我有登录功能:
public function login(Request $request)
{
$request->validate([
'email' => 'required|string|email',
'password' => 'required|string',
]);
if (!Auth::attempt($request->only('email', 'password'))) {
throw ValidationException::withMessages([
'email' => [ 'The provided credentials are not correct' ]
]);
}
$user = $request->user();
$token = $user->createToken('auth_token')->plainTextToken;
return response()->json([
'success' => true,
'message' => 'User login successfully.',
'data' => [
'token' => $token
]
]);
}
这条路线:
Route::post('/login', [AuthController::class, 'login']);
当我用curl调用路线时
curl -X POST --header 'Accept: application/json' -d "[email protected]&password=abcd1234" "http://127.0.0.1:8000/api/login"
我得到这样的结果:
{"success":true,"message":"User login successfully.","data":{"token":"5|mjUhxKPAsRqADS9y1vXcEANHw7l9dvYelOXV12IM4d579c2f"}}
这是预期的。
现在,当我调用这个curl命令时:
curl -X POST --header 'Accept: application/json' --header 'Authorization: Bearer 5|mjUhxKPAsRqADS9y1vXcEANHw7l9dvYelOXV12IM4d579c2f' "http://127.0.0.1:8000/api/user"
我有一条这样的路线:
Route::post('/user', function(Request $request) {
var_dump($request->user());
return response()->json($request->user());
});
然后我明白了
NULL
{}
因此,不是我的用户的东西。
但我期望有一个用户,因为我提供了一个不记名令牌。为什么我会在这里
NULL
?
解决方案是使用
auth:sanctum
中间件,即:
Route::post('/user', function(Request $request) {
var_dump($request->user());
return response()->json($request->user());
})->middleware('auth:sanctum');