Mac*_*Mac 5 authentication laravel lumen lumen-5.2
请问,任何人都可以解释如何在Lumen框架中实现多个身份验证保护?目前,我有两个可验证的模型:用户和客户端.我正在使用JWT的自定义实现.用户在其令牌有效负载中具有client_id和user_id字段.虽然客户只有client_id.基于此,我需要确定谁来找我:客户,用户或客人(没有代币).
auth.php
'guards' => [
'client' => [
'driver' => 'token',
'provider' => 'clients',
],
'user' => [
'driver' => 'token',
'provider' => 'users',
],
],
'providers' => [
'clients' => [
'driver' => 'eloquent',
'model' => App\Client::class,
],
'users' => [
'driver' => 'eloquent',
'model' => App\User::class,
],
],
AuthServiceProvider.php
public function boot()
{
$this->app['auth']->viaRequest('token', function ($request) {
$access_token = HelperClass::getTokenFromHeader($request->headers->get('Authorization'));
if ($access_token) {
$tokendata = JWT::decode($access_token, getenv('TOKEN_SECRET'), array('HS256'));
if ($tokendata->user_id) {
return User::find($tokendata->user_id);
}
return Client::find($tokendata->client_id);
}
});
}
routes.php文件
$app->get('/api/{item_id:\d+}', ['middleware' => 'auth:user', 'uses' => 'App\Http\Controllers\ItemController@get']);
我想只允许用户访问此路由,但客户端也成功通过此中间件:Auth::check()返回true并Auth::user()返回App\Client的实例
另一种情况:如果对于某些路由我想要允许两者:客户端和用户.对于其他路线 - 来宾,客户和用户.
| 归档时间: |
|
| 查看次数: |
1465 次 |
| 最近记录: |