Laravel Passport是否以承载令牌序列化整个用户对象?

时间:2018-11-24 00:33:44

标签: laravel api

我将laravel与护照和jensseger mongodb一起使用来创建API。一切正常,但我注意到我从护照上获得的不记名令牌很长。我的问题是护照是否将整个用户对象存储在不记名令牌中,或者Auth :: user是否仅通过id从db获取用户。...

我有一个模特:

class User extends \Jenssegers\Mongodb\Eloquent\Model implements
    AuthenticatableContract,
    AuthorizableContract,
    CanResetPasswordContract
{
    use Authenticatable, Authorizable, CanResetPassword, Notifiable, HasApiTokens;
    protected $collection = 'db.users';
    protected $fillable = ['name','phone','email' ...];
  ......
}

然后我在登录时使用$user->createToken('....')->accessToken生成令牌。

然后我使用Auth::user()从内部从令牌中获取当前用户。都可以,但是不记名令牌很长。

1 个答案:

答案 0 :(得分:0)

令牌很长,因为它们已经过base64编码。

这是我在另一个SO问题上发现的随机令牌:

  

eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImp0aSI6IjgzYmQ5NmNkYWE1MWZhMTJlMzQ4OTEzYWNjOGQwNmMzMjE2YzQ0N2U3ZmQyOWQyYThiNmY1YjUwMzAzZWFlOGU4ZjE4ZjNhM2M4OGE4OGVkIn0.eyJhdWQiOiIxIiwianRpIjoiODNiZDk2Y2RhYTUxZmExMmUzNDg5MTNhY2M4ZDA2YzMyMTZjNDQ3ZTdmZDI5ZDJhOGI2ZjViNTAzMDNlYWU4ZThmMThmM2EzYzg4YTg4ZWQiLCJpYXQiOjE1MzY5NjEyMjgsIm5iZiI6MTUzNjk2MTIyOCwiZXhwIjoxNTY4NDk3MjI4LCJzdWIiOiI1Iiwic2NvcGVzIjpbXX0.Ev1S4MhkDwdNPMhFIbSNdTUnlK-C4CRiUIHEhBulkjy4rTCkAGVWX01DsAdkGa_SP2o7d9M5Yw71m1yo3FG1eNZriJHbeKfLVz78MaWrX9daITmPhgh8sGaF9JlASU0I3QmVO-hnX57QSFTvDfzBjS3ApDx-CUhPV9M7ycljzBoYwiQZHloBpxHVqaavN-9CQQEuaZf8MhRJ-dg2BPoEVHp5lUtsjtZUll4hztvkJO4uz_hth0bo_i7l7pyrcS811BPK1iLAWlmsjdpUziFxCEpVsVVBpO5I8N5SLwgfiEsfM9PuMQua4kkt7whDUzitPQCaPR6TaBifFZfy1Hi37TYenK3aGb8VrX5HbU6HmYeYeIx8lFcugRwktVtuAURoRSWrlAkcfyMRM1nraSBWO3XVLc8nDNtnx6UG3yEjTLeqrUamy43Y5a4wszLnE9iXiPVA0Ip-_Y7gKsL9uE9h523YtIO1nGCJVSg8jr7T1XKWGaTFssJf9E9T5rAmdIu-hbW9Tm2NVL1z0dINva_F6SLmUqWQ0c3Wl1mrHmH3VqEBFP5-FUWzw2hFj1agwLe_933i5UdLl1EHwUqFpr_cVjVj952Do8LzE AuL2LLfZo82kPTP-h5jdWaWmoH-tJ_xXuWoRD5Y9nCFm_6-zJJpR3kcgz3jLMUCu_VAgNWTtw0

将该令牌复制并粘贴到here中。

标题 

{
  "typ": "JWT",
  "alg": "RS256",
  "jti":"83bd96cdaa51fa12e348913acc8d06c3216c447e7fd29d2a8b6f5b50303eae8e8f18f3a3c88a88ed"
}

有效载荷 

{
  "aud": "1",
  "jti": "83bd96cdaa51fa12e348913acc8d06c3216c447e7fd29d2a8b6f5b50303eae8e8f18f3a3c88a88ed",
  "iat": 1536961228,
  "nbf": 1536961228,
  "exp": 1568497228,
  "sub": "5",
  "scopes": []
}

有效载荷可以回答您的问题,即sub-主题-声明。代表已认证的实体ID。用户ID为5。

相关问题
最新问题