Laravel + React,通过Laravel认证使用API [英] Laravel + React, consume api with Laravel authentication
问题描述
我们有一个Laravel项目,其中有react作为前端.基本上react是在laravel项目内部,我们使用php artisan preset react
进行添加.
we have a Laravel project with react as the front-end. Basically react is inside the laravel project, we used php artisan preset react
to add it.
由于此应用程序需要身份验证,因此我们使用了自定义的laravel auth来授予用户访问权限.然后,当身份验证正确时,我们将用户重定向到将由react和react路由器管理的路由. 问题在于我们需要使用同一应用程序的API端点,并且这些端点必须受到保护. laravel Auth在那里不起作用,不会在每个请求上发送sessión信息.我已经尝试过 https://laravel.com/docs/5.7/authentication#stateless-http-basic-authentication 尽管它解决了问题,但登录并不方便,然后在要消耗其他资源时显示提示再次登录.也不能将api路由更改为Web中间件.
As this application needs authentication, we used the custom laravel auth to give access to the users. Then when the authentication is correct, we redirect the user to a route that will be managed by react and react router. The problem is that we need to consume our API endpoints from the same app, and those endpoints MUST be protected. The laravel Auth is not working there, the sessión information is not being sent on each request. I’ve tried https://laravel.com/docs/5.7/authentication#stateless-http-basic-authentication that although it solves the problem is not convenient to log in and then when want to consume another resource show a prompt to log in again. Also change the api routes to a web middleware is not an option.
有人知道如何通过普通的laravel身份验证来保护laravel API路由
Does someone knows how to protect the laravel API routes with the normal laravel authentication
推荐答案
The solution was simple, even that is on the documentation, the necessary steps should be clarified.
我们需要:
- 添加护照
composer require laravel/passport
- 进行迁移
php artisan migrate
- 安装护照
php artisan passport:install
- Add passport
composer require laravel/passport
- Make the migrations
php artisan migrate
- Install passport
php artisan passport:install
第四步更加复杂.我们需要打开User.php模型文件.首先,我们需要导入HasApiTokens并告诉模型使用它.
The fourth step is more complex. We need to open our User.php model file. And first we need to import the HasApiTokens and tell the model to use it.
use Laravel\Passport\HasApiTokens;
class User extends Authenticatable
{
use HasApiTokens, Notifiable;
.......
}
然后在我们的config/auth.php
上,我们需要修改api数组并将驱动程序更改为passport
Then on our config/auth.php
we need to modify the api array and change the driver to passport
'api' => [
//for API authentication with Passport
'driver' => 'passport',
'provider' => 'users',
],
然后在我们的app/Http/Kernel.php
上,我们需要在键web
的$middlewareGroups
数组中添加中间件.
Then on our app/Http/Kernel.php
we need to add a middleware to the $middlewareGroups
array in the key web
.
protected $middlewareGroups = [
'web' => [
................
//for API authentication with Passport
\Laravel\Passport\Http\Middleware\CreateFreshApiToken::class,
],
现在,我们可以在api路由上使用auth:api
中间件了.
Now we can use the auth:api
middleware on our api routes.
Route::middleware('auth:api')->group( function(){
...your routes here
});
这篇关于Laravel + React,通过Laravel认证使用API的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!