秀坤

使用Laravel创建API平台

2025-04-14

创建一个新项目

$ laravel new api_example

 

添加认证包,在用户登陆成功以后返回一个token. 

$ composer require laravel/sanctum

 

创建一个api的Controller

$ php artisan make:controller api/UserController --api

 

创建登陆接口

use App\Http\ApiBase;
use App\Models\User;
use Illuminate\Auth\AuthenticationException;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;

class UserController extends ApiBase
{
   /**
     * User login api.
     *
     * @param Request $request
     * @return mixed
     */
    public function login(Request $request) {
        if (Auth::attempt([
            'username' => $request->get('username'),
            'password' => $request->get('password')
        ])) {
            $authUser = Auth::user();
            $success['token'] =  $authUser->createToken('example')->plainTextToken;
            $user_info = $authUser->toArray();
            $success['info'] = $user_info;

            return $this->responseSuccess($success);
        } else {
            return $this->responseError('Unauthorised', 401);
        }
    }

}

 

创建用户模型models/User.php

<?php

namespace App\Models;

use App\Http\BaseModel;
use Illuminate\Auth\Authenticatable;
use Illuminate\Contracts\Auth\Authenticatable as AuthenticatableContract;
use Illuminate\Database\Eloquent\Factories\HasFactory;
use Illuminate\Notifications\Notifiable;
use Laravel\Sanctum\HasApiTokens;

/**
 * Class User.
 */
class User extends BaseModel implements AuthenticatableContract
{
    use Authenticatable;
    use HasApiTokens, HasFactory, Notifiable;

    public $timestamps = false;
    public $hidden = ['password'];

    protected $fillable = ['password', 'grade', 'name', "gender", "mobile", "email", "wechat", "qq", "url", "remark", "setting"];

    protected $primaryKey = 'user_id';

    protected $table = 'user';

}

 

创建路由routers/api.php.

use Illuminate\Support\Facades\Route;

// 不需要权限
Route::post('/user/login', [\App\Http\Controllers\api\UserController::class, 'login']);

// 以下接口都需要权限
Route::group(['namespace' => 'App\Http\Controllers\api', 'middleware' => 'auth:sanctum'], function() {

    // user.
    Route::post('/user/update/{id}', 'UserController@update');
    Route::post('/user/update_self', 'UserController@update_self');
    Route::get('/user/show/{id}', 'UserController@show');
    Route::get('/user/info', 'UserController@info');
    Route::get('/user/list', 'UserController@index');

});

 

 

 

标签: Laravel

Laravel 自定义用户登陆认证

2025-04-14

遇到一个问题。老系统的密码是用md5加密。现在要用Laravel读取老系统数据库并编写API. 这就需要修改密码验证器了。

打开config/auth.php

将users.driver 修改为custom

    'providers' => [
        'users' => [
            'driver' => 'custom',
            'model' => env('AUTH_MODEL', App\Models\User::class),
        ],

        // 'users' => [
        //     'driver' => 'database',
        //     'table' => 'users',
        // ],
    ],

进入bootstrap/providers.php 增加一个providers

<?php

return [
    ....,
    App\Providers\AuthServiceProvider::class,
];

 

创建文件app/Providers/AuthServiceProvider.php

<?php
namespace App\Providers;
use Illuminate\Support\Facades\Auth;
use Illuminate\Foundation\Support\Providers\AuthServiceProvider as ServiceProvider;

class AuthServiceProvider extends ServiceProvider
{
    /**
     * Register any application authentication / authorization services.
     *
     * @return  void
     */
    public function boot()
    {
        $this->registerPolicies();

        Auth::provider('custom', function ($app, array $config) {

            // Return an instance of Illuminate\Contracts\Auth\UserProvider...
            return new AuthProvider();
        });
    }
}

 

然后再创建AuthProvider.app/Providers/AuthProvider.php

<?php
namespace App\Providers;

use App\Models\User;
use Illuminate\Contracts\Auth\Authenticatable;
use Illuminate\Contracts\Auth\UserProvider;

class AuthProvider implements UserProvider
{
    public function retrieveById($identifier) {
        return Administrator::find($identifier)->first();
    }
    public function retrieveByToken($identifier, $token) {
    }
    public function updateRememberToken(Authenticatable $user, $token) {
        return $user->setRememberToken($token);
    }
    public function retrieveByCredentials(array $credentials) {
        if (empty($credentials)) {
            return;
        }
        $user = User::where('username', $credentials['username'])->first();
        return $user;
    }
   // 此处为自定义认证
    public function validateCredentials(Authenticatable $user, array $credentials) {
        return md5($credentials['username'] . md5($credentials['password'])) == $user->getAuthPassword();
    }
    public function rehashPasswordIfRequired(Authenticatable $user, array $credentials, bool $force = false) {
    }

}

 

标签: Laravel