laravel护照拒绝生成的访问令牌

时间:2018-11-03 16:24:32

标签: php laravel authentication oauth-2.0 laravel-passport

我遵循了以下步骤:

  1. documentation安装了护照包
  2. 使用db:seed创建了一个用户(我很惊讶地看到api_token列不 存在错误..总的来说,我添加了此列manually
  3. 使用db:seed创建了一个用户(我不知道api_token的作用是什么,但是 我随机填充)
  4. 通过成功生成了访问令牌 http://localhost:8000/oauth/token上的密码凭据

问题是消费我总是得到的生成令牌时

{"message":"Unauthenticated."}

生成的令牌样本:

{
    "token_type": "Bearer",
    "expires_in": 31536000,
    "access_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImp0aSI6ImNhNjdlNTA5MDI0M2FhZjMwNDViZGQ1OTc5MDI3YTc4ODA4MWFiMTA4NDk5OThmZTE0NmJhYmRiZmNkYzRlN2MxNjcyZDdhZjdmNTU4Y2Y4In0.eyJhdWQiOiIyIiwianRpIjoiY2E2N2U1MDkwMjQzYWFmMzA0NWJkZDU5NzkwMjdhNzg4MDgxYWIxMDg0OTk5OGZlMTQ2YmFiZGJmY2RjNGU3YzE2NzJkN2FmN2Y1NThjZjgiLCJpYXQiOjE1NDEyNjE5MTYsIm5iZiI6MTU0MTI2MTkxNiwiZXhwIjoxNTcyNzk3OTE2LCJzdWIiOiIxIiwic2NvcGVzIjpbXX0.JuTqO1W9gSLq1gA0ku8snsfaZXvX08Rjr_KbFtLzNOgP1mpzLbkOT7QzwdBVwOU4Fq6qUaZYP7bTKVPOSr9D8kBJLHEvN83vG-7JnSK87128bVVL1SCI31-ZsyG53LU0py2HOsycgZup7X3NXweDQ9YFNDZneuWASNhb5j06didSZ_p4C1eON3ptjnay1H2zjYHZoQ2prFQgi-ZQpXxt3c_4WhciDb-Yb8a8VBdub1mvj5gMF8kkrTN9cLlIpTFDsxGJTAkD0wYCX0W_I6Aggjc5YSEK_ovYJ5b4Ag2B8chrKqLXvRbplYkMCypsNxyR-OMJe0VCOISvutUdvU0UU7JvbyEoE45uFzV6wAqDMXQF0G10Sd1QB5fSzWHjj2pBonjnYGrEOynXpt8AGmU-Ip53rHAC3k7Tif0CE5QQ-kFJ01b-BW-MQp2MFwRRHZTOkXSnsfGocZBaryTHfgdGMPS7hcxJDh-l7h1g6wq6ywNIevI-XiUaC_XjrSUn-uUe4J1XtK1S6wM58OeprLtfbsleYOoYH2nnmZ6eXpCaeS3ENVTnT5t3sJV_TgUfR8hOuPlCB8uqFNE9atBGgP2fiNcgNkyu5uG0AXM3_drvgsSumyvJYXLRMfkHeaAA3HTWKzUck-yhxuSqNpTZPMt-Ml1FzNx4ABUQDB7WrXG3Rd0",
    "refresh_token": "def50200e277884b2343dc16700e2ccd4b6f46ae31131fc6dc4ef643204d74696dceafa430647d89732cf1a06c944f04583510afd1f53aa84cfacdc7fb81843ec163802922171451e0d2511788b7ee71d6e341ae07977c45f44373d9db2c65b81618dd7e0fe066a3f76c4339b6308a4561c23eb31b1fd291fbf91e379c98ca1ee0f7c689eac1aac2ea0b4a5468f954ea82d2aa5d505b38d92ccb9663b0ecefb3702903738bb843b1d8cd12a9feeefcb3705713cb7b699de02c4dafa32616caf9e32a965a30224a806d8b6cb776f81da0961ce1e2cd8348e7e2b8ffd42b0ba9fd9f9e1f34b6160f4ed1e41d778a8207e17ca512aee2368a43ec3bcc7b5897d2774fd94b3ff5e7ce2cc0ce386f42e4a43d4d49a126d629bc90aa72e087f67183509b739008ce73839801a58ff76f1c7d310e9ba79c52ec4758bdcfaa53e15ed286528ee27ac0e9e8498776920b8d1cd5d6aff4029b9fc19a02c8b71badd960f190a8"
}

我的软件包版本:

    "php": "^7.1.3",
    "barryvdh/laravel-cors": "^0.11.2",
    "fideloper/proxy": "^4.0",
    "laravel/framework": "5.7.*",
    "laravel/passport": "^7.0",
    "laravel/tinker": "^1.0",
    "spatie/laravel-permission": "^2.23"

中间件防护:

Route::middleware('auth:api')->get('/user', function (Request $request) {
    return $request->user();
});

有什么我想念的吗?

更新:

我注意到,当我将每个随机字符串放在用户表的api_token列中时,我可以轻松地通过承载令牌来对用户进行身份验证

问题: 因此,在通过以下方式对用户进行身份验证之后:

Auth::attempt($credentials)

框架应该自动填充 token_api 还是我应该手动填充?

1 个答案:

答案 0 :(得分:0)

原来是laravel缓存问题:

  1. 不需要laravel / passport的token_api列
  2. 只需运行php artisan config:cache即可重置缓存