即使在

The solution was simple, even that is on the documentation, the necessary steps should be clarified.

我们需要:

1. 添加护照composer require laravel/passport
2. 进行迁移php artisan migrate
3. 安装护照php artisan passport:install

1. Add passport composer require laravel/passport
2. Make the migrations php artisan migrate
3. Install passport php artisan passport:install

第四步更加复杂.我们需要打开User.php模型文件.首先，我们需要导入HasApiTokens并告诉模型使用它.

The fourth step is more complex. We need to open our User.php model file. And first we need to import the HasApiTokens and tell the model to use it.

use Laravel\Passport\HasApiTokens;

class User extends Authenticatable

{

    use HasApiTokens, Notifiable;

    .......

}

然后在我们的config/auth.php上，我们需要修改api数组并将驱动程序更改为passport

Then on our config/auth.php we need to modify the api array and change the driver to passport

'api' => [

    //for API authentication with Passport

    'driver' => 'passport',

    'provider' => 'users',

],

然后在我们的app/Http/Kernel.php上，我们需要在键web的$middlewareGroups数组中添加中间件.

Then on our app/Http/Kernel.php we need to add a middleware to the $middlewareGroups array in the key web.

protected $middlewareGroups = [

    'web' => [

        ................

        //for API authentication with Passport

        \Laravel\Passport\Http\Middleware\CreateFreshApiToken::class,

    ],

现在，我们可以在api路由上使用auth:api中间件了.

Now we can use the auth:api middleware on our api routes.

Route::middleware('auth:api')->group( function(){
    ...your routes here
});

这篇关于Laravel + React，通过Laravel认证使用API的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！