Laravel - API 登录验证检查
Laravel - API login authentication check
作为学习 Laravel API、登录和身份验证的一部分,我创建了 API 登录路由,它工作正常,用户已登录并且 JSON需要放入 Bearer Token 字段的响应 returns 令牌和允许 CRUD 操作的 API 资源 movies 路由。
我正在使用 Postman 进行测试,当我直接转到 GET /api/movies 路由而无需登录或将令牌粘贴到 Bearer Token 中时,我无法访问此路由,如果用户未通过身份验证并收到此消息,这是期望的结果:
Symfony\Component\Routing\Exception\RouteNotFoundException: Route [login] not defined. in file /home/****/Projects/movie-api/vendor/laravel/framework/src/Illuminate/Routing/UrlGenerator.php on line 444
我正在尝试做的,而不是发送给 return JSON 的消息,即用户未通过身份验证但不知道如何或在何处放置该代码。
我已经在 api.php 和我的 AuthController 中尝试使用 Auth:check(),但无法使其正常工作,并且在 Laravel 文档中找不到与此相关的任何内容.
这是我的 api.php 和 AuthController.php:
api.php
<?php
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Route;
use App\Http\Controllers\API\MovieController;
use App\Http\Controllers\API\AuthController;
/*
|--------------------------------------------------------------------------
| API Routes
|--------------------------------------------------------------------------
|
| Here is where you can register API routes for your application. These
| routes are loaded by the RouteServiceProvider within a group which
| is assigned the "api" middleware group. Enjoy building your API!
|
*/
Route::post('register', [AuthController::class, 'signup']);
Route::post('login', [AuthController::class, 'login']);
Route::middleware('auth:sanctum')->group(function() {
Route::resource('movies', MovieController::class);
});
AuthController.php
<?php declare(strict_types=1);
namespace App\Http\Controllers\API;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
use App\Http\Controllers\Controller;
use Validator;
use App\Models\User;
use App\Providers\MovieApiProvider\ApiResponseServiceProvider as ApiResponseService;
class AuthController extends Controller
{
private ApiResponseService $apiResponseService;
public function __construct()
{
$this->apiResponseService = new ApiResponseService;
}
public function signup(Request $request)
{
$validator = Validator::make($request->all(), [
'name' => 'required',
'email' => 'required|email',
'password' => 'required',
'confirm_password' => 'required|same:password',
]);
if ($validator->fails()) {
return $this->apiResponseService->responseError('Error validation', ['error' => $validator->errors()]);
}
$input = $request->all();
$input['password'] = bcrypt($input['password']);
$user = User::create($input);
$success['token'] = $user->createToken('MyAuthApp')->plainTextToken;
$success['name'] = $user->name;
return $this->apiResponseService->responseSuccess($success, 'User created successfully.');
}
public function login(Request $request)
{
if (Auth::attempt([
'email' => $request->email,
'password' => $request->password
])) {
$authUser = Auth::user();
$success['token'] = $authUser->createToken('MyAuthApp')->plainTextToken;
$success['name'] = $authUser->name;
return $this->apiResponseService->responseSuccess($success, 'User signed in');
} else {
return $this->apiResponseService->responseError('Unauthorised.', ['error' => 'Unauthorised'], 401);
}
}
}
有人可以帮忙吗?
Laravel 假定您使用的是浏览器,因此在检查身份验证时,您将被重定向到登录页面。您只需要:
Accept: application/json
作为学习 Laravel API、登录和身份验证的一部分,我创建了 API 登录路由,它工作正常,用户已登录并且 JSON需要放入 Bearer Token 字段的响应 returns 令牌和允许 CRUD 操作的 API 资源 movies 路由。
我正在使用 Postman 进行测试,当我直接转到 GET /api/movies 路由而无需登录或将令牌粘贴到 Bearer Token 中时,我无法访问此路由,如果用户未通过身份验证并收到此消息,这是期望的结果:
Symfony\Component\Routing\Exception\RouteNotFoundException: Route [login] not defined. in file /home/****/Projects/movie-api/vendor/laravel/framework/src/Illuminate/Routing/UrlGenerator.php on line 444
我正在尝试做的,而不是发送给 return JSON 的消息,即用户未通过身份验证但不知道如何或在何处放置该代码。
我已经在 api.php 和我的 AuthController 中尝试使用 Auth:check(),但无法使其正常工作,并且在 Laravel 文档中找不到与此相关的任何内容.
这是我的 api.php 和 AuthController.php:
api.php
<?php
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Route;
use App\Http\Controllers\API\MovieController;
use App\Http\Controllers\API\AuthController;
/*
|--------------------------------------------------------------------------
| API Routes
|--------------------------------------------------------------------------
|
| Here is where you can register API routes for your application. These
| routes are loaded by the RouteServiceProvider within a group which
| is assigned the "api" middleware group. Enjoy building your API!
|
*/
Route::post('register', [AuthController::class, 'signup']);
Route::post('login', [AuthController::class, 'login']);
Route::middleware('auth:sanctum')->group(function() {
Route::resource('movies', MovieController::class);
});
AuthController.php
<?php declare(strict_types=1);
namespace App\Http\Controllers\API;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
use App\Http\Controllers\Controller;
use Validator;
use App\Models\User;
use App\Providers\MovieApiProvider\ApiResponseServiceProvider as ApiResponseService;
class AuthController extends Controller
{
private ApiResponseService $apiResponseService;
public function __construct()
{
$this->apiResponseService = new ApiResponseService;
}
public function signup(Request $request)
{
$validator = Validator::make($request->all(), [
'name' => 'required',
'email' => 'required|email',
'password' => 'required',
'confirm_password' => 'required|same:password',
]);
if ($validator->fails()) {
return $this->apiResponseService->responseError('Error validation', ['error' => $validator->errors()]);
}
$input = $request->all();
$input['password'] = bcrypt($input['password']);
$user = User::create($input);
$success['token'] = $user->createToken('MyAuthApp')->plainTextToken;
$success['name'] = $user->name;
return $this->apiResponseService->responseSuccess($success, 'User created successfully.');
}
public function login(Request $request)
{
if (Auth::attempt([
'email' => $request->email,
'password' => $request->password
])) {
$authUser = Auth::user();
$success['token'] = $authUser->createToken('MyAuthApp')->plainTextToken;
$success['name'] = $authUser->name;
return $this->apiResponseService->responseSuccess($success, 'User signed in');
} else {
return $this->apiResponseService->responseError('Unauthorised.', ['error' => 'Unauthorised'], 401);
}
}
}
有人可以帮忙吗?
Laravel 假定您使用的是浏览器,因此在检查身份验证时,您将被重定向到登录页面。您只需要:
Accept: application/json