一、自定义认证中间件
- 创建中间件文件
php artisan make:middleware ApiAuth
在中间件中写好认证逻辑
<?php
namespace App\Http\Middleware;
use Closure;
class ApiAuth
{
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
// todo 认证逻辑
if (认证失败) {
return response(['code'=>403,'msg'=>'认证失败']);
}
// 设置全局变量(记住身份标识)
$request->merge(['app_id' => 'app_id']);
// 在控制器中可以通过$request->input('app_id')进行调用
return $next($request);
}
}
- 引入全局中间件,将中间件添加到app/Http/Kernel.php文件的$middleware属性中
protected $routeMiddleware = [
'auth' => \App\Http\Middleware\Authenticate::class,
'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
'bindings' => \Illuminate\Routing\Middleware\SubstituteBindings::class,
'cache.headers' => \Illuminate\Http\Middleware\SetCacheHeaders::class,
'can' => \Illuminate\Auth\Middleware\Authorize::class,
'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class,
'signed' => \Illuminate\Routing\Middleware\ValidateSignature::class,
'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class,
'verified' => \Illuminate\Auth\Middleware\EnsureEmailIsVerified::class,
'api.auth' => \App\Http\Middleware\ApiAuth::class, // api身份认证
];
- 在路由中调用中间件
Route::namespace('Api')->group(function() {
Route::middleware('api.auth')->group(function () {
Route::post('/demo','DemoController@demo');
});
});
二、使用Laravel自带的API认证中间件
- 先在app/User.php中,配置用户表, 我这里的用户表是sys_user,需要存在字段api_token
<?php
namespace App;
use Illuminate\Notifications\Notifiable;
use Illuminate\Contracts\Auth\MustVerifyEmail;
use Illuminate\Foundation\Auth\User as Authenticatable;
class User extends Authenticatable
{
protected $table = 'sys_user';
protected $primaryKey = 'user_id';
protected $fillable = [
'user_name','password',
];
protected $hidden = [
'password', 'api_token',
];
public static $rules = [
'user_name' => 'required',
'password' => 'required',
];
}
- 修改config/auth.php, 将 api 看守器配置的 hash 选项设置为 true
'guards' => [
'web' => [
'driver' => 'session',
'provider' => 'users',
],
'api' => [
'driver' => 'token',
'provider' => 'users',
'hash' => true,
],
],
- 在路由配置中设置中间件
Route::middleware('auth:api')->get('/user', function(Request $request) {
return $request->user();
});
- token传递方式
// 1
$response = $client->request('GET', '/api/user?api_token='.$token);
// 2
$response = $client->request('POST', '/api/user', [
'headers' => [
'Authorization' => 'Bearer '.$token,
'Accept' => 'application/json',
],
]);
// 3
$response = $client->request('POST', '/api/user', [
'headers' => [
'Accept' => 'application/json',
],
'form_params' => [
'api_token' => $token,
],
]);
- 认证失败设置, 可以在app/Http/Middleware/Authenticate.php中进行配置
<?php
namespace App\Http\Middleware;
use Illuminate\Auth\Middleware\Authenticate as Middleware;
class Authenticate extends Middleware
{
/**
* Get the path the user should be redirected to when they are not authenticated.
*
* @param \Illuminate\Http\Request $request
* @return string
*/
protected function redirectTo($request)
{
echo json_encode(['code' => 401, 'msg' => '认证失败'], JSON_UNESCAPED_UNICODE);die; // 此种写法有效
// return response(['code'=>401,'msg'=>'认证失败']); // 此种写法无效
}
}
