Laravel + React,使用Laravel身份验证使用api

我们有一个Laravel项目,其中react作为前端。 基本上反应是在laravel项目中,我们使用 php artisan preset react </ code>来添加它。</ p>

由于此应用程序需要身份验证,我们使用自定义laravel auth来提供 访问用户。 然后,当身份验证正确时,我们会将用户重定向到一个路由,该路由将由react和react路由器进行管理。
问题是我们需要从同一个应用程序中使用我们的API端点,并且这些端点必须受到保护。
laravel Auth不在那里工作,每次请求都没有发送sessión信息。 我试过 https://laravel.com/docs/5.7/ 身份验证#statless-http-basic-authentication 虽然它解决了问题,但登录时不方便,然后当想要消耗其他资源时显示再次登录的提示。 也不能将api路由更改为Web中间件。</ p>

是否有人知道如何使用正常的laravel身份验证保护laravel API路由</ p>
</ div>

展开原文

原文

we have a Laravel project with react as the front-end. Basically react is inside the laravel project, we used php artisan preset react to add it.

As this application needs authentication, we used the custom laravel auth to give access to the users. Then when the authentication is correct, we redirect the user to a route that will be managed by react and react router. The problem is that we need to consume our API endpoints from the same app, and those endpoints MUST be protected. The laravel Auth is not working there, the sessión information is not being sent on each request. I’ve tried https://laravel.com/docs/5.7/authentication#stateless-http-basic-authentication that although it solves the problem is not convenient to log in and then when want to consume another resource show a prompt to log in again. Also change the api routes to a web middleware is not an option.

Does someone knows how to protect the laravel API routes with the normal laravel authentication

2个回答

The solution was simple, even that is on the documentation, the necessary steps should be clarified.

We need to:

  1. Add passport composer require laravel/passport
  2. Make the migrations php artisan migrate
  3. Install passport php artisan passport:install

The fourth step is more complex. We need to open our User.php model file. And first we need to import the HasApiTokens and tell the model to use it.

use Laravel\Passport\HasApiTokens;

class User extends Authenticatable

{

    use HasApiTokens, Notifiable;

    .......

}

Then on our config/auth.php we need to modify the api array and change the driver to passport

'api' => [

    //for API authentication with Passport

    'driver' => 'passport',

    'provider' => 'users',

],

Then on our app/Http/Kernel.php we need to add a middleware to the $middlewareGroups array in the key web.

protected $middlewareGroups = [

    'web' => [

        ................

        //for API authentication with Passport

        \Laravel\Passport\Http\Middleware\CreateFreshApiToken::class,

    ],

Now we can use the auth:api middleware on our api routes.

Route::middleware('auth:api')->group( function(){
    ...your routes here
});



在routes / api.php中定义的路由默认为无状态。 他们不使用会话。</ p>

你必须添加必要的中间件,如 StartSession :: class </ code>和'auth'</ code>,如果你 想要利用经过身份验证的会话。 您可以在路由组中执行此操作,也可以在app / Http / Kernel.php中的 $ middlewareGroups ['api'] </ code>数组中执行此操作。</ p>
</ div>

展开原文

原文

The routes defined in routes/api.php are, by default, stateless. They do not use sessions.

You must add the necessary middleware, like StartSession::class and 'auth', if you want to take advantage of authenticated sessions. You can do this either in a route group, or in the $middlewareGroups['api'] array in app/Http/Kernel.php.

Csdn user default icon
上传中...
上传图片
插入图片
抄袭、复制答案,以达到刷声望分或其他目的的行为,在CSDN问答是严格禁止的,一经发现立刻封号。是时候展现真正的技术了!
立即提问
相关内容推荐