我有一个使用管理员表的网络管理面板,其中前端使用 api 和用户表进行身份验证
管理员和用户模型有些相同,只是表名称不同
class Admin extends Authenticatable
{
use HasFactory, Notifiable;
protected $table = 'admins';
/**
* The attributes that are mass assignable.
*
* @var array<int, string>
*/
protected $fillable = [
'name',
'email',
'password',
];
}
我的 config/auth.php 定义为
return [
'defaults' => [
'guard' => 'web',
'passwords' => 'users',
],
'guards' => [
'web' => [
'driver' => 'session',
'provider' => 'admins',
],
'api' => [
'driver' => 'sanctum',
'provider' => 'users',
],
],
'providers' => [
'users' => [
'driver' => 'eloquent',
'model' => App\Models\User::class,
],
'admins' => [
'driver' => 'eloquent',
'model' => App\Models\Admin::class,
],
],
'passwords' => [
'users' => [
'provider' => 'users',
'table' => 'password_reset_tokens',
'expire' => 60,
'throttle' => 60,
],
],
'password_timeout' => 10800,
];
我的routes/web.php 定义为
Route::middleware('web')->group(function () {
Route::Group(['prefix' => 'admin'], function () {
Route::get('signin', function () {
return view('admin.signin');
})->name('admin.signin');
我的routes/api.php 定义为
Route::middleware('auth:sanctum')->group(function () {
Route::post('/login', [ApiController::class, 'login']);
Route::post('/register', [ApiController::class, 'register']);
Route::post('/forgot-password', [ApiController::class, 'sendResetLinkEmail']);
Route::post('/search-donations', [ApiController::class, 'searchDonations']);
Route::get('/get-categories', [ApiController::class, 'getCategories']);
Route::get('/test', [ApiController::class, 'test']);
我的 ApiController 定义为
class ApiController extends Controller {
public function __construct() {
$this->middleware('auth:sanctum', ['except' => ['test', 'login', 'register', 'searchDonations', 'getCategories', 'sendResetLinkEmail']]);
}
public function login(Request $request) {
// Enable query logging
DB::enableQueryLog();
// Validate the request data
$validatedData = $request->validate([
'email' => 'required|email',
'password' => 'required',
'device_type' => 'sometimes|string',
'device_token' => 'sometimes|string',
]);
$credentials = $request->only('email', 'password');
if (Auth::attempt($credentials)) {
// Authentication successful
....
}
我的网络登录工作正常,但是当尝试进行身份验证时,API 仍在查看管理员表,我的上述配置有什么问题吗?
如果您想使用
admins
守卫进行身份验证,您需要使用 Auth 外观中的 guard
方法来更改守卫。
if (Auth::guard('admins')->attempt()) {
...
}