第一步
执行以下命令：
composer require laravel/passportphp artisan migratephp artisan passport:install
第二步
修改 config/auth.php 文件中的 gurds：
... 'guards' => [ 'web' => [ 'driver' => 'session', 'provider' => 'users', ], 'api' => [ 'driver' => 'passport', 'provider' => 'users', ], ],...
第三步
app/user.php
<?phpnamespace app;use illuminate\foundation\auth\user as authenticatable;use illuminate\notifications\notifiable;use laravel\passport\hasapitokens;class user extends authenticatable { use notifiable, hasapitokens; /** * the attributes that are mass assignable. * * @var array */ protected $fillable = [ 'name', 'email', 'password', ]; /** * the attributes that should be hidden for arrays. * * @var array */ protected $hidden = [ 'password', 'remember_token', ]; /** * the attributes that should be cast to native types. * * @var array */ protected $casts = [ 'email_verified_at' => 'datetime', ];}
第四步
app/repositories/user/userrepositoryinterface.php
<?phpnamespace app\repositories\user;use illuminate\http\request;interface userrepositoryinterface { public function register(request $request); public function login(request $request); public function refreshtoken(request $request); public function details(); public function logout(request $request); public function response($data, int $statuscode); public function gettokenandrefreshtoken(string $email, string $password); public function sendrequest(string $route, array $formparams); public function getoclient();}
第五步
创建 app/repositories/user/userrepository.php 文件
<?phpnamespace app\repositories\user;use app\user;use guzzlehttp\client;use illuminate\http\request;use illuminate\support\facades\auth;use laravel\passport\client as oclient;use guzzlehttp\exception\clientexception;use app\repositories\user\userrepositoryinterface;class userrepository implements userrepositoryinterface { const succusus_status_code = 200; const unauthorised_status_code = 401; const base_url = "http://mylemp-nginx"; public function __construct(client $client) { $this->http = $client; } public function register(request $request) { $email = $request->email; $password = $request->password; $input = $request->all(); $input['password'] = bcrypt($input['password']); user::create($input); $response = $this->gettokenandrefreshtoken($email, $password); return $this->response($response["data"], $response["statuscode"]); } public function login(request $request) { $email = $request->email; $password = $request->password; if (auth::attempt(['email' => $email, 'password' => $password])) { $response = $this->gettokenandrefreshtoken($email, $password); $data = $response["data"]; $statuscode = $response["statuscode"]; } else { $data = ['error'=>'unauthorised']; $statuscode = self::unauthorised_status_code; } return $this->response($data, $statuscode); } public function refreshtoken(request $request) { if (is_null($request->header('refreshtoken'))) { return $this->response(['error'=>'unauthorised'], self::unauthorised_status_code); } $refresh_token = $request->header('refreshtoken'); $oclient = $this->getoclient(); $formparams = [ 'grant_type' => 'refresh_token', 'refresh_token' => $refresh_token, 'client_id' => $oclient->id, 'client_secret' => $oclient->secret, 'scope' => '*']; return $this->sendrequest("/oauth/token", $formparams); } public function details() { $user = auth::user(); return $this->response($user, self::succusus_status_code); } public function logout(request $request) { $request->user()->token()->revoke(); return $this->response(['message' => 'successfully logged out'], self::succusus_status_code); } public function response($data, int $statuscode) { $response = ["data"=>$data, "statuscode"=>$statuscode]; return $response; } public function gettokenandrefreshtoken(string $email, string $password) { $oclient = $this->getoclient(); $formparams = [ 'grant_type' => 'password', 'client_id' => $oclient->id, 'client_secret' => $oclient->secret, 'username' => $email, 'password' => $password, 'scope' => '*']; return $this->sendrequest("/oauth/token", $formparams); } public function sendrequest(string $route, array $formparams) { try { $url = self::base_url.$route; $response = $this->http->request('post', $url, ['form_params' => $formparams]); $statuscode = self::succusus_status_code; $data = json_decode((string) $response->getbody(), true); } catch (clientexception $e) { echo $e->getmessage(); $statuscode = $e->getcode(); $data = ['error'=>'oauth client error']; } return ["data" => $data, "statuscode"=>$statuscode]; } public function getoclient() { return oclient::where('password_client', 1)->first(); }}
第六步
app/http/requests/userloginrequest.php
<?phpnamespace app\http\requests;use illuminate\foundation\http\formrequest;use illuminate\contracts\validation\validator;use illuminate\http\exceptions\httpresponseexception;class userloginrequest extends formrequest { const unprocessable_entity = 422; public function rules() { return [ 'email' => 'required|email', 'password' => 'required', ]; } protected function failedvalidation(validator $validator) { throw new httpresponseexception(response()->json($validator->errors(), self::unprocessable_entity)); }}
第七步
app/http/requests/userregisterrequest.php
<?phpnamespace app\http\requests;use illuminate\foundation\http\formrequest;use illuminate\contracts\validation\validator;use illuminate\http\exceptions\httpresponseexception;class userregisterrequest extends formrequest { const unprocessable_entity = 422; public function rules() { return [ 'name' => 'required', 'email' => 'required|email|unique:users', 'password' => 'required', 'c_password' => 'required|same:password', ]; } protected function failedvalidation(validator $validator) { throw new httpresponseexception(response()->json($validator->errors(), self::unprocessable_entity)); }}
第八步
app/providers/appserviceprovider.php
<?phpnamespace app\providers;use app\repositories\user\userrepository;use app\repositories\user\userrepositoryinterface;use illuminate\support\serviceprovider;class appserviceprovider extends serviceprovider { /** * register any application services. * * @return void */ public function register() { $this->app->bind(userrepositoryinterface::class, userrepository::class); } /** * bootstrap any application services. * * @return void */ public function boot() { // }}
第九步
app/providers/authserviceprovider.php
<?phpnamespace app\providers;use illuminate\foundation\support\providers\authserviceprovider as serviceprovider;use laravel\passport\passport;class authserviceprovider extends serviceprovider { /** * the policy mappings for the application. * * @var array */ protected $policies = [ // 'app\model' => 'app\policies\modelpolicy', ]; /** * register any authentication / authorization services. * * @return void */ public function boot() { $this->registerpolicies(); passport::routes(); }}
第十步
app/http/controllers/usercontroller.php
<?phpnamespace app\http\controllers;use illuminate\http\request;use app\http\requests\userloginrequest;use app\http\requests\userregisterrequest;use app\repositories\user\userrepositoryinterface;class usercontroller extends controller { const succusus_status_code = 200; const unauthorised_status_code = 401; public function __construct(userrepositoryinterface $userrepository) { $this->userrepository = $userrepository; } public function login(userloginrequest $request) { $response = $this->userrepository->login($request); return response()->json($response["data"], $response["statuscode"]); } public function register(userregisterrequest $request) { $response = $this->userrepository->register($request); return response()->json($response["data"], $response["statuscode"]); } public function details() { $response = $this->userrepository->details(); return response()->json($response["data"], $response["statuscode"]); } public function logout(request $request) { $response = $this->userrepository->logout($request); return response()->json($response["data"], $response["statuscode"]); } public function refreshtoken(request $request) { $response = $this->userrepository->refreshtoken($request); return response()->json($response["data"], $response["statuscode"]); }}
第十一步
routes/api.php
<?phpuse illuminate\support\facades\route;route::post('login', 'usercontroller@login');route::post('register', 'usercontroller@register');route::post('refreshtoken', 'usercontroller@refreshtoken');route::group(['middleware' => ['auth:api']], function () { route::post('logout', 'usercontroller@logout'); route::post('details', 'usercontroller@details');});
推荐教程：《laravel教程》
以上就是laravel passport 构建 api 身份验证和授权的详细内容。