我对 laravel 和 lumen 都是新手。 我正在lumen 5.6中使用oauth2.0创建登录api,我已经安装了护照并生成了令牌。 下面是我的登录控制器功能,它工作正常。它返回令牌。
namespace App\Http\Controllers;
use Illuminate\Http\Request;
use App\Http\Controllers\Controller;
use Illuminate\Support\Facades\Route;
//use Illuminate\Support\Facades\DB;
use App\User;
use Auth;
public function login(Request $request)
{
global $app;
$proxy = Request::create(
'/oauth/token',
'post',
[
'grant_type' => env('API_GRAND_TYPE'),
'client_id' => env('API_CLIENT_ID'),
'client_secret' => env('API_CLIENT_SECRET'),
'username' => $request->username,
'password' => $request->password,
]
);
return $app->dispatch($proxy);
}
由于除了用户名和密码之外我还必须检查用户状态,因此我需要首先检查用户凭据。所以我很喜欢这个。
public function login(Request $request)
{
$credentials = $request->only('username', 'password');
if (Auth::attempt($credentials)) {
return ['result' => 'ok'];
}
return ['result' => 'not ok'];
}
Here i am getting this error.
Method Illuminate\Auth\RequestGuard::attempt does not exist.
So i tried Auth::check instead of Auth::attempt.
Now there is no error but it always return false even though the credentials are valid.
I searched a lot for a solution but i didn't get.
守卫功能仅适用于带有Web中间件的路由
public function login() {
if(Auth::guard('web')->attempt(['email' => $email, 'password' => $password], false, false)) {requests
// good
} else {
// invalid credentials, act accordingly
}
}
将默认防护更改为“web”解决了我的问题。
配置/auth.php:
'defaults' => [
'guard' => 'web',
'passwords' => 'users',
],
使用 jwt 它对我有用
1-Auth::尝试($凭证)
只需将第 1 行替换为第 2 行
2-$token = Auth::guard('api')->尝试($credentials)
错误消息是正确的,“Illuminate\Auth\RequestGuard”实际上没有任何名为“attempt()”的方法,如官方文档所示:https://laravel.com/api/8.x/照亮/Auth/RequestGuard.html.
这与“Illuminate\Auth\SessionGuard”混淆,它具有“attempt()”方法,并且是您应该使用的方法,请参阅:https://laravel.com/api/8.x/Illuminate/ Auth/SessionGuard.html
但是,好消息是您仍然可以使用 Auth() 登录,因为 RequestGuard 还有另外两个方法可以完成与“attempt()”相同的工作,请尝试如下操作:
Route::post('/login', function (Request $request) {
$credentials = $request->validate([
'email' => ['required', 'email'],
'password' => ['required'],
]);
$email = $request->get('email');
$password = $request->get('password');
if(Auth::guard('enter_guard_name')->validate(['email' => $email, 'password' => $password])){
$user = User::where()->first();
Auth::guard('enter_guard_name')->setUser($user);
return Auth::guard('enter_guard_name')->User();
} else {
return "Invalid credentials";
}
});
上面的代码接收用户的凭据(在本例中是电子邮件和密码),检查这些凭据是否正确,如果正确,则将用户定义为已登录。这种方法的一点是您可能没有会话持久性。如果您需要这种持久性,请务必使用 SessionGuard 而不是 RequestGuard。