問題描述
我正在嘗試使用 Laravel Passport 設置多重身份驗證,但它似乎不支持它.我正在使用密碼授予來頒發令牌,這要求我傳遞想要訪問令牌的用戶的用戶名/密碼.
I am trying to setup multi auth with Laravel Passport, but it doesn't seem to support it. I am using the Password Grant to issue tokens which requires me to pass username/password of the user wanting access tokens.
我設置了 3 個身份驗證防護/提供程序,總共 4 個.用戶、供應商、管理員和 API
I have 3 auth guards/providers setup, 4 in total. Users, Vendors, Admins and API
其中 2 個 Auth 需要通行證訪問權限,因此每個用戶都需要能夠頒發令牌.但是 Passport 會自動采用 API 身份驗證提供程序,但我希望根據登錄的用戶進行更改..
2 of the Auths need passport access, so each user needs to be able to issue tokens. But Passport automatically takes the API auth provider, but I want this to change based on which user is logging in.. If user does then the User provider and if its a vendor then the Vendor provider.
但是 Passport 目前只支持 1 種用戶類型,所以默認為 API 提供者.
But the way Passport currently only supports only 1 user type, so its defaulting to the API provider.
有什么更好的方法嗎?或者我應該改用基于角色的身份驗證.
Is there something better for this? or should I go with roles based authentication instead.
推薦答案
如果您仍然需要.
我更喜歡使用角色,有一個很棒的插件:https://github.com/larapacks/授權
I prefer go with roles, there is an amazing plugin for that: https://github.com/larapacks/authorization
但如果您有某種需要,您可以按照以下步驟使用.
But if you somehow needs that, you will be able to use following the steps bellow.
對于多個守衛,您將不得不覆蓋一些代碼.
For multi guards, you will have to overwrite some code.
您不是加載 PassportServiceProvider,而是創建自己的并擴展 PassportServiceProvider 并覆蓋方法 makePasswordGrant.在此方法中,您將為自己的擴展存儲庫更改 Passport UserRepository.在用戶存儲庫上,您必須將靜態模型配置更改為動態模型配置(我從請求屬性加載,但您可以從任何地方獲取).
Instead of loading PassportServiceProvider, you create your own and extends the PassportServiceProvider and overwrites the method makePasswordGrant. On this method, you will change the Passport UserRepository for your own repository extended. On user repository you must to change the static model config for a dynamic one (I load from request attributes, but you can get from anywhere).
您可能需要覆蓋其他內容,但我進行了測試并有效.
You may have to overwrite something else, but I made a test and works.
例如:
PassportServiceProvider
PassportServiceProvider
namespace AppProviders;
use LeagueOAuth2ServerAuthorizationServer;
use LeagueOAuth2ServerGrantPasswordGrant;
use LaravelPassportPassportServiceProvider as BasePassportServiceProvider;
use LaravelPassportPassport;
class PassportServiceProvider extends BasePassportServiceProvider
{
/**
* Create and configure a Password grant instance.
*
* @return PasswordGrant
*/
protected function makePasswordGrant()
{
$grant = new PasswordGrant(
$this->app->make(AppRepositoriesPassportUserRepository::class),
$this->app->make(LaravelPassportBridgeRefreshTokenRepository::class)
);
$grant->setRefreshTokenTTL(Passport::refreshTokensExpireIn());
return $grant;
}
}
用戶存儲庫
namespace AppRepositories;
use App;
use IlluminateHttpRequest;
use LeagueOAuth2ServerEntitiesClientEntityInterface;
use LaravelPassportBridgeUserRepository;
use LaravelPassportBridgeUser;
use RuntimeException;
class PassportUserRepository extends UserRepository
{
/**
* {@inheritdoc}
*/
public function getUserEntityByUserCredentials($username, $password, $grantType, ClientEntityInterface $clientEntity)
{
$guard = App::make(Request::class)->attributes->get('guard') ?: 'api';
$provider = config("auth.guards.{$guard}.provider");
if (is_null($model = config("auth.providers.{$provider}.model"))) {
throw new RuntimeException('Unable to determine user model from configuration.');
}
if (method_exists($model, 'findForPassport')) {
$user = (new $model)->findForPassport($username);
} else {
$user = (new $model)->where('email', $username)->first();
}
if (! $user ) {
return;
} elseif (method_exists($user, 'validateForPassportPasswordGrant')) {
if (! $user->validateForPassportPasswordGrant($password)) {
return;
}
} elseif (! $this->hasher->check($password, $user->password)) {
return;
}
return new User($user->getAuthIdentifier());
}
}
PS:對不起,我的英語不好.
PS: Sorry my bad english.
這篇關于使用 Laravel 5.4 和 Passport 進行多重身份驗證的文章就介紹到這了,希望我們推薦的答案對大家有所幫助,也希望大家多多支持html5模板網!