使用其他用户保护的 Laravel Passport 身份验证

Question

在 Laravel 8 中使用 Laravel Passport 和 Authentication 的 REST-API。

简介

我有 Analytics 模型 Authenticable 来验证 web 和 api 中的请求，而不是使用默认的 @987654327 @Model 对应analytics 和user 表。

我创建了一个登录名并使用this article 注册。我能够运行register 路由并让用户进入analytics 表。但是，我无法访问登录路径。

回应

{
    "message": "Invalid Credentials"
}

请求：

我正在端点 http://example.com/api/login 上发送 POST HTTP 请求并输入适当的凭据

下面是如下配置。

Analytics 和 User 模型如下：

<?php

namespace App;
use Illuminate\Notifications\Notifiable;
use Notification;
use Illuminate\Foundation\Auth\User as Authenticatable;
use App\Notifications\AnalyticsResetPassword;
use Illuminate\Database\Eloquent\Model;

class Analytics extends Authenticatable
{
    use Notifiable, HasApiTokens;
    public function sendPasswordResetNotification($token)
    {
        $this->notify(new AnalyticsResetPassword($token));
    }
    protected $table = "analytics";
    protected $fillable = ['name', 'email', 'password', 'mobile', api_token', ];
    protected $hidden = ['password', 'api_token', 'remember_token', ];
}

<?php

namespace App;

use Illuminate\Notifications\Notifiable;
use Illuminate\Contracts\Auth\MustVerifyEmail;
use Illuminate\Foundation\Auth\User as Authenticatable;

class User extends Authenticatable
{
    use Notifiable;
    protected $fillable = ['name', 'email', 'password', ];
    protected $hidden = ['password', 'remember_token',];
    protected $casts = ['email_verified_at' => 'datetime',];
}

App\Http\Controllers\Analytics\APIController

<?php

namespace App\Http\Controllers\Analytics;

use App\Http\Controllers\Controller;
use Illuminate\Http\Request;
use App\Analytics;

class APIController extends Controller
{
    public function login(Request $request)
    {
        $loginData = $request->validate([
            'email' => 'email|required',
            'password' => 'required'
        ]);
        if (!auth()->attempt($loginData)) {
            return response(['message' => 'Invalid Credentials']);
        }
        $accessToken = auth()->user()->createToken('authToken')->accessToken;
        return response(['user' => auth()->user(), 'access_token' => $accessToken]);
    }
}

我尝试像这样修改我的config/auth.php 文件：

<?php

return [
    'defaults' => [
        'guard' => 'web',
        'passwords' => 'users',
    ],

    'guards' => [
        'web' => [
            'driver' => 'session',
            'provider' => 'users',
        ],

        'api' => [
            'driver' => 'passport',
            'provider' => 'analytics',
            'hash' => false,
        ],
    ],

    'providers' => [
        'users' => [
            'driver' => 'eloquent',
            'model' => App\User::class,
        ],

        'analytics' => [
            'driver' => 'eloquent',
            'model' => App\Analytics::class,
        ],
    ],
];

EDIT1：我尝试了以下但没有运气Laravel Passport Multiple Authentication using Guards

Answer 1

我能够通过使用guard 方法在Auth 外观上指定守卫实例来验证用户。 Authentication - Accessing Specific Guard Instances

下面是我的实现。

public function login(Request $request)
    {
       if (!Auth::guard('analytics')->attempt($loginData)) {
            return response(['message' => 'Invalid Credentials']);
        }
        $accessToken = Auth::guard('analytics')->user()->createToken('authToken')->accessToken;
        return response(['user' => Auth::guard('analytics')->user(), 'access_token' => $accessToken]);
    }