本文共 4670 字,大约阅读时间需要 15 分钟。
首先,安装必要的组件:
composer create-project --prefer-dist laravel/laravel laravel6.env
数据库配置需修改默认字符串长度:
数据库默认字符串长度
创建项目并生成请求:
php artisan make:request BaseRequest
入口文件替换原生Request为BaseRequest:
php artisan make:controller PassportController
安装Passport组件:
composer require laravel/passport
数据库迁移:
php artisan migrate
初始化Passport:
php artisan passport:install
在config/auth.php中添加以下配置:
'defaults' => [ 'guard' => 'api', 'passwords' => 'users',],'guards' => [ 'web' => [ 'driver' => 'session', 'provider' => 'users', ], 'api' => [ 'driver' => 'passport', 'provider' => 'users', 'hash' => false, ],],
设置令牌过期时间:
Passport::tokensExpireIn(now() -> addDays(15));Passport::refreshTokensExpireIn(now() -> addDays(60));
定义路由并添加中间件:
Route::post('/oauth/token', '\Laravel\Passport\Http\Controllers\AccessTokenController@issueToken');Route::post('/register', 'PassportController@register');Route::post('/login', 'PassportController@login');Route::post('/refresh', 'PassportController@refresh');Route::post('/logout', 'PassportController@logout'); 测试接口:
Route::get('test', function () { return 'ok';})->middleware('auth'); PassportController实现:
namespace App\Http\Controllers;use App\User;use GuzzleHttp\Client;use Illuminate\Http\Request;use Illuminate\Support\Facades\Validator;class PassportController extends Controller{ protected $clientId; protected $clientSecret; public function __construct() { $this->middleware('auth')->except('login', 'register', 'refresh'); $client = \DB::table('oauth_clients')->where('id', 2)->first(); $this->clientId = $client->id; $this->clientSecret = $client->secret; } protected function username() { return 'email'; } public function register() { $this->validator(request()->all())->validate(); $this->create(request()->all()); return $this->getToken(); } protected function validator(array $data) { return Validator::make($data, [ 'name' => ['required', 'string', 'max:255', 'unique:users',], 'email' => ['required', 'string', 'email', 'max:255',], 'password' => ['required', 'string', 'min:8', 'confirmed'], ]); } protected function create(array $data) { return User::forceCreate([ 'name' => $data['name'], 'email' => $data['email'], 'password' => password_hash($data['password'], PASSWORD_DEFAULT), ]); } public function logout(Request $request) { $tokenModel = auth()->user()->token(); $tokenModel->update(['revoked' => 1]); \DB::table('oauth_refresh_tokens') ->where(['access_token_id' => $tokenModel->id]) ->update(['revoked' => 1]); return ['message' => '退出登录成功']; } public function login() { $user = User::where($this->username(), request($this->username())) ->firstOrFail(); if (!password_verify(request('password'), $user->password)) { return response()->json(['error' => '抱歉,账号名或者密码错误!'], 403); } return $this->getToken(); } public function refresh() { $response = (new Client())->post('http://lishen.com/api/oauth/token', [ 'form_params' => [ 'grant_type' => 'refresh_token', 'refresh_token' => request('refresh_token'), 'client_id' => $this->clientId, 'client_secret' => $this->clientSecret, 'scope' => '*', ], ]); return $response; } private function getToken() { $response = (new Client())->post('http://lishen.com/api/oauth/token', [ 'form_params' => [ 'grant_type' => 'password', 'username' => request('email'), 'password' => request('password'), 'client_id' => $this->clientId, 'client_secret' => $this->clientSecret, 'scope' => '*', ], ]); return $response; }} 添加scopes:
Passport::tokensCan([ 'test1' => 'for test1', 'test2' => 'for test2',]);// 注册中间件Route::middleware('scopes:test1,test2'); 检查权限:
if (auth()->user()->tokenCan('place-orders')) { //} 常用方法:
Laravel\Passport\Passport::scopeIds(); // ["test1","test2"]Laravel\Passport\Passport::scopes(); // [{"id":"test1","description":"for test1"},{"id":"test2","description":"for test2"}]Laravel\Passport\Passport::scopesFor(['test1', 'check-status']); // [{"id":"test1","description":"for test1"}]Laravel\Passport\Passport::hasScope('place-orders'); // false 转载地址:http://wxvfk.baihongyu.com/