server和web分离的架构下,passport用于前后端的认证users前段时间(大概一年前)写了一个项目,使用建立了前后端代码分离的架构,同时由于业务需要,有两套user管理端和前端商户端表登录需求。因为passport包是用来做登录认证的,但是passport不支持多用户系统认证。所以当时是用一个中间表来做鉴权的。这种方法可以解决问题,但是太复杂了。最近有个新项目,遇到了同样的问题,于是上网搜索有没有简单的解决方法,找到了一个使用sfelix-martins/passport-multiauth的wheel,可以轻松实现,前面-端后端分离架构接下来,使用passport对前后端用户进行认证。在此要感谢SamuelMartins为我们提供了如此优秀的轮组,现已更新到3.0版本。具体使用方法其实看文档就很简单了。但这里是我使用的过程的简要说明。在此之前,你需要阅读使用passport的相关教程1.引入smartins/passport-multiauthcomposerrequiresmartins/passport-multiauth2。迁移数据表oauth_access_token_providersphpartisanmigrate3。引入HasMultiAuthApiTokensuseIlluminate\Notifications\Notifiable;Illuminate\Foundation\Auth\User为可验证的;使用SMartins\PassportMultiauth\HasMultiAuthApiTokens;classAdminextendsAuthenticatable{useNotifiable,HasMultiAuthApiTokens;}4.在config/auth.phpproviders数组中添加对应的provider//...'providers'=>['users'=>['driver'=>'eloquent','model'=>App\User::class,],//**Newprovider**'admins'=>['driver'=>'eloquent','model'=>App\Admin::class,],],5.在config/auth.phpguards数组中添加对应的guard//...'guards'=>['web'=>['driver'=>'session','provider'=>'用户',],'api'=>['driver'=>'passport','provider'=>'users',],//**Newguard**'admin'=>['driver'=>'passport','provider'=>'admins',],],//...5。在app/Http/Kernel.php的$routeMiddleware数组中添加AddCustomProvider中间件classKernelextendsHttpKernel{//.../***应用程序的路由中间件。**这些中间件可以分配给组或单独使用。**@vararray*/protected$routeMiddleware=[//'auth'=>\Illuminate\Auth\Middleware\Authenticate::class,'auth'=>\SMartins\PassportMultiauth\Http\Middleware\MultiAuthenticate::class,'auth.basic'=>\Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,'bindings'=>\Illuminate\Routing\Middleware\SubstituteBindings::class,'can'=>\Illuminate\Auth\Middleware\Authorize::class,'guest'=>\App\Http\Middleware\RedirectIfAuthenticated::class,'oauth.providers'=>\SMartins\PassportMultiauth\Http\Middleware\AddCustomProvider::class,'throttle'=>\Illuminate\Routing\中间件\ThrottleRequests::类,];//...}6.在AuthServiceProvider里增加对应的路径由命名空间App\Providers;useRoute;useLaravel\Passport\Passport;useIlluminate\Support\Facades\Gate;useIlluminate\Foundation\Support\Providers\AuthServiceProviderasServiceProvider;classAuthServiceProviderextendsServiceProvider{//.../***注册任何身份验证/授权服务。**@returnvoid*/publicfunctionboot(){$this->registerPolicies();护照::路线();//中间件`oauth.providers`中间件定义在上面的$routeMiddleware上Route::group(['middleware'=>'oauth.providers'],function(){Passport::routes(function($router){return$router->forAccessTokens();});});}//...}7.运行vendor:publishphpartisanvendor:publish--provider="SMartins\PassportMultiauth\Providers\MultiauthServiceProvider"8.在使用oauth/token认证的时候要增加provider字段POST/oauth/tokenHTTP/1.1Host:localhostAccept:application/json,text/plain,*/*内容-类型:application/json;charset=UTF-8Cache-Control:no-cache{“grant_type”:“refresh_token”,“client_id”:“client-id”,“client_secret”:“client-secret”,“refresh_token”:"refresh-token","provider":"admins"}至此,基本可以进行多表认证了。在使用过程中遇到了一个小问题,因为我先用了passport,开发过程中为了方便直接用seeder填充对应的oauth_client表,这样也省去了每次都需要重新运行passport:install生成数据数据表被重置。当我使用PersonalAccessTokens时,会报错Tryingtogetproperty'client'ofnon-bojectat>>>\\vendor\laravel\\passport\\src\\ClientRepository.php:81这个问题是因为oauth_personal_access_clients表中没有数据,只添加一条oauth_personal_access_client数据。原文地址:在server和web分离的架构下使用passport对前后端用户进行认证
