我目前正在开发 Angular(前端)- Laravel(API)应用程序。我需要知道是否可以进行混合登录。
目前我正在使用存储过程进行登录。但是如果登录成功,我想将 JWT 令牌发送到客户端。如果不调用 JWT 尝试方法,这可能吗? JWT 是否有类似 JWT::getToken($mail); 的方法?如果我做不到,还有其他解决方法吗?
$mail = $request['email'];
$password = $request['password'];
$query = new Query("CALL SP_USER_LOG_IN(?,?, @outputMessage)");
$query->addParameter(1, $mail);
$query->addParameter(2, $password);
$outputMessage = DB::executeQuery($query);
if($outputMessage === null)
{
//It means the login was successful
$token = JWT::getToken($mail);
return ["error" => NULL, "token" => $token];
}
else
{
return ["error" => $outputMessage];
}
注意
我刚刚发现 JWT,它看起来是一个非常好的解决方案,因为我正在前端使用轻型角度应用程序。但由于我必须使用存储过程,所以我不知道如何继续。
验证用户后,从数据库中获取他们,然后创建令牌
fromUser($user)if($outputMessage === null)
{
//It means the login was successful
$user = User::where('email', $mail)->first();
$token = JWT::fromUser($user);
return ["error" => NULL, "token" => $token];
}
从
jwt-auth更改为更新的 Composer
Php Open Source Saver 库包
composer require php-open-source-saver/jwt-auth`
按照安装说明进行操作并更改您的
UserJWTSubjectgetJWTIdentifiergetJWTCustomClaims在 config/auth.php 文件中创建一个身份验证保护条目(为清楚起见,此处命名为
jwt_auth_guard'guards' => [
'jwt_auth_guard' => [
'driver' => 'jwt',
'provider' => 'users',
],
],
将此方法放入您的控制器中以获取给定电子邮件地址的 jwt (注意:您需要保护此端点)
public function getJwtFromEmail()
{
$validated = request()->validate([
'email' => 'required|string',
]);
// fetch the user with the matching identifier
$user = User::where(['email' => $validated['email']])->get()->first();
if (empty($user)) {
return response()->json('Could not identify user', 401);
}
// the `login` method of the jwt driver for `jwt_auth_guard` will return a jwt
$token = auth('jwt_auth_guard')->login($user);
if ($token === false) {
return response()->json('credentials not accepted', 401);
}
$jwt_payload = [
'access_token' => $token,
'token_type' => 'bearer',
'expires_in' => auth('jwt_auth_guard')->factory()->getTTL() * 60,
];
return response()->json($jwt_payload);
}
将此方法放入控制器中以获取一组凭据的 jwt (注意:您需要保护此端点)
public function getJwtFromCredentials()
{
$validated = request()->validate([
'username' => 'required|string',
'password' => 'required|string',
]);
// isolate the request to its credentials
$credentials = request()->only('username', 'password');
// the `attempt` method of the jwt driver for `jwt_auth_guard` will return a jwt
$token = auth('jwt_auth_guard')->attempt($credentials);
if ($token === false) {
return response()->json('credentials not accepted', 401);
}
$jwt_payload = [
'access_token' => $token,
'token_type' => 'bearer',
'expires_in' => auth('jwt_auth_guard')->factory()->getTTL() * 60,
];
return response()->json($jwt_payload);
}