Question

我真的很新建了laravel应用程序，我有一个宁静的laravel API和一个Web应用程序，我希望客户端Web应用程序对API进行身份验证并将用户存储在会话中，我已注册一个新的UserProvider并将其设置在config`s auth上，如下面的

的ServiceProvider

public function boot()
{
    $this->registerPolicies();

    Auth::provider('apiAuthServiceProvider', function ($app, $config) {
        return new UserProvider(new ApiUserService());
    });
}

配置/验证

'providers' => [
    'users' => [
        'driver' => 'apiAuthServiceProvider',
    ],
],

UserProvider Class

    <?php

namespace App\Providers;

use Illuminate\Support\ServiceProvider;
use Illuminate\Contracts\Auth\UserProvider as IlluminateUserProvider;

    class UserProvider implements IlluminateUserProvider
    {
        private $userService;

        public function __construct($userService)
        {
            $this->userService = $userService;
        }

        /**
         * @param  mixed  $identifier
         * @return \Illuminate\Contracts\Auth\Authenticatable|null
         */
        public function retrieveById($identifier)
        {
            // Get and return a user by their unique identifier
        }

        /**
         * @param  mixed   $identifier
         * @param  string  $token
         * @return \Illuminate\Contracts\Auth\Authenticatable|null
         */
        public function retrieveByToken($identifier, $token)
        {
            // Get and return a user by their unique identifier and "remember me" token
        }

        /**
         * @param  \Illuminate\Contracts\Auth\Authenticatable  $user
         * @param  string  $token
         * @return void
         */
        public function updateRememberToken(Authenticatable $user, $token)
        {
            // Save the given "remember me" token for the given user
        }

        /**
         * Retrieve a user by the given credentials.
         *
         * @param  array  $credentials
         * @return \Illuminate\Contracts\Auth\Authenticatable|null
         */
        public function retrieveByCredentials(array $credentials)
        {
            // Get and return a user by looking up the given credentials
        }

        /**
         * Validate a user against the given credentials.
         *
         * @param  \Illuminate\Contracts\Auth\Authenticatable  $user
         * @param  array  $credentials
         * @return bool
         */
        public function validateCredentials(Authenticatable $user, array $credentials)
        {
            // Check that given credentials belong to the given user
        }
    }

Custom UserProvider注入一个UserService类，负责向API发出请求并返回用户...

我迷失了，我应该覆盖哪些UserProvider方法＆＃34; UserProvider＆＃34;接口？＆＃34; retrieveById＆＃34;，＆＃34; retrieveByToken＆＃34;，＆＃34; updateRememberToken＆＃34;，＆＃34; retrieveByCredentials＆＃34;和＆＃34; validateCredentials＆＃34; ？或者我应该覆盖所有这些？考虑到客户端Web应用程序将具有登录表单，并且用户将验证发送电子邮件和密码（grant_type =密码），我也对令牌感到困惑，我应该如何存储令牌并刷新令牌。会议？是否可以将会话超时设置为与令牌到期时间相同？我在哪里可以调用retrieveByCredentials的UserProvider来传递身份验证参数？提前谢谢....

Answer 1

您应该只覆盖您需要的功能。大多数标准功能应该已经在您继承的用户提供程序中定义。我只从Illuminate\Auth\EloquentUserProvider（Laravel 5.4这里）继承了我的自定义用户提供程序，因此请仔细检查您继承的类是如何工作的。例如，如果您需要使用不同于默认ID字段的ID检索用户，则应覆盖retrieveById。

Laravel Passport - 使用Custom UserProvider针对api验证Web应用程序

1 个答案: