下面給大家介紹關(guān)于laravel passport 與手機(jī)短信登錄結(jié)合的問(wèn)題,希望對(duì)大家有所幫助!
準(zhǔn)備步驟
laravel passport 環(huán)境
怎么安裝 怎么使用 看文檔就行 這邊就記錄下和手機(jī)短信的坑 和 如何與 passport 結(jié)合
坑一
easy-sms 包 對(duì)接騰訊云 請(qǐng)用 1.3 版本 2.0 版本 會(huì)一致報(bào)錯(cuò)發(fā)不出去 我反復(fù)測(cè)試了好幾次 簡(jiǎn)直是坑死我了 并且 code 如果含有字母 他會(huì)提示我的簽名有問(wèn)題 實(shí)名 diss 下騰訊云的接口 簡(jiǎn)直是 無(wú)語(yǔ)死了
坑二
判斷驗(yàn)證碼匹配上,創(chuàng)建一個(gè)用戶,那么怎么給他 token 呢,百度了一堆方法,什么雜七雜八的都有,什么都試過(guò)了 要不只支持 laravel5 點(diǎn)幾 要不版本怎么樣 要不然怎么樣的 簡(jiǎn)直了
if ($innerVerificationCode==$verificationCode) {
//驗(yàn)證碼成功成功,判斷是由在數(shù)據(jù)庫(kù)中有此手機(jī)用戶,有立即給他token 沒(méi)有 創(chuàng)建后給他token
$user=User::query()->where('phone_number', $phoneNumber)->first();
if (!$user) {
$user = new User();
$user->name = $phoneNumber;
$user->phone_number= $phoneNumber;
$user->login_type=User::USER_LOGIN_TYPE_PHONE;
$user->password = bcrypt('12345678');
$user->save();
}
return $this->getToken($user, 'id');
}
// 原本一直在糾結(jié)如何不用賬號(hào)密碼直接給他 access_token 但是種種原因不是失敗了嗎 那就 api 請(qǐng)求下
public function getToken($user, $type)
{
$http = new \GuzzleHttp\Client();
$response = $http->post(config('app.url').'/api/fund/oauth/token', [
'form_params' => [
'grant_type' => 'password',
'username' => $user->$type,//用戶可以直接登錄的用戶名,配置后也可以是郵箱,5.8版本,這個(gè)默認(rèn)是注冊(cè)后的郵箱
'password' => '12345678',//用戶名對(duì)應(yīng)的密碼
'scope' => '*',
],
]);
return json_decode($response->getBody(), false);
}access_token 接口的代碼如下:
<?php
namespace App\Http\Controllers\Api;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\DB;
use Illuminate\Support\Facades\Hash;
use Psr\Http\Message\ServerRequestInterface;
use \Symfony\Component\HttpKernel\Exception\UnauthorizedHttpException;
use Validator;
class AccessTokenController extends \Laravel\Passport\Http\Controllers\AccessTokenController
{
/**
* Show User Token
*
* 獲取用戶登錄令牌信息
*
* @bodyParam username string required 用戶名 Example: [email protected]
* @bodyParam password string required 密碼 Example: 123456
* @bodyParam is_register boolean 是否為注冊(cè)操作 Example: true
* @bodyParam subscribe boolean 訂閱狀態(tài) Example: true
* @bodyParam grant_type string 授權(quán)類型默認(rèn)password No-example
* @bodyParam scope string 授權(quán)范圍默認(rèn)* No-example
* @responseFile responses/AccessToken.List.example2.json
*/
public function issueToken(ServerRequestInterface $rawRequest)
{
//獲取傳入?yún)?shù)
$request = collect($rawRequest->getParsedBody());
$validator = Validator::make($request->all(), [
'username' => 'required',
'password' => 'required',
])->validate();
$checkUser = \App\Models\User::where("id", $request->get("username"))->first();
if (!Hash::check($request->get("password"), $checkUser->password)) {
throw new UnauthorizedHttpException('Unauthenticated', "login failed,username error or password error");
}
$oauthClient = DB::table('oauth_clients')->where("password_client", 1)->first();
if (empty($oauthClient)) {
throw new \ErrorException('can not get oauth client information');
}
//獲取其他參數(shù)
$addRequest = [
'grant_type' => $request->get("grant_type", "password"),
'client_id' => $request->get("client_id", $oauthClient->id),
'client_secret' => $request->get("client_secret", $oauthClient->secret),
'scope' => $request->get("scope", "*"),
];
//重寫(xiě)傳入?yún)?shù)
$newRawRequest = $rawRequest->withParsedBody(array_merge($request->all(), $addRequest));
return parent::issueToken($newRawRequest);
}
/**
* revoke token
*
* 吊銷令牌
*
*/
public function revokeToken()
{
if(Auth::user()){
$tokenId = Auth::user()->token()->id;
$tokenRepository = app('Laravel\Passport\TokenRepository');
$tokenRepository->revokeAccessToken($tokenId);
}
return response('', 204);
}
}給自己記錄下 這個(gè)文章的文筆不好,隨便記錄下 現(xiàn)在時(shí)間忙
找到了另一種 更好的
<?php
namespace App\Traits;
//這里請(qǐng)引用自己的User Model
use App\Models\Users\User;
use DateTime;
use GuzzleHttp\Psr7\Response;
use Illuminate\Events\Dispatcher;
use Laravel\Passport\Bridge\AccessToken;
use Laravel\Passport\Bridge\AccessTokenRepository;
use Laravel\Passport\Bridge\Client;
use Laravel\Passport\Bridge\RefreshTokenRepository;
use Laravel\Passport\Bridge\Scope;
use Laravel\Passport\Passport;
use Laravel\Passport\TokenRepository;
use League\OAuth2\Server\CryptKey;
use League\OAuth2\Server\Entities\AccessTokenEntityInterface;
use League\OAuth2\Server\Exception\OAuthServerException;
use League\OAuth2\Server\Exception\UniqueTokenIdentifierConstraintViolationException;
use League\OAuth2\Server\ResponseTypes\BearerTokenResponse;
/**
* Trait PassportToken
*
* @package App\Traits
*/
trait PassportToken
{
/**
* Generate a new unique identifier.
*
* @param int $length
*
* @throws OAuthServerException
*
* @return string
*/
private function generateUniqueIdentifier($length = 40)
{
try {
return bin2hex(random_bytes($length));
// @codeCoverageIgnoreStart
} catch (\TypeError $e) {
throw OAuthServerException::serverError('An unexpected error has occurred');
} catch (\Error $e) {
throw OAuthServerException::serverError('An unexpected error has occurred');
} catch (\Exception $e) {
// If you get this message, the CSPRNG failed hard.
throw OAuthServerException::serverError('Could not generate a random string');
}
// @codeCoverageIgnoreEnd
}
private function issueRefreshToken(AccessTokenEntityInterface $accessToken)
{
$maxGenerationAttempts = 10;
$refreshTokenRepository = app(RefreshTokenRepository::class);
$refreshToken = $refreshTokenRepository->getNewRefreshToken();
$refreshToken->setExpiryDateTime((new \DateTimeImmutable())->add(Passport::refreshTokensExpireIn()));
$refreshToken->setAccessToken($accessToken);
while ($maxGenerationAttempts-- > 0) {
$refreshToken->setIdentifier($this->generateUniqueIdentifier());
try {
$refreshTokenRepository->persistNewRefreshToken($refreshToken);
return $refreshToken;
} catch (UniqueTokenIdentifierConstraintViolationException $e) {
if ($maxGenerationAttempts === 0) {
throw $e;
}
}
}
}
protected function createPassportTokenByUser(User $user, $clientId)
{
$accessTokenRepository = new AccessTokenRepository(new TokenRepository(), new Dispatcher());
$accessToken = $accessTokenRepository->getNewToken(new Client($clientId, null, null), [new Scope("*")], $user->id);
$accessToken->setIdentifier($this->generateUniqueIdentifier());
$accessToken->setClient(new Client($clientId, null, null));
$accessToken->setExpiryDateTime((new \DateTimeImmutable())->add(Passport::tokensExpireIn()));
$accessTokenRepository->persistNewAccessToken($accessToken);
$refreshToken = $this->issueRefreshToken($accessToken);
return [
'access_token' => $accessToken,
'refresh_token' => $refreshToken,
];
}
protected function sendBearerTokenResponse($accessToken, $refreshToken)
{
$response = new BearerTokenResponse();
$response->setAccessToken($accessToken);
$response->setRefreshToken($refreshToken);
$privateKey = new CryptKey('file://'.Passport::keyPath('oauth-private.key'),null,false);
$accessToken->setPrivateKey($privateKey);
$response->setPrivateKey($privateKey);
$response->setEncryptionKey(app('encrypter')->getKey());
return $response->generateHttpResponse(new Response);
}
/**
* @param User $user
* @param $clientId
* @param bool $output
* @return mixed|\Psr\Http\Message\ResponseInterface
*/
protected function getBearerTokenByUser(User $user, $clientId, $output = true)
{
$passportToken = $this->createPassportTokenByUser($user, $clientId);
$bearerToken = $this->sendBearerTokenResponse($passportToken['access_token'], $passportToken['refresh_token']);
if (! $output) {
$bearerToken = json_decode($bearerToken->getBody()->__toString(), true);
}
return $bearerToken;
}
}
$user=User::find(2);
$token = $this->getBearerTokenByUser($user,6,false);
return $token;
