我正在使用 Laravel sanctum 構建 REST API 身份驗證,我想讓用戶可以登錄多個設備并且它受到 2 個設備的限制,假設用戶 C 登錄時用戶 A 和用戶 B 登錄,用戶 A 是退出等等。如何實作這一點,是什么概念?
通常我會在電子郵件和密碼正確時創建一個登錄 api,然后回傳令牌。
我從 netflix 那里了解到這一點,因為它觀看電影的設備有限。
uj5u.com熱心網友回復:
您可以簡單地從您的表中檢查您已向該用戶發放了多少令牌personal_access_tokens ,如下所示:
因此,只需在為用戶簽發新令牌之前登錄用戶時運行此類查詢:
$issuedTokens = PersonalAccessToken::where('tokenable_type', User::class)
->where('tokenable_id', $userId)
->get();
if ($issuedTokens->count() > 1) {
$returnMessage = 'You have to remove on of the following devices:';
$deviceNames = $issuedTokens->pluck('name')->toArray();
}
// Things are fine, proceed
如果您想進一步增強功能,您可能希望 PersonalAccessToken通過添加進入者的移動詳細資訊以及可能訪問的國家/城市來擴展模型。
要擴展它,請添加遷移和模型檔案,如下所示:
<?php
use Illuminate\Database\Migrations\Migration;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Support\Facades\Schema;
// Remember to change this line, if you wish, back to the old way.
return new class extends Migration
{
/**
* Run the migrations.
*
* @return void
*/
public function up()
{
Schema::create('personal_access_tokens', function (Blueprint $table) {
$table->id();
$table->morphs('tokenable');
$table->string('name');
$table->string('token', 64)->unique();
$table->string('country_name')->nullable();
$table->text('abilities')->nullable();
$table->json('mobile_app_details')->nullable();
$table->timestamp('last_used_at')->nullable();
$table->timestamps();
});
}
/**
* Reverse the migrations.
*
* @return void
*/
public function down()
{
Schema::dropIfExists('personal_access_tokens');
}
};
你的模型:
<?php
namespace App\Models;
use Eloquent;
use Illuminate\Database\Eloquent\Builder;
use Illuminate\Database\Eloquent\Model;
use Illuminate\Support\Carbon;
use Laravel\Sanctum\PersonalAccessToken as PersonalAccessTokenAlias;
/**
* App\Models\PersonalAccessToken
*
* @property int $id
* @property string $tokenable_type
* @property int $tokenable_id
* @property string $name
* @property string $token
* @property array|null $abilities
* @property object|null $mobile_app_details
* @property string|null $country_name
* @property Carbon|null $last_used_at
* @property Carbon|null $created_at
* @property Carbon|null $updated_at
* @property-read Model|\Eloquent $tokenable
* @method static Builder|PersonalAccessToken newModelQuery()
* @method static Builder|PersonalAccessToken newQuery()
* @method static Builder|PersonalAccessToken query()
* @method static Builder|PersonalAccessToken whereAbilities($value)
* @method static Builder|PersonalAccessToken whereCreatedAt($value)
* @method static Builder|PersonalAccessToken whereId($value)
* @method static Builder|PersonalAccessToken whereLastUsedAt($value)
* @method static Builder|PersonalAccessToken whereMobileAppDetails($value)
* @method static Builder|PersonalAccessToken whereName($value)
* @method static Builder|PersonalAccessToken whereToken($value)
* @method static Builder|PersonalAccessToken whereTokenableId($value)
* @method static Builder|PersonalAccessToken whereTokenableType($value)
* @method static Builder|PersonalAccessToken whereUpdatedAt($value)
* @mixin Eloquent
* @noinspection PhpFullyQualifiedNameUsageInspection
* @noinspection PhpUnnecessaryFullyQualifiedNameInspection
*/
class PersonalAccessToken extends PersonalAccessTokenAlias
{
/**
* The attributes that are mass assignable.
*
* @var array
*/
protected $fillable = [
'name',
'token',
'abilities',
'mobile_app_details',
'country_name',
];
protected $casts = [
'abilities' => 'json',
'last_used_at' => 'datetime',
'mobile_app_details' => 'object'
];
}
最后一個重要步驟是告訴 Laravel 忽略原始遷移并加載自定義模型,因此在您的AppServiceProvider:
<?php
namespace App\Providers;
use App\Models\PersonalAccessToken;
use Illuminate\Support\ServiceProvider;
use Laravel\Sanctum\Sanctum;
class AppServiceProvider extends ServiceProvider
{
/**
* Register any application services.
*
* @return void
*/
public function register()
{
Sanctum::ignoreMigrations();
// other lines go here
}
/**
* Bootstrap any application services.
*
* @return void
*/
public function boot()
{
Sanctum::usePersonalAccessTokenModel(PersonalAccessToken::class);
// other lines go here
}
}
轉載請註明出處,本文鏈接:https://www.uj5u.com/ruanti/434449.html
標籤:拉拉维尔 api 休息 验证 laravel-sanctum
下一篇:如何顯示訊息而不是空陣列