1. 首頁
  2. 問答
  3. 由用戶會話

由用戶會話

2017-06-22 54 views
0

認證Laravel API路線我已經在現有的Laravel 5.2項目啓動工作。我需要爲應用程序的前端構建一些基本的API請求來與數據庫交談。這些路由需要由用戶的會話進行驗證。由用戶會話

我試着使用身份驗證設置中間件:API驅動程序,並在../config/auth.php設置API [「司機」]到「會話」。但是,即使用戶使用所有權限和角色進行了身份驗證,我也始終將302重定向到登錄頁面。

有人可以推薦一些閱讀或如何基於用戶會話來實現API認證等解決思路?

從路由/ api.php:

Route::group(["middleware" => ["auth:api"]], function() { 
    // results in 302 redirect to /login 
    Route::get('test', function(){ 
     return "TEST"; 
    });  

});

從配置/ auth.php

'guards' => [ 
'web' => [ 
    'driver' => 'session', 
    'provider' => 'users', 
], 

'api' => [ 
    'driver' => 'session', 
    'provider' => 'users', 
],

應用程序/ HTTP/Kernel.php

<?php 

namespace App\Http; 

use Illuminate\Foundation\Http\Kernel as HttpKernel; 

class Kernel extends HttpKernel 
{ 
    /** 
    * The application's global HTTP middleware stack. 
    * 
    * These middleware are run during every request to your application. 
    * 
    * @var array 
    */ 
    protected $middleware = [ 
     \Illuminate\Foundation\Http\Middleware\CheckForMaintenanceMode::class, 
     \App\Http\Middleware\NoCache::class, 
    ]; 

    /** 
    * The application's route middleware groups. 
    * 
    * @var array 
    */ 
    protected $middlewareGroups = [ 
     'web' => [ 
      \App\Http\Middleware\EncryptCookies::class, 
      \Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class, 
      \Illuminate\Session\Middleware\StartSession::class, 
      \Illuminate\View\Middleware\ShareErrorsFromSession::class, 
      \App\Http\Middleware\VerifyCsrfToken::class, 
      \Illuminate\Routing\Middleware\SubstituteBindings::class, 
     ], 

     'api' => [ 
      'throttle:60,1', 
      'bindings', 
     ], 
    ]; 

    /** 
    * The application's route middleware. 
    * 
    * These middleware may be assigned to groups or used individually. 
    * 
    * @var array 
    */ 
    protected $routeMiddleware = [ 
     'auth' => \App\Http\Middleware\Authenticate::class, 
     'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class, 
     'bindings' => \Illuminate\Routing\Middleware\SubstituteBindings::class, 
     'can' => \Illuminate\Auth\Middleware\Authorize::class, 
     'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class, 
     'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class, 
     'role' => \Zizaco\Entrust\Middleware\EntrustRole::class, 
     'permission' => \Zizaco\Entrust\Middleware\EntrustPermission::class, 
     'ability' => \Zizaco\Entrust\Middleware\EntrustAbility::class, 
     'dashboard' => \App\Http\Middleware\dashboardMiddleware::class, 
     'system' => \App\Http\Middleware\systemMiddleware::class 
    ]; 
}

來源

2017-06-22 kirgy

+0

發佈您的代碼示例。聽起來中間件可能沒有正確設置。也許這可能是你的路由層次結構有點混亂 – idelara

+0

@JackGal我已經爲你添加了一個代碼的副本。 – kirgy

+0

您是否試圖從瀏覽器訪問此類路線? – idelara

回答

0

的問題是,你沒有在請求中傳遞任何驗證頭,因此,顯然它會將您重定向到登錄屏幕,即使您它是使用郵差的API。

爲了證明這一點,請嘗試從您的路由文件中的以下行Route::group(["middleware" => ["auth:api"]], ...中刪除auth中間件,並且您應該能夠在測試路由中獲得TEST作爲響應。另外,請記住我們的api會自動將api /前綴綁定到所有api路由。因此,您應該向/api/test發出請求,並且您應該收回TEST。

如果你想包括AUTH到您的API,請閱讀Laravel's Passport docs。如果您想要更簡單的事情,請從docs中的onceBasic Auth中間件開始。

我希望這點你在正確的道路!

讓我知道如果您有任何其他問題。

乾杯!

來源

2017-06-23 00:01:59 idelara

+0

我認爲這是「會話」驅動程序的重點?這將需要cookie的授權? – kirgy

相關問題

 相關問題