Sim*_*leJ 7 php authentication laravel
我正在配置Laravel项目以使用Passport令牌身份验证.一切似乎都在起作用,但是当auth:api中间件失败时,它会200在响应主体中响应客户端的状态和一堆HTML.相反,我希望它以状态响应401.
我在Laravel Passport源代码中找不到任何关于做类似事情的文档.我甚至找不到中间件的来源.
我的测试路线:
Route::get('/protected', function () {
return response()->json([
'success' => true
]);
})->middleware('auth:api');
配置/ auth.php
'guards' => [
'web' => [
'driver' => 'session',
'provider' => 'users',
],
'api' => [
'driver' => 'passport',
'provider' => 'appUsers',
],
],
'providers' => [
'users' => [
'driver' => 'eloquent',
'model' => App\Models\User::class,
],
'appUsers' => [
'driver' => 'eloquent',
'model' => App\Models\AppUser::class
],
],
Ari*_*que 21
您可以通过在请求中发送此标头来解决此问题.
Accept : application/json
这将发送带有401状态代码的此消息.
{
"message": "Unauthenticated."
}
如果用户没有进行身份验证,Laravel将抛出一个AuthenticationException.
此异常由以下render方法处理Illuminate/Foundation/Exceptions/Handler.php:
protected function unauthenticated($request, AuthenticationException $exception)
{
if ($request->expectsJson()) {
return response()->json(['error' => 'Unauthenticated.'], 401);
}
return redirect()->guest(route('login'));
}
处理程序调用unauthenticated()在您的app/Exceptions/Handler.php:中定义的方法:
protected function unauthenticated($request, AuthenticationException $exception)
{
if ($request->expectsJson()) {
return response()->json(['error' => 'Unauthenticated.'], 401);
}
// return a plain 401 response even when not a json call
return response('Unauthenticated.', 401);
}
正如您所看到的,默认情况下,如果请求需要JSON响应,您将获得带有JSON错误正文的401.如果请求不期望JSON,请求将重定向到登录页面.
如果您希望在未对用户进行身份验证时执行其他操作,则可以expectsJson()在Accept: application/json以下位置修改此方法:
protected function unauthenticated($request, AuthenticationException $exception)
{
if ($request->expectsJson()) {
return response()->json(['error' => 'Unauthenticated.'], 401);
}
return redirect()->guest(route('login'));
}
| 归档时间: |
|
| 查看次数: |
18425 次 |
| 最近记录: |