使用Tymon JWT中间件的Laravel 5.4 API路由302

时间:2017-05-17 21:40:21

标签: php laravel laravel-5 jwt

我尝试使用Tymon JWT包在API.php文件上使用路径进行简单测试:

Route::group(['middleware' => [ 'jwt.auth' ] ], function ()
{
  Route::group(['prefix' => 'auth', 'namespace' => 'Auth'], function () {
      Route::post('get-user')
        ->name('auth.get_user')
        ->uses('LoginController@getAuthenticatedUser');
  });
});

LoginController @ getAuthenticatedUser 如下:

// Get authenticated user
public function getAuthenticatedUser()
{
    try {

      if (! $user = JWTAuth::parseToken()->authenticate()) {
        return response()->json(['user_not_found'], 404);
      }

    } catch (Tymon\JWTAuth\Exceptions\TokenExpiredException $e) {

        return response()->json(['token_expired'], $e->getStatusCode());

    } catch (Tymon\JWTAuth\Exceptions\TokenInvalidException $e) {

        return response()->json(['token_invalid'], $e->getStatusCode());

    } catch (Tymon\JWTAuth\Exceptions\JWTException $e) {

        return response()->json(['token_absent'], $e->getStatusCode());

    }

    // the token is valid and we have found the user via the sub claim
    return response()->json(compact('user'));
}

我已经测试了代码和我的结论,我认为这是错误的,在包的中间件上,如果我抓住$ user我在路由上获得302状态,否则一切都很顺利:

public function handle($request, \Closure $next)
{
    if (! $token = $this->auth->setRequest($request)->getToken()) {
        return $this->respond('tymon.jwt.absent', 'token_not_provided', 400);
    }

    try {
        $user = $this->auth->authenticate($token);
    } catch (TokenExpiredException $e) {
        return $this->respond('tymon.jwt.expired', 'token_expired', $e->getStatusCode(), [$e]);
    } catch (JWTException $e) {
        return $this->respond('tymon.jwt.invalid', 'token_invalid', $e->getStatusCode(), [$e]);
    }

    if (! $user) {
        return $this->respond('tymon.jwt.user_not_found', 'user_not_found', 404);
    }

    $this->events->fire('tymon.jwt.valid', $user);

    return $next($request);
}

我正在发送JWT。我可以通过在上面的代码中记录$ user变量并检查数据是否正确来证明这一点。

这是Http / Kernel:

<?php

namespace App\Http;

use Illuminate\Foundation\Http\Kernel as HttpKernel;

class Kernel extends HttpKernel
{
        /**
         * The application's global HTTP middleware stack.
         *
         * These middleware are run during every request to your application.
         *
         * @var array
         */
        protected $middleware = [
                \Illuminate\Foundation\Http\Middleware\CheckForMaintenanceMode::class,
                \Illuminate\Foundation\Http\Middleware\ValidatePostSize::class,
                \App\Http\Middleware\TrimStrings::class,
                \Illuminate\Foundation\Http\Middleware\ConvertEmptyStringsToNull::class,
        ];

        /**
         * The application's route middleware groups.
         *
         * @var array
         */
        protected $middlewareGroups = [
                'web' => [
                        \App\Http\Middleware\EncryptCookies::class,
                        \Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class,
                        \Illuminate\Session\Middleware\StartSession::class,
                        \Illuminate\Session\Middleware\AuthenticateSession::class,
                        \Illuminate\View\Middleware\ShareErrorsFromSession::class,
                        \App\Http\Middleware\VerifyCsrfToken::class,
                        \Illuminate\Routing\Middleware\SubstituteBindings::class,
                ],

                'api' => [
                        'throttle:60,1',
                        'bindings',
                ],
        ];

        /**
         * The application's route middleware.
         *
         * These middleware may be assigned to groups or used individually.
         *
         * @var array
         */
        protected $routeMiddleware = [
                'auth' => \Illuminate\Auth\Middleware\Authenticate::class,
                'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
                'bindings' => \Illuminate\Routing\Middleware\SubstituteBindings::class,
                'can' => \Illuminate\Auth\Middleware\Authorize::class,
                'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class,
                'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class,

                'jwt.auth' => \Tymon\JWTAuth\Middleware\GetUserFromToken::class,
                'jwt.refresh' => \Tymon\JWTAuth\Middleware\RefreshToken::class,
        ];
}

以下是该路线的屏幕截图:enter image description here

我不知道接下来要转向哪里,有什么想法吗?

1 个答案:

答案 0 :(得分:0)

这里的问题总结在路由中有访客中间件。

如果我使用没有'来宾'中间件的路线,一切都会相应的。

相关问题
最新问题