我只能这样使用:
Route::middleware('client:admin,view')->group(function () {
但是这样客户端需要拥有所有范围
我正在尝试这种方法,但它不起作用:
Route::group(['prefix'=>'logs','as'=>'logs.','middleware' => 'client'], function(){
Route::middleware(['scope:admin,store'])->group(function () {
Route::post('/', [LogController::class, 'store'])->name('store');
});
Route::middleware(['scope:admin,view'])->group(function () {
Route::get('/', [LogController::class, 'index'])->name('all');
Route::get('/date/{date}', [LogController::class, 'findByDate'])->name('date');
Route::get('/table/{table}/{id_table}', [LogController::class, 'findByTableAndId'])->name('table.id');
Route::get('/action/{action}', [LogController::class, 'findByAction'])->name('action');
Route::get('/message', [LogController::class, 'findByMessage'])->name('message');
Route::get('/error', [LogController::class, 'findByError'])->name('error');
Route::get('/locations', [LogsLocationController::class, 'index'])->name('locations');
});
});
始终以未经授权的方式返回。
类AppServiceProvider:
/**
Bootstrap any application services.*/
public function boot(): void{Passport::hashClientSecrets();Passport::tokensExpireIn(now()->addDays(15));Passport::refreshTokensExpireIn(now()->addDays(30));Passport::tokensCan(['admin' => 'Administrator','store' => 'Store logs','put' => 'Update logs','delete' => 'Delete logs','view' => 'View logs',]);}
类内核:
protected $middlewareAliases = [
'auth' => \App\Http\Middleware\Authenticate::class,
'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
'auth.session' => \Illuminate\Session\Middleware\AuthenticateSession::class,
'cache.headers' => \Illuminate\Http\Middleware\SetCacheHeaders::class,
'can' => \Illuminate\Auth\Middleware\Authorize::class,
'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class,
'password.confirm' => \Illuminate\Auth\Middleware\RequirePassword::class,
'precognitive' => \Illuminate\Foundation\Http\Middleware\HandlePrecognitiveRequests::class,
'signed' => \App\Http\Middleware\ValidateSignature::class,
'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class,
'verified' => \Illuminate\Auth\Middleware\EnsureEmailIsVerified::class,
'client' => CheckClientCredentials::class,
'scopes' => \Laravel\Passport\Http\Middleware\CheckScopes::class,
'scope' => \Laravel\Passport\Http\Middleware\CheckForAnyScope::class,
];
auth.php:
'defaults' => [
'guard' => 'api',
'passwords' => 'users',
],
'guards' => [
'web' => [
'driver' => 'session',
'provider' => 'users',
],
'api' => [
'driver' => 'passport',
'provider' => 'users',
],
],
我需要客户拥有该范围或另一个范围,而不是两者兼而有之。
使用数组分配中间件时遇到的问题很可能是您对所有中间件使用单个字符串,而不是每个中间件使用一个字符串。
所以尝试改变:
Route::middleware(['scope:admin,store'])Route::middleware(['scope:admin', 'store'])区别在于
'scope:admin,store''scope:admin', 'store'