我在使用laravel auth中间件时遇到了两天的麻烦。
我已经了解Auth系统如何与JWTtoken一起使用。在我的控制器中,一切正常,我获得了用户登录名,并且可以使用Auth :: guard-> user()进行访问。
但是我的中间件Authenticate.php有一个问题:
<?php
namespace App\Http\Middleware;
use Illuminate\Auth\Middleware\Authenticate as Middleware;
use Illuminate\Support\Facades\Auth;
use Closure;
class Authenticate extends Middleware
{
protected function redirectTo($request)
{ dd(
$request->user(),
auth()->id() ?? '?',
Auth::id() ?? '?',
$request->user()->id ?? '?',
auth()->check(),
get_class(auth()->guard())
);
}
}
我尝试在多个帖子或教程中找到的所有内容,但结果是相同的(在控制器中,所有工作用户都同时登录):
null
"?"
"?"
"?"
false
"Tymon\JWTAuth\JWTGuard"
AuthController.php
public function __construct()
{
$this->middleware('auth', ['except' => ['login', 'register']]);
}
public function login(Request $request){
$credentials = $request->only('email', 'password');
if(!$token = $this->guard()->attempt($credentials)){
return response()->json(['error' => "L'email ou le mot de passe ne correspondent pas."]);
}else {
return response()->json([
'token' => $token,
]);
}
}
public function guard()
{
return Auth::guard();
}
And Multiple function me,logout...
Kernel.php
<?php
namespace App\Http;
use Illuminate\Foundation\Http\Kernel as HttpKernel;
class Kernel extends HttpKernel
{
protected $middleware = [
// \App\Http\Middleware\TrustHosts::class,
\App\Http\Middleware\TrustProxies::class,
\Fruitcake\Cors\HandleCors::class,
\App\Http\Middleware\CheckForMaintenanceMode::class,
\Illuminate\Foundation\Http\Middleware\ValidatePostSize::class,
\App\Http\Middleware\TrimStrings::class,
\Illuminate\Foundation\Http\Middleware\ConvertEmptyStringsToNull::class,
];
protected $middlewareGroups = [
'web' => [
\App\Http\Middleware\EncryptCookies::class,
\Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class,
\Illuminate\Session\Middleware\StartSession::class,
// \Illuminate\Session\Middleware\AuthenticateSession::class,
\Illuminate\View\Middleware\ShareErrorsFromSession::class,
\App\Http\Middleware\VerifyCsrfToken::class,
\Illuminate\Routing\Middleware\SubstituteBindings::class,
],
'api' => [
//'throttle:60,1',
\Illuminate\Routing\Middleware\SubstituteBindings::class,
],
];
protected $routeMiddleware = [
'auth' => \App\Http\Middleware\Authenticate::class,
'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
'bindings' => \Illuminate\Routing\Middleware\SubstituteBindings::class,
'cache.headers' => \Illuminate\Http\Middleware\SetCacheHeaders::class,
'can' => \Illuminate\Auth\Middleware\Authorize::class,
'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class,
'password.confirm' => \Illuminate\Auth\Middleware\RequirePassword::class,
'signed' => \Illuminate\Routing\Middleware\ValidateSignature::class,
'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class,
'verified' => \Illuminate\Auth\Middleware\EnsureEmailIsVerified::class,
];
}
我已经尝试在$ middlewareGroups网站中采用规则,而过去在$ middleware中采用规则,如果我这样做,那就是说: “调用成员函数parameters()时为null”。
因此,对我的身份验证没有任何更改为空。
非常感谢有人可以向我解释问题和我做错了!
编辑:
api.php
Route::group(['prefix' => 'auth', 'namespace' => 'Auth'], function ($router) {
Route::post('/inscription', 'AuthController@register');
Route::post('/connexion', 'AuthController@login');
Route::get('/logout', 'AuthController@logout');
Route::get('/me', 'AuthController@me');
Route::get('/isAdmin', 'AuthController@isAdmin');
});
找不到解决方案:(
答案 0 :(得分:1)
Authenticate.php
public function handle($request, Closure $next, ...$guards)
{
$this->authenticate($request, $guards);
$user = $this->auth->user();
...do your thing....
Kernel.php
protected $middlewareGroups = [
'api' => [
\Illuminate\Session\Middleware\StartSession::class,
\AEPlanning\Http\Middleware\VerifyCsrfToken::class,
只有成功登录后,您才能获得用户