Laravel Passport 構建 API 身份驗證和授權

composer?require?laravel/passport php?artisan?migrate php?artisan?passport:install

... ????'guards'?=>?[ ????????'web'?=>?[ ????????????'driver'?=>?'session', ????????????'provider'?=>?'users', ????????], ????????'api'?=>?[ ????????????'driver'?=>?'passport', ????????????'provider'?=>?'users', ????????], ????], ...

<?php namespace App; use IlluminateFoundationAuthUser as Authenticatable; use IlluminateNotificationsNotifiable; use LaravelPassportHasApiTokens; class User extends Authenticatable {     use Notifiable, HasApiTokens;     /**      * The attributes that are mass assignable.      *      * @var array      */     protected $fillable = [         &#39;name&#39;, &#39;email&#39;, &#39;password&#39;,     ];     /**      * The attributes that should be hidden for arrays.      *      * @var array      */     protected $hidden = [         &#39;password&#39;, &#39;remember_token&#39;,     ];     /**      * The attributes that should be cast to native types.      *      * @var array      */     protected $casts = [         &#39;email_verified_at&#39; =>?'datetime', ????]; }

<?php namespace AppRepositoriesUser; use IlluminateHttpRequest; interface UserRepositoryInterface {     public function register(Request $request);     public function login(Request $request);     public function refreshToken(Request $request);     public function details();     public function logout(Request $request);     public function response($data, int $statusCode);     public function getTokenAndRefreshToken(string $email, string $password);     public function sendRequest(string $route, array $formParams);     public function getOClient(); }

<?php namespace AppRepositoriesUser; use AppUser; use GuzzleHttpClient; use IlluminateHttpRequest; use IlluminateSupportFacadesAuth; use LaravelPassportClient as OClient; use GuzzleHttpExceptionClientException; use AppRepositoriesUserUserRepositoryInterface; class UserRepository implements UserRepositoryInterface {     const SUCCUSUS_STATUS_CODE = 200;     const UNAUTHORISED_STATUS_CODE = 401;     const BASE_URL = "http://mylemp-nginx";     public function __construct(Client $client) {         $this->http?=?$client; ????} ????public?function?register(Request?$request)?{ ????????$email?=?$request-&gt;email; ????????$password?=?$request-&gt;password; ????????$input?=?$request-&gt;all(); ????????$input['password']?=?bcrypt($input['password']); ????????User::create($input); ????????$response?=?$this-&gt;getTokenAndRefreshToken($email,?$password); ????????return?$this-&gt;response($response["data"],?$response["statusCode"]); ????} ????public?function?login(Request?$request)?{ ????????$email?=?$request-&gt;email; ????????$password?=?$request-&gt;password; ????????if?(Auth::attempt(['email'?=&gt;?$email,?'password'?=&gt;?$password]))?{ ????????????$response?=?$this-&gt;getTokenAndRefreshToken($email,?$password); ????????????$data?=?$response["data"]; ????????????$statusCode?=??$response["statusCode"]; ????????}?else?{ ????????????$data?=?['error'=&gt;'Unauthorised']; ????????????$statusCode?=??self::UNAUTHORISED_STATUS_CODE; ????????} ????????return?$this-&gt;response($data,?$statusCode); ????} ????public?function?refreshToken(Request?$request)?{ ????????if?(is_null($request-&gt;header('Refreshtoken')))?{ ????????????return?$this-&gt;response(['error'=&gt;'Unauthorised'],?self::UNAUTHORISED_STATUS_CODE); ????????} ????????$refresh_token?=?$request-&gt;header('Refreshtoken'); ????????$Oclient?=?$this-&gt;getOClient(); ????????$formParams?=?[?'grant_type'?=&gt;?'refresh_token', ????????????????????????'refresh_token'?=&gt;?$refresh_token, ????????????????????????'client_id'?=&gt;?$Oclient-&gt;id, ????????????????????????'client_secret'?=&gt;?$Oclient-&gt;secret, ????????????????????????'scope'?=&gt;?'*']; ????????return?$this-&gt;sendRequest("/oauth/token",?$formParams); ????} ????public?function?details()?{ ????????$user?=?Auth::user(); ????????return?$this-&gt;response($user,?self::SUCCUSUS_STATUS_CODE); ????} ????public?function?logout(Request?$request)?{ ????????$request-&gt;user()-&gt;token()-&gt;revoke(); ????????return?$this-&gt;response(['message'?=&gt;?'Successfully?logged?out'],?self::SUCCUSUS_STATUS_CODE); ????} ????public?function?response($data,?int?$statusCode)?{ ????????$response?=?["data"=&gt;$data,?"statusCode"=&gt;$statusCode]; ????????return?$response; ????} ????public?function?getTokenAndRefreshToken(string?$email,?string?$password)?{ ????????$Oclient?=?$this-&gt;getOClient(); ????????$formParams?=?[?'grant_type'?=&gt;?'password', ????????????????????????'client_id'?=&gt;?$Oclient-&gt;id, ????????????????????????'client_secret'?=&gt;?$Oclient-&gt;secret, ????????????????????????'username'?=&gt;?$email, ????????????????????????'password'?=&gt;?$password, ????????????????????????'scope'?=&gt;?'*']; ????????return?$this-&gt;sendRequest("/oauth/token",?$formParams); ????} ????public?function?sendRequest(string?$route,?array?$formParams)?{ ????????try?{ ????????????$url?=?self::BASE_URL.$route; ????????????$response?=?$this-&gt;http-&gt;request('POST',?$url,?['form_params'?=&gt;?$formParams]); ????????????$statusCode?=?self::SUCCUSUS_STATUS_CODE; ????????????$data?=?json_decode((string)?$response-&gt;getBody(),?true); ????????}?catch?(ClientException?$e)?{ ????????????echo?$e-&gt;getMessage(); ????????????$statusCode?=?$e-&gt;getCode(); ????????????$data?=?['error'=&gt;'OAuth?client?error']; ????????} ????????return?["data"?=&gt;?$data,?"statusCode"=&gt;$statusCode]; ????} ????public?function?getOClient()?{ ????????return?OClient::where('password_client',?1)-&gt;first(); ????} }

<?php namespace AppHttpRequests; use IlluminateFoundationHttpFormRequest; use IlluminateContractsValidationValidator; use IlluminateHttpExceptionsHttpResponseException; class UserLoginRequest extends FormRequest {     const UNPROCESSABLE_ENTITY = 422;     public function rules() {         return [             &#39;email&#39; =>?'required|email', ????????????'password'?=&gt;?'required', ??????????]; ????} ????protected?function?failedValidation(Validator?$validator)?{ ????????throw?new?HttpResponseException(response()-&gt;json($validator-&gt;errors(),?self::UNPROCESSABLE_ENTITY)); ????} }

<?php namespace AppHttpRequests; use IlluminateFoundationHttpFormRequest; use IlluminateContractsValidationValidator; use IlluminateHttpExceptionsHttpResponseException; class UserRegisterRequest extends FormRequest {     const UNPROCESSABLE_ENTITY = 422;     public function rules() {         return [             &#39;name&#39; =>?'required', ????????????'email'?=&gt;?'required|email|unique:users', ????????????'password'?=&gt;?'required', ????????????'c_password'?=&gt;?'required|same:password', ??????????]; ????} ????protected?function?failedValidation(Validator?$validator)?{ ????????throw?new?HttpResponseException(response()-&gt;json($validator-&gt;errors(),?self::UNPROCESSABLE_ENTITY)); ????} }

<?php namespace AppProviders; use AppRepositoriesUserUserRepository; use AppRepositoriesUserUserRepositoryInterface; use IlluminateSupportServiceProvider; class AppServiceProvider extends ServiceProvider {     /**      * Register any application services.      *      * @return void      */     public function register() {         $this->app-&gt;bind(UserRepositoryInterface::class,?UserRepository::class); ????} ????/** ?????*?Bootstrap?any?application?services. ?????* ?????*?@return?void ?????*/ ????public?function?boot()?{ ????????// ????} }

<?php namespace AppProviders; use IlluminateFoundationSupportProvidersAuthServiceProvider as ServiceProvider; use LaravelPassportPassport; class AuthServiceProvider extends ServiceProvider {     /**      * The policy mappings for the application.      *      * @var array      */     protected $policies = [         // &#39;AppModel&#39; =>?'AppPoliciesModelPolicy', ????]; ????/** ?????*?Register?any?authentication?/?authorization?services. ?????* ?????*?@return?void ?????*/ ????public?function?boot()?{ ????????$this-&gt;registerPolicies(); ????????Passport::routes(); ????} }

<?php namespace AppHttpControllers; use IlluminateHttpRequest; use AppHttpRequestsUserLoginRequest; use AppHttpRequestsUserRegisterRequest; use AppRepositoriesUserUserRepositoryInterface; class UserController extends Controller {     const SUCCUSUS_STATUS_CODE = 200;     const UNAUTHORISED_STATUS_CODE = 401;     public function __construct(UserRepositoryInterface $userRepository) {         $this->userRepository?=?$userRepository; ????} ????public?function?login(UserLoginRequest?$request)?{ ????????$response?=?$this-&gt;userRepository-&gt;login($request); ????????return?response()-&gt;json($response["data"],?$response["statusCode"]); ????} ????public?function?register(UserRegisterRequest?$request)?{ ????????$response?=?$this-&gt;userRepository-&gt;register($request); ????????return?response()-&gt;json($response["data"],?$response["statusCode"]); ????} ????public?function?details()?{ ????????$response?=?$this-&gt;userRepository-&gt;details(); ????????return?response()-&gt;json($response["data"],?$response["statusCode"]); ????} ????public?function?logout(Request?$request)?{ ????????$response?=?$this-&gt;userRepository-&gt;logout($request); ????????return?response()-&gt;json($response["data"],?$response["statusCode"]); ????} ????public?function?refreshToken(Request?$request)?{ ????????$response?=?$this-&gt;userRepository-&gt;refreshToken($request); ????????return?response()-&gt;json($response["data"],?$response["statusCode"]); ????} }

<?php use IlluminateSupportFacadesRoute; Route::post(&#39;login&#39;, &#39;UserController@login&#39;); Route::post(&#39;register&#39;, &#39;UserController@register&#39;); Route::post(&#39;refreshtoken&#39;, &#39;UserController@refreshToken&#39;); Route::group([&#39;middleware&#39; =>?['auth:api']],?function?()?{ ????Route::post('logout',?'UserController@logout'); ????Route::post('details',?'UserController@details'); });