Ò»ÎÄÏÈÈÝLaravelÖÐTokenµÄʵÏÖ»úÖÆ
laravelÊÇÒ»¸öʹÓÃphp±à³ÌÓïÑÔ¿ª·¢µÄwebÓ¦Óÿò¼Ü£¬ËüµÄ׿ԽÌåÏÖµÃÒæÓÚÆäÄÚ²¿¼¯³É´ó×Ú¹¦Ð§Ç¿Ê¢µÄÀ©Õ¹°ü¡£ÆäÖоͰüÀ¨ÁËtokenµÄµ×²ãʵÏÖ¡£token£¬¼´ÁîÅÆ£¬ÊÇwebÓ¦ÓóÌÐò³£ÓõÄÒ»ÖÖÉí·ÝÑéÖ¤·½·¨£¬Í¨³£ÓÃÓÚ±£»¤apiºÍwebЧÀÍÃâÊܲ»·¨»á¼û¡£ÔÚÕâƪÎÄÕÂÖУ¬ÎÒÃǽ«ÏÈÈÝlaravelÖÐtokenµÄʵÏÖ»úÖÆ¡£
Ò»¡¢ÁîÅƵĿ´·¨
Token£¬¹ËÃû˼Ò壬¾ÍÊÇÖ¸Ò»ÖÖÁîÅÆ£¬ÊÇÒ»ÖÖ±ê¼Ç£¬¿ÉÒÔ´ú±íijÖÖÉí·ÝÐÅÏ¢»òÕßÊÚȨÐÅÏ¢¡£Ëüͨ³£ÓÉЧÀÍÆ÷±¬·¢²¢·¢·Å¸ø¿Í»§¶Ë£¬¿Í»§¶ËÊÕµ½ÁîÅƺó½«Æä´æ·ÅÔÚÍâµØ£¬ÔÚºóÐøÇëÇóʱ¼ÓÈëÇëÇóÍ·»òÕßÇëÇó²ÎÊýÖУ¬×÷ΪÉí·ÝÑéÖ¤»òÊÚȨµÄ±êʶ¡£Ð§ÀÍÆ÷ͨ¹ý¼ì²éÁîÅÆÊÇ·ñÓÐÓ㬾ͿÉÒÔÈ·¶¨ÇëÇóÊÇ·ñ¾ßÓÐÉí·ÝÑéÖ¤»òÕßÊÚȨÐÅÏ¢¡£
ÁîÅƵÄʹÓÃÄܹ»¸üÓÐÓõر£»¤WebÓ¦ÓÃÃâÊÜδ¾ÊÚȨµÄ»á¼û£¬ÓÈÆäÊÇÔÚAPIºÍWebЧÀÍÖУ¬ÁîÅÆÊDZز»¿ÉÉٵġ£
¶þ¡¢ Laravel TokenµÄʵÏÖ
Laravel×÷Ϊһ¿îÓÅÒìµÄWebÓ¦Óÿò¼Ü£¬ÔÚÆäÄÚÖõÄAuth¹¦Ð§ÖÐÌṩÁËTokenµÄÖ§³Ö¡£ÔÚLaravelÖУ¬TokenµÄʵÏÖʹÓÃÁËLaravel SanctumÕâ¸öÀ©Õ¹°ü¡£
2.1 Laravel Sanctum
Laravel SanctumÊÇÒ»¿îÇáÁ¿¼¶µÄÉí·ÝÑéÖ¤°ü£¬¿ÉÒÔΪLaravelÓ¦ÓóÌÐòÌṩAPIÉí·ÝÑéÖ¤£¬»ùÓÚAPIÃØÔ¿»òÕßToken£¬ÈÃÓ¦ÓóÌÐò¸üºÃµÄÔËÐÐÔÚÎÞ״̬ÇéÐÎÖУ¬ÈçSPAÓ¦ÓóÌÐò¡¢µ¥Ò³Ó¦ÓóÌÐòºÍÒƶ¯Ó¦ÓóÌÐòµÈ¡£Laravel SanctumÌṩÁËÒÔϹ¦Ð§£º
ÎÞÐèÉèÖü´¿É×îÏÈʹÓã»
Ö§³ÖʹÓÃsession¡¢TokenÒÔ¼°APIÃØÔ¿µÈ¶àÖÖÉí·ÝÑéÖ¤·½·¨£»
ÄÚÖÃÁ˶àÖÖÉí·ÝÑéÖ¤µÄʵÏÖ£¬Èçcookie¡¢Token¡¢authµÈ£»
ÌṩÁËÀû±ãµÄÉí·ÝÑéÖ¤ºÍTokenÌìÉú£»
¸üºÃµÄ×Ô½ç˵Éí·ÝÑéÖ¤Á÷³Ì¡£
2.2 TokenµÄʵÏÖÔÀí
ÔÚLaravel SanctumÖУ¬TokenµÄʵÏÖÔÀíÓësessionʵÏÖÔÀíÀàËÆ¡£ÔÚÇëÇóÖУ¬¿Í»§¶ËÏòЧÀÍÆ÷·¢³öÇëÇóʱ£¬½«Token×÷ΪÇëÇó²ÎÊý»òHeaderÖеÄAuthorization×ֶη¢Ë͸øЧÀÍÆ÷¡£Ð§ÀÍÆ÷ÔÚ¼ì²éTokenÊÇ·ñÓÐÓ㬲¢ÔÚÓÐÓÃÆÚÄÚ£¬¸øÓèÇëÇó²Ù×÷µÄȨÏÞ»òÕß·µ»Ø¹ýʧÐÅÏ¢¡£TokenµÄʵÏÖÁ÷³ÌÈçÏ£º
½¨ÉèToken£ºµ±Óû§µÇ¼ʱ£¬Sanctum½«Îª¸ÃÓû§ÌìÉúÒ»¸öËæ»úµÄToken£¬²¢½«¸ÃTokenÉúÑÄÔÚºǫ́Êý¾Ý¿âÖУ»
·¢ËÍToken£º½«Token×÷ΪÇëÇó²ÎÊý»òÕßHeaderÖеÄAuthorization×ֶη¢Ë͸øЧÀÍÆ÷£»
TokenÑéÖ¤£ºÔÚЧÀÍÆ÷¶Ë£¬Sanctum½«¼ì²éÎüÊÕµ½µÄTokenÊÇ·ñÓÐÓ㬲¢¾öÒéÊÚȨ»ò¾Ü¾ø£»
TokensÖÎÀí£ºSanctumÌṩÁËһϵÁÐAPIÀ´½¨Éè¡¢×÷·Ï¡¢²éÕÒºÍÑéÖ¤Token¡£
Èý¡¢ Laravel TokenµÄʹÓÃ
SanctumÌṩÁËÀû±ãÒ×ÓõÄAPIÀ´Ê¹ÓÃToken£¬°üÀ¨TokenµÄ½¨Éè¡¢×÷·Ï¡¢²éÕÒºÍÑéÖ¤µÈ¡£ÏÂÃæÊÇTokenµÄʹÓ÷½·¨£º
3.1 ×°ÖÃ Sanctum
ÔÚÓ¦ÓóÌÐòÖУ¬Ê×ÏÈÐèÒª½«SanctumµÄÒÀÀµ°üÒýÈëµ½Ó¦ÓõÄcomposer.jsonÎļþ£º
composer require laravel/sanctum
µÇ¼ºó¸´ÖÆ
×°ÖÃÍê³Éºó£¬ÐèÒªÔÚconfig/app.phpÎļþÖÐÌí¼ÓÈçÏÂÉèÖãº
'providers' => [ // Other service providers... Laravel\Sanctum\SanctumServiceProvider::class, ],
µÇ¼ºó¸´ÖÆ
3.2 Ðû²¼ÉèÖÃ
ÔÚ×°ÖÃÍê³Éºó£¬ÐèÒªÔËÐÐÒÔÏÂÏÂÁîÀ´Ðû²¼SanctumµÄÉèÖÃÎļþ£º
php artisan vendor:publish --provider="Laravel\Sanctum\SanctumServiceProvider"
µÇ¼ºó¸´ÖÆ
3.3 ÉèÖÃMiddleware
ÔÚʹÓÃSanctumʱ£¬ÐèÒªÔÚ¶ÔÓ¦µÄ·ÓÉÖÐÌí¼ÓÖÐÑë¼þ¡£ÔÚLaravelÖУ¬ÒѾÄÚÖÃÁËAPIÈÏÖ¤µÄÖÐÑë¼þ£¬¿ÉÒÔÖ±½ÓŲÓá£
3.4 ½¨ÉèToken
ÔڵǼºó£¬¿ÉÒÔʹÓÃÈçÏ´úÂëÀ´ÎªÄ¿½ñÓû§½¨ÉèToken£º
use Illuminate\Http\Request; use Illuminate\Support\Facades\Hash; use Illuminate\Validation\ValidationException; use App\Models\User; use Illuminate\Support\Facades\Auth; use Illuminate\Support\Facades\Route; // ½¨ÉèToken Route::post('/api/token/create', function (Request $request) { $request->validate([ 'email' => 'required|email', 'password' => 'required', ]); $user = User::where('email', $request->email)->first(); if (! $user || ! Hash::check($request->password, $user->password)) { throw ValidationException::withMessages([ 'email' => ['The provided credentials are incorrect.'], ]); } return $user->createToken($request->header('User-Agent'))->plainTextToken; });
µÇ¼ºó¸´ÖÆ
ÔÚÉÏÃæµÄ´úÂëÖУ¬¿ÉÒÔ¿´µ½ÔÚ½¨ÉèTokenʱ£¬Ê¹ÓûúеµÄUser-Agent×÷ΪÌØÁíÍâ²ÎÊý¡£ÕâÀïµÄUser-AgentÊÇÒ»¸öHTTPÍ·£¬¼Í¼ÁËä¯ÀÀÆ÷»òÓ¦ÓóÌÐòµÄÏà¹ØÐÅÏ¢¡£Õâ¸öÐÅÏ¢½«×÷ΪTokenµÄÒ»²¿·Ö£¬Ê¹µÃTokenÒ»µ©±»µÁÓûòÕ߶ñÒâʹÓ㬿ÉÒÔºÜÈÝÒ׵ط¢Ã÷ºÍ×÷·Ï¡£
3.5 ×÷·ÏToken
½¨ÉèµÄTokenÒ»µ©±»µÁÓûòÕßʧЧ£¬¿ÉÒÔʹÓÃÈçÏ´úÂë×÷·Ï£º
Auth::user()->tokens()->delete();
µÇ¼ºó¸´ÖÆ
3.6 ÑéÖ¤À©Õ¹
Sanctum»¹ÌṩÁËÓÅÒìµÄÑéÖ¤À©Õ¹£¬¿ÉÒÔÀû±ãµØ¾ÙÐлá¼û¿ØÖÆ£¬´úÂëÈçÏ£º
use Illuminate\Http\Request; use Illuminate\Support\Facades\Hash; use Illuminate\Validation\ValidationException; use App\Models\User; use Illuminate\Support\Facades\Auth; use Illuminate\Support\Facades\Route; use Laravel\Sanctum\HasApiTokens; class User extends Authenticatable { use HasApiTokens, Notifiable; }
µÇ¼ºó¸´ÖÆ
ʹÓÃÉÏÊö´úÂëÖ®ºó£¬ÎÒÃǾͿÉÒÔÔÚUserÄ£×ÓÖÐʹÓÃcan½Ó¿ÚÀ´¾ÙÐлá¼û¿ØÖÆ£¬´úÂëÈçÏ£º
$request->user()->can('update', $post);
µÇ¼ºó¸´ÖÆ
ÔÚÉÏÃæµÄ´úÂëÖУ¬can½«Æ¾Ö¤Ä¿½ñÓû§µÄ½ÇÉ«¡¢È¨ÏÞºÍÕ½ÂÔ£¬ÅжÏÓû§ÊÇ·ñÓÐȨ¾ÙÐиüвÙ×÷¡£ÐèҪעÖصÄÊÇ£¬Óû§ÐèҪ׼ȷʵÏÖ×Ô¼ºµÄ»á¼û¿ØÖÆÂß¼¡£
ËÄ¡¢ ×ܽá
ÔÚ±¾ÎÄÖУ¬ÎÒÃÇÏÈÈÝÁËLaravelÖÐTokenµÄµ×²ãʵÏÖ»úÖÆ£¬ÓÈÆäÊÇʹÓÃSanctumÀ©Õ¹°üµÄ·½·¨¡£SanctumÌṩÁËÀû±ãÒ×ÓõÄAPI£¬Äܹ»¿ìËÙ¼¯³Éµ½Ó¦ÓóÌÐòÖУ¬²¢Ìá¸ßÓ¦ÓóÌÐòµÄÇå¾²ÐÔ¡£TokenµÄʹÓ÷½·¨¡¢½¨Éè¡¢×÷·ÏºÍÖÎÀí£¬ÒÔ¼°»á¼û¿ØÖƵȷ½Ãæ¾ù¾ÙÐÐÁËÏêϸµÄ½â˵¡£
ÔÚ½ñÌìµÄ»¥ÁªÍøÌìÏÂÖУ¬Ëæ×ÅAPIºÍWebЧÀ͵ÄÆÕ±éÓ¦Óã¬Token×÷ΪһÖÖÉí·ÝÑéÖ¤·½·¨£¬½«ÔÚÐí¶àÓ¦ÓóÌÐòÖлñµÃÔ½·¢ÆÕ±éµÄÓ¦Óá£Laravel¿ò¼ÜÌṩÁËÓÅÒìµÄTokenʵÏÖ»úÖÆ£¬¿ÉÒÔ¸üºÃµØ±£»¤WebÓ¦ÓÃÃâÊܲ»·¨»á¼û¡£
ÒÔÉϾÍÊÇÒ»ÎÄÏÈÈÝLaravelÖÐTokenµÄʵÏÖ»úÖƵÄÏêϸÄÚÈÝ£¬¸ü¶àÇë¹Ø×¢±¾ÍøÄÚÆäËüÏà¹ØÎÄÕ£¡