我开发了一个API,该API收集用户的原始数据。这些是以下数据
ACNo: 5,
name: John Doe,
datetime: "2019-04-07 08:28:00",
state: C/In,
deviceID: 12345678910,
status: saved
但是在这些数据能够成功插入到我的数据库之前。 该api应该验证他正在使用哪个帐户上传数据。 因此,我为登录创建了另一个api,使用laravel中的 passport身份验证将具有到期日期的用户令牌保存在数据库中。
我想知道如何检查当前是否有经过身份验证的帐户,以允许将数据插入到我的数据库中。如果没有经过身份验证的帐户,则需要先登录。
这是我的登录代码:
public function login(Request $request){
$request->validate([
'email'=>'required',
'password'=>'required'
]);
$user = User::where('email',$request->email)->first();
if(!$user){
return response(['status'=>'error','message'=>'User not found']);
}
if(Hash::check($request->password, $user->password)){
$http = new Client;
$response = $http->post(url('oauth/token'), [
'form_params' => [
'grant_type' => 'password',
'client_id' => '2',
'client_secret' => 'tZ7E9YiCamCHec07TccW41UbHWB8jaFXi8Py3BgM',
'username' => $request->email,
'password' => $request->password,
'scope' => '',
],
]);
// return response(['data'=>json_decode((string) $response->getBody(), true)]);
return response(['Status'=>'Successfully Login']);
}else{
return response(['status'=>'error','message'=>'Incorrect username/password!']);
}
}
这是我的插入数据:如果有登录帐户,则应对此进行验证。此代码应允许将数据插入到我的数据库中
public function timekeeping(Request $request){
$validatedData = $request->validate([
'ACNo'=>'required',
'name'=>'required',
'datetime'=>'required',
'state'=>'required',
'deviceID'=>'required',
'status'=>'required'
]);
$DTR = new DateTimeAPI;
$DTR->ACNo = $request->ACNo;
$DTR->name = $request->name;
$DTR->email = $request->email;
$DTR->apiKey ="NONE";
$DTR->datetime = $request->datetime;
$DTR->state = $request->state;
$DTR->deviceID = $request->deviceID;
$DTR->status = $request->status;
$DTR->save();
return response(['status'=>'ok','message'=>'Upload Success']);
}