当前位置: 首页 > news >正文

laravel 11 使用jw-auth进行API 登录

news 来源:原创 2024/9/20 17:33:44

首先安装

composer require tymon/jwt-auth

默认安装后我的版本是2.1

    "require": {"php": "^8.2",...."tymon/jwt-auth": "^2.1"},

发布包配置文件

php artisan vendor:publish --provider="Tymon\JWTAuth\Providers\LaravelServiceProvider"

生成密钥

php artisan jwt:secret

env 中会生成这段代码

JWT_SECRET=fW87rUsPjEy0UoE0J9CYbk44mBskdyPQrLehLDVRL3pUA4nq4umf8aoaoC6ugy55
AUTH_GUARD = api
AUTH_PASSWORD_BROKER = users

开始

首先更新user 模型

<?phpnamespace App\Models;// use Illuminate\Contracts\Auth\MustVerifyEmail;
use Illuminate\Database\Eloquent\Factories\HasFactory;
use Illuminate\Foundation\Auth\User as Authenticatable;
use Illuminate\Notifications\Notifiable;
use Tymon\JWTAuth\Contracts\JWTSubject;class User extends Authenticatable implements JWTSubject
{use HasFactory, Notifiable;/*** The attributes that are mass assignable.** @var array<int, string>*/protected $fillable = ['name','email','password',];/*** The attributes that should be hidden for serialization.** @var array<int, string>*/protected $hidden = ['password','remember_token',];/*** Get the attributes that should be cast.** @return array<string, string>*/protected function casts(): array{return ['email_verified_at' => 'datetime','password' => 'hashed',];}// Rest omitted for brevity/*** Get the identifier that will be stored in the subject claim of the JWT.** @return mixed*/public function getJWTIdentifier(){return $this->getKey();}/*** Return a key value array, containing any custom claims to be added to the JWT.** @return array*/public function getJWTCustomClaims(){return [];}}

在 config/auth.php 文件中修改配置

.....   'guards' => ['web' => ['driver' => 'session','provider' => 'users',],'api' => ['driver' => 'jwt','provider' => 'users',],],
...

在API路由中添加认证

Route::post('/auth/login', [App\Http\Controllers\Apis\AuthController::class,'login'])->name('login');Route::group(['middleware' => 'auth:api'], function()
{Route::post('/auth/logout', [App\Http\Controllers\Apis\AuthController::class,'logout']);Route::post('/auth/refresh', [App\Http\Controllers\Apis\AuthController::class,'refresh']);Route::any('/auth/me', [App\Http\Controllers\Apis\AuthController::class,'me']);
});

创建AuthController.php

<?php
namespace App\Http\Controllers\Apis;
use Illuminate\Http\Request;
use App\Http\Controllers\Controller;
use DB;
use Auth;class AuthController extends Controller
{public function __construct(){// $this->middleware('auth:api', ['except' => ['login']]);}public function login(Request $request){$credentials = $request->only('email', 'password');if ($token = $this->guard()->attempt($credentials)) {return $this->respondWithToken($token);}return response()->json(['error' => 'Unauthorized'], 401);}/*** Get the authenticated User** @return \Illuminate\Http\JsonResponse*/public function me(){return response()->json($this->guard()->user());}/*** Log the user out (Invalidate the token)** @return \Illuminate\Http\JsonResponse*/public function logout(){$this->guard()->logout();return response()->json(['message' => 'Successfully logged out']);}/*** Refresh a token.** @return \Illuminate\Http\JsonResponse*/public function refresh(){return $this->respondWithToken($this->guard()->refresh());}/*** Get the token array structure.** @param  string $token** @return \Illuminate\Http\JsonResponse*/protected function respondWithToken($token){return response()->json(['code'=>100,'data'=>['access_token' => $token,'token_type' => 'bearer','expires_in' => $this->guard()->factory()->getTTL() * 60]]);}/*** Get the guard to be used during authentication.** @return \Illuminate\Contracts\Auth\Guard*/public function guard(){return Auth::guard();}}

Login 页面

<style scoped>.login-box{width: 100%;padding-top: 100px;}.Loginform{width: 50%;margin: auto;}
</style><template><div class="login-box"><h1 style="text-align: center;">喵~登录</h1><el-form class="Loginform" :model="form" label-width="auto" style="max-width: 600px"><el-form-item label="邮箱"><el-input v-model="form.email" /></el-form-item><el-form-item label="密码"><el-input type="password" v-model="form.password" ></el-input></el-form-item><el-form-item style="text-align: -webkit-center"><div style="width: 100%; text-align: center;"><el-button class="submit-btn" type="primary" @click="submitForm" style="justify-content: center;">登录</el-button></div></el-form-item></el-form></div>
</template><script lang="ts" setup>
import { ref,computed,onMounted } from 'vue';
import { Login } from '../apis/api';
import { useAuthStore } from '@/stores/auth';
import router from '../router'// import { AuthToken } from '../interfaces/Auth'const form = ref({email: '',password: ''})const submitForm = () => {let Loginform = {"email":form.value.email,"password":form.value.password};Login(Loginform).then(function(res:any){if(res.access_token && res.expires_in && res.token_type=='bearer'){const authStore = useAuthStore();authStore.login(true,res.access_token)router.push('/admin/home');}})};onMounted(() => {// GetCsrfToken().then(function(res:any){//   form.value.csrfToken = res.csrf_token// })})</script>

api.ts

import {post,get} from './https'export const Login = (params:any) => post('/auth/login',params)

原理是,当用户登录客户端之后,后台会返回一段字符串给客户端,客户端之后的每一步操作都会通过字符串访问后台,判断其字符串是否已经登录,所以需要在客户端的路由中编写监听器,不过这是后话!

相关文章:

  • 北京网站建设多少钱?
  • 辽宁网页制作哪家好_网站建设
  • 高端品牌网站建设_汉中网站制作
  • vs2022 启动之后崩溃解决方案
  • 学习嵌入式入门(十)高级定时器简介及实验(下)
  • 关于MariaDB
  • 测试需求分析(四)
  • winform中设置DateTimePicker参数为空
  • 【C++】什么是模板?
  • 第二证券:虚拟现实概念强势,博士眼镜三连板,星星科技涨停
  • spring mvc工作流程
  • 小试牛刀-区块链Solana多签账户
  • 血缘系统 datahub + Sqllineage
  • 修改docker的/var/lib/docker/overlay2储存路径
  • mac 链接数据库报错 - Public Key Retrieval is not allowed
  • 通过xshell使用密钥连接阿里云服务器
  • IF>22| 一文解析宏基因Catalog怎么做
  • 预处理指令简介
  • [数据结构]链表的实现在PHP中
  • 【159天】尚学堂高琪Java300集视频精华笔记(128)
  • 77. Combinations
  • create-react-app做的留言板
  • fetch 从初识到应用
  • javascript面向对象之创建对象
  • Java超时控制的实现
  • jdbc就是这么简单
  • JS函数式编程 数组部分风格 ES6版
  • nginx(二):进阶配置介绍--rewrite用法,压缩,https虚拟主机等
  • node.js
  • npx命令介绍
  • Python中eval与exec的使用及区别
  • Spring核心 Bean的高级装配
  • vue的全局变量和全局拦截请求器
  • 检测对象或数组
  • 漂亮刷新控件-iOS
  • 如何使用Mybatis第三方插件--PageHelper实现分页操作
  • 深入浅出Node.js
  • 世界上最简单的无等待算法(getAndIncrement)
  • 线性表及其算法(java实现)
  • 项目管理碎碎念系列之一:干系人管理
  • 项目实战-Api的解决方案
  • (11)MATLAB PCA+SVM 人脸识别
  • (AtCoder Beginner Contest 340) -- F - S = 1 -- 题解
  • (zt)最盛行的警世狂言(爆笑)
  • (二)换源+apt-get基础配置+搜狗拼音
  • (附源码)计算机毕业设计SSM疫情下的学生出入管理系统
  • (原創) 如何優化ThinkPad X61開機速度? (NB) (ThinkPad) (X61) (OS) (Windows)
  • (正则)提取页面里的img标签
  • (转)Groupon前传:从10个月的失败作品修改,1个月找到成功
  • (转)利用PHP的debug_backtrace函数,实现PHP文件权限管理、动态加载 【反射】...
  • (转)拼包函数及网络封包的异常处理(含代码)
  • (转载)OpenStack Hacker养成指南
  • . Flume面试题
  • . NET自动找可写目录
  • .NET 8 跨平台高性能边缘采集网关
  • .NET Core 网络数据采集 -- 使用AngleSharp做html解析
  • .net core使用ef 6
  • .NET/ASP.NETMVC 大型站点架构设计—迁移Model元数据设置项(自定义元数据提供程序)...