我想问一下我能否在 Web 路由和 API 之间使用不同的令牌吗?
例如,如果我使用 Web 路径登录,则我希望令牌的有效期限为15天。但是,如果我使用Route API 登录,我希望令牌有效期为10小时。
我是否可以整理以下文件。例如,如果 $ route 在 API 中,请为其分配一个不同的过期令牌。
App \ Providers \ AuthServiceProvider.php
<?php
namespace App\Providers;
use Illuminate\Foundation\Support\Providers\AuthServiceProvider as ServiceProvider;
// use App\Models\Passport\Client;
use Illuminate\Support\Facades\Route;
use Laravel\Passport\Passport;
/**
* Auth service provider, Laravel default
*/
class AuthServiceProvider extends ServiceProvider
{
/**
* The policy mappings for the application.
*
* @var array
*/
protected $policies = [
'App\Model' => 'App\Policies\ModelPolicy',
];
/**
* Register any authentication / authorization services.
*
* @return void
*/
public function boot()
{
$this->registerPolicies();
Passport::routes(function ($router) {
$router->all();
Route::post('/token', [
'uses' => 'AccessTokenController@issueToken',
'as' => 'passport.token',
]);
});
Passport::tokensExpireIn(now()->addDays(15));
Passport::refreshTokensExpireIn(now()->addDays(30));
}
}
这是我的 API 登录端点。
public function login(Request $request)
{
$http = new \GuzzleHttp\Client;
try {
$response = $http->post(config('services.passport.login_endpoint'), [
'form_params' => [
'grant_type' => 'password',
'client_id' => config('services.passport.client_id'),
'client_secret' => config('services.passport.client_secret'),
'username' => $request->username,
'password' => $request->password,
],
]);
return json_decode($response->getBody(), true);
} catch (\GuzzleHttp\Exception\BadResponseException $e) {
if ($e->getCode() == 400) {
return response()->json('Invalid Request. Please enter a Email or Password.', $e->getCode());
} elseif ($e->getCode() == 401) {
return response()->json('Your credentials are incorrect. Please try again', $e->getCode());
}
return response()->json('Something went wrong on the server.', $e->getCode());
}
}
谢谢。