所以我正在嘗試為類似 escorts 的站點制作一個 Laravel API,無論如何,我使用 Passport 進行身份驗證,并且注冊部分有效,但登錄部分沒有,我不知道為什么,我將把 PassportAuthController 作為代碼放下和資料庫的ss
class passportAuthController extends Controller
{
/**
* handle user registration request
*/
public function registerUserExample(RegisterUserRequest $request){
///TODO: TEST THE CRUD FEATURES IMPLEMENTED IN THE USER CONTROLLER AFTER U CHECK LOGIN FEATURE
$attributes = $request -> validated();
$user = User::create($attributes);
$access_token_example = $user->createToken('RegisterToken')->accessToken;
//return the access token we generated in the above step
return response()->json(['token'=>$access_token_example],200);
}
/**
* login user to our application
*/
public function loginUserExample(Request $request){
$login_credentials=[
'email'=>$request->email,
'password'=>$request->password,
];
if(auth()->attempt($login_credentials)){
//generate the token for the user
$user_login_token= auth()->user()->createToken('LoginToken')->accessToken;
//now return this token on success login attempt
return response()->json(['token' => $user_login_token], 200);
}
else{
//wrong login credentials, return, user not authorised to our system, return error code 401
return response()->json(['error' => 'UnAuthorised Access'], 401);
}
}
/**
* This method returns authenticated user details
*/
// index function
public function authenticatedUserDetails(){
//returns details
return response()->json(['authenticated-user' => auth()->user()], 200);
}
}
請求也是:
<?php
namespace App\Http\Requests;
use Illuminate\Foundation\Http\FormRequest;
class RegisterUserRequest extends FormRequest
{
/**
* Determine if the user is authorized to make this request.
*
* @return bool
*/
public function authorize()
{
return true;
}
/**
* Get the validation rules that apply to the request.
*
* @return array
*/
public function rules()
{
return [
'name'=>'required|max:255|min:3',
'email'=>'required|email',
'password'=>'required|min:7|max:255',
'gender'=>'required|min:4|max:6',
'interest'=>'required|min:4|max:6',
'Country'=>'required|max:255',
'County'=>'required|max:255',
'City'=>'required|max:255',
'birthday'=>'required|date'
];
}
}
和資料庫的ss:
和路線(api.php):
<?php
use App\Http\Controllers\passportAuthController;
use App\Http\Controllers\UserController;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Route;
/*
|--------------------------------------------------------------------------
| API Routes
|--------------------------------------------------------------------------
|
| Here is where you can register API routes for your application. These
| routes are loaded by the RouteServiceProvider within a group which
| is assigned the "api" middleware group. Enjoy building your API!
|
*/
Route::middleware('auth:sanctum')->get('/user', function (Request $request) {
return $request->user();
});
//routes/api.php
//login & register routes
Route::post('register',[passportAuthController::class,'registerUserExample']);
Route::post('login',[passportAuthController::class,'loginUserExample']);
//CRUD and search routes
Route::post('storeUser',[UserController::class,'store']);
Route::get('showAll',[UserController::class, 'index']);
Route::put('updateUser/{id}',[UserController::class,'update']);
Route::delete('delete/{id}', [UserController::class,'deleteUser']);
Route::get('search/{name}',[UserController::class,'search']);
//add this middleware to ensure that every request is authenticated
Route::middleware('auth:api')->group(function(){
Route::get('user', [passportAuthController::class,'authenticatedUserDetails']);
});
uj5u.com熱心網友回復:
因此,如果您看到回應意味著錯誤的登錄憑據,回傳,用戶未獲得我們系統的授權,回傳錯誤代碼 401 ,
所以稍微觀察一下,你就會知道你的代碼作業正常,但你的邏輯不好,
所以答案很簡單,因為在您的資料庫中插入的密碼是注釋加密的,并且在他們嘗試登錄時使用了 Laravel 護照,他們使用了檢查功能,
所以如果你想讓你的代碼作業,你的密碼必須在注冊示例中加密
$user->password = hash::make($request->password);
或者
$user->password = Crypt::encrypt($request->password);
結論 如果您的密碼未加密,您將無法使用 Laravel 護照進行身份驗證
uj5u.com熱心網友回復:
您在用戶表中的密碼未加密。原因是這條線
$attributes = $request->validated();
$user = User::create($attributes);
您尚未加密您的密碼,并且該方法auth()->attempt($login_credentials)使用將加密的密碼請求與您的資料庫中存盤的加密密碼進行比較。您可以使用 bcrpyt() 來加密您的密碼,laravelbcrypt()作為輔助函式提供。
在你的 registerUserExample(RegisterUserRequest $request)
$attributes = $request->validated();
foreach($attributes as $key => $attribute){
if($key == 'password') {
$attributes[$key] = bcrypt($attribute);
}
}
$user = User::create($attributes);
uj5u.com熱心網友回復:
嘗試方法接受一個鍵/值對陣列作為它的第一個引數。密碼值將被散列。陣列中的其他值將用于在資料庫表中查找用戶。所以,
你試試這個
public function loginUserExample(Request $request){
$user = User::where('account', $request->account)
->where('password', $request->password)
->first();
if($user) {
Auth::loginUsingId($user->id);
// -- OR -- //
Auth::login($user);
return redirect()->route('home');
} else {
return redirect()->back()->withInput();
}
}
轉載請註明出處,本文鏈接:https://www.uj5u.com/qukuanlian/343247.html
標籤:php 拉拉维尔 验证 令牌 laravel-护照
上一篇:Azure函式應用身份驗證登錄