Laravel开发：如何使用Laravel Passport实现API身份验证？

Laravel是一个开源的PHP Web应用程序框架，旨在帮助开发者轻松构建高效的Web应用程序。Laravel Passport是Laravel框架的一部分，它是一个实现OAuth2协议的身份验证服务器，为API开发提供了强大的支持。在本文中，我们将介绍如何使用Laravel Passport实现API身份验证。

使用Laravel Passport之前，我们需要先安装它。可以通过运行以下命令来安装Laravel Passport：

composer require laravel/passport登录后复制

要使用Laravel Passport进行API身份验证，我们需要将其与Laravel的认证中间件结合使用。可以在app/Http/Kernel.php文件中为API组添加相应的认证中间件：

protected $middlewareGroups = [ 'api' => [ 'throttle:60,1', IlluminateRoutingMiddlewareSubstituteBindings::class, LaravelPassportHttpMiddlewareCreateFreshApiToken::class, ], ];登录后复制

接下来，我们需要为API创建相应的认证路由。可以在routes/api.php文件中添加以下路由：

Route::post('login', 'APIAuthController@login'); Route::post('register', 'APIAuthController@register'); Route::group(['middleware' => ['auth:api']], function() { Route::get('details', 'APIAuthController@details'); // 添加更多需要登录才能访问的API路由 });登录后复制

现在，我们需要创建处理API身份验证和路由的控制器。可以使用以下命令创建AuthController：

php artisan make:controller API/AuthController登录后复制

use IlluminateHttpRequest; use IlluminateSupportFacadesAuth; use IlluminateSupportFacadesValidator; use AppUser; class AuthController extends Controller { /** * 用户注册 * * @param IlluminateHttpRequest $request * @return IlluminateHttpResponse */ public function register(Request $request) { $validator = Validator::make($request->all(), [ 'name' => 'required|string|max:255', 'email' => 'required|string|email|unique:users', 'password' => 'required|string|min:6', ]); if ($validator->fails()){ return response(['errors'=>$validator->errors()->all()], 400); } $request['password'] = bcrypt($request['password']); $user = User::create($request->toArray()); $token = $user->createToken('MyApp')->accessToken; return response(['token' => $token], 200); } /** * 用户登录 * * @param IlluminateHttpRequest $request * @return IlluminateHttpResponse */ public function login(Request $request) { $validator = Validator::make($request->all(), [ 'email' => 'required|string|email', 'password' => 'required|string', ]); if ($validator->fails()) { return response(['errors'=>$validator->errors()->all()], 400); } if (!Auth::attempt(['email' => $request['email'], 'password' => $request['password']])) { return response(['message' => 'Invalid login credentials'], 400); } $user = $request->user(); $token = $user->createToken('MyApp')->accessToken; return response(['token' => $token], 200); } /** * 获取用户详细信息 * * @param IlluminateHttpRequest $request * @return IlluminateHttpResponse */ public function details(Request $request) { return response()->json(['user' => $request->user()], 200); } }登录后复制

现在，我们可以通过发送用户名和密码来测试API身份验证。可以使用Postman或curl等工具执行以下命令：

curl -X POST http://your-app-url/api/login -H 'content-type: application/json' -d '{ "email": "user@example.com", "password": "password" }'登录后复制

{ "token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImp0aSI6ImU4YmI2Njk0MGEyNmIzY2Q2ZmY4M2Q3MjQ5ZjgzODE1MTI2ZmRkMDIyM2YyMzVmOGZmNjhlOWM5NGU2Mzk4ZTU3ZWZiMDJhNmQyZmRlZjA2In0.eyJhdWQiOiIxIiwianRpIjoiZThiYjY2OTAwZTI2YjNjZDZmZjgzZDcyNDlmODM4MTUxMjZmZGQwMjIzZjIzNWY4ZmY2OGU5Yzk0ZTYzOThlNTdlZmIwMmE2ZDJmZGVmMDYiLCJpYXQiOjE2Mjg5NDM3NzQsIm5iZiI6MTYyODk0Mzc3NCwiZXhwIjoxNjMxMDQ5Nzc0LCJzdWIiOiIxIiwic2NvcGVzIjpbXX0.toR762TgsNDarQZs6azl-jg-tP2996vzUc-LOQB90Twcb0Y3BC5vrd3jDW70QQw961MwV_sFrU1dhyKLMN76lG6B03zv6GjU6tLHyrqQi88t0clSrVupAcaQHOAB0gGLBRAOc5Ql1z9CHXx8f_FkA3RVC4htHNTk_r0mM-szWcf1sRONQYaARPDFl7ZJwj1_wYB7M6dcpiEDDhpyzmRFPv7pYyX8805BL4yg6z-Kmxc-DW4GSS4NTBxnctwGPf9w8fYc2zJGHXmT6OtqVjuqKDdFQgxIQhEkeSldBZmzTIPIR_tTa8Ub3Cxlx69zAfJTHosXwPYQOO03LBJwNVdjeLIkKgQK1PcAXD2kN4-RuyTEMXYNQ0wRGaHIb3vxwqVdjrrVE9yrDMIpAPRgzFwzXbJWvKmxzZpFTUz9RvIqUFt2zNbIG5kLOUyvmKIqO-aTISCT0wu0T0ZEq-DpXJ7-C6z-M0cJJP37y7eV4jdAMx7yD9jT85Knv4_hjLyKvF4We5DSSOYjeIVoq3XHNJdmYJ7X3ph6Ko1CfdtVKNVf20Vx8Z_Zi-pe9bTY0n-tSkwDvVXpVOrb3BOalq7MbOpTe8Klf9uZ_ZIDqTlTnrYV_oh_5isrImv7r8D1NX1G4p9jRcI16MEFDE" }登录后复制

curl -X GET http://your-app-url/api/details -H 'authorization: Bearer '登录后复制

{ "user": { "id": 1, "name": "User", "email": "user@example.com", "email_verified_at": null, "created_at": "2021-08-13T02:58:04.000000Z", "updated_at": "2021-08-13T02:58:04.000000Z" } }登录后复制