我正在使用Laravel 5.8,在广播中,我使用redis,laravel echo服务器和socket.io而不是pusher。
我也不使用护照,而是使用警卫进行简单的会话身份验证。
我想做的是我想对应用程序中的私人频道进行身份验证。
每次我遇到此错误:
Client can not be authenticated, got HTTP status 403
[10:56:16 AM] - 6zlHuDCVFNgv_a1OAAAD could not be authenticated to private-public_addresses.12345.1
{
"message": "",
"exception": "Symfony\\Component\\HttpKernel\\Exception\\AccessDeniedHttpException",
"file": "/home/winlappy1/coins_orbit/vendor/laravel/framework/src/Illuminate/Broadcasting/Broadcasters/RedisBroadcaster.php",
我在stackoverflow上遇到的一个类似问题是this,但无法回答我的情况。
这是我所做的:
laravel-echo-server.json
{
"authHost": "http://localhost:8000",
"authEndpoint": "/broadcasting/auth",
"clients": [
{
"appId": "123",
"key": "123"
}
],
"database": "redis",
"databaseConfig": {
"redis": {
"port": "6379",
"host": "127.0.0.1"
},
"sqlite": {
"databasePath": "/database/laravel-echo-server.sqlite"
}
},
"devMode": true,
"host": null,
"port": "6001",
"protocol": "http",
"socketio": {},
"secureOptions": 67108864,
"sslCertPath": "",
"sslKeyPath": "",
"sslCertChainPath": "",
"sslPassphrase": "",
"subscribers": {
"http": true,
"redis": true
},
"apiOriginAllow": {
"allowCors": true,
"allowOrigin": "http://localhost:80",
"allowMethods": "GET, POST",
"allowHeaders": "Origin, Content-Type, X-Auth-Token, X-Requested-With, Accept, Authorization, X-CSRF-TOKEN, X-Socket-Id"
}
}
BroadcastServiceProvider.php
<?php
namespace App\Providers;
use Illuminate\Support\ServiceProvider;
use Illuminate\Support\Facades\Broadcast;
class BroadcastServiceProvider extends ServiceProvider
{
/**
* Bootstrap any application services.
*
* @return void
*/
public function boot()
{
Broadcast::routes();
require base_path('routes/channels.php');
}
}
channel.php
Broadcast::channel('public_addresses.{address}.{purchase_id}', function ($user, $address, $purchase_id) {
$vendor_id = $user->id;
if (true == Purchase::findByPublicAddress($address, $vendor_id)) {
return true;
}
return false;
});
收听我的刀片文件中的频道:
<meta name="csrf-token" content="{{ csrf_token() }}" />
<script src="{{asset('js/echo.js')}}"></script>
<script src="{{asset('js/socket.io.js')}}"></script>
<script>
window.Echo = new Echo({
broadcaster: 'socket.io',
host: window.location.hostname + ':6001',
auth: {
headers: {
'X-CSRF-TOKEN': $('meta[name="csrf-token"]').attr('content')
}
}
});
var vendor = Echo.private(`public_addresses.12345.1`);
vendor.listen("TransactionConfirmed", e => {
console.log('listened to event successfully');
console.log(e);
});
</script>
您应该注意的一件事是,我使用的是csrf令牌来验证频道,而不是护照的令牌,因为我没有使用护照。
我遇到了很多问题,但是他们都只谈论护照令牌。
在这方面请帮助我。