快速入门Lumen5.8+dingo2.2+lumen-passport鉴权client_credentials

其他 2021-11-23 02:15
0 阅读

使用lumen进行api开发,实现api的鉴权,查找到的文档基本上都是password的模式验证,千篇一律,详细如何请求,如何验证都一笔跳过,本人在实践过程中踩了不少坑,所以编写此篇文章,希望其他同学勿再入同样的坑。

一、安装Lumen

composer create-project --prefer-dist laravel/laravel app_name
  • 配置应用秘钥

      在App\Console\Commands下添加一下内容的KeyGenerateCommand.php文件

<?php
namespace App\Console\Commands;
use Illuminate\Console\Command;

class KeyGenerateCommand extends Command
{
    /**
     * The name and signature of the console command.
     *
     * @var string
     */
    protected $signature = 'key:generate';

    /**
     * The console command description.
     *
     * @var string
     */
    protected $description = 'Set the application key';

    /**
     * Execute the console command.
     *
     * @return void
     */
    public function handle()
    {
        $key = $this->generateRandomKey();

        file_put_contents(base_path('.env'), preg_replace(
            '/^APP_KEY=[\w]*/m',
            'APP_KEY='.$key,
            file_get_contents(base_path('.env'))
        ));

        $this->info("Application key [$key] set successfully.");
    }

    /**
     * Generate a random key for the application.
     *
     * @return string
     */
    protected function generateRandomKey()
    {
        return str_random(32);
    }

}
  •  指令注入
// 修改App\Console下的Kernel.php
protected $commands = [
    //注入指令
    'App\Console\Commands\KenGenerateCommand',
]
  •  控制台执行密钥生成命令
php artisan key:generate

二、安装dingo

  • 安装dingo扩展 
composer require dingo/api
  • 注册服务提供者 
### bootstrap/app.php中注册
$app->register(Dingo\Api\Provider\LumenServiceProvider::class);
### 具体配置以及多版本设置可参考Dingo API的官方文档

   https://learnku.com/docs/dingo-api/2.0.0/Installation/1443 

  • 创建路由 
### 为避免路由冲突,在router/web.php创建dingo/api的专属路由
### 注册实例
$api = app('Dingo\Api\Routing\Router')
### 使用$api接替原有的$router
### 如下路由
$api->version('v1', function($api) {
    return response('this is version v1');
})

三、安装Lumen-passport

  • 安装lumen-passport扩展 
### 注意版本兼容
composer require dusterio/lumen-passport
  • 修改bootstrap/app.php文件 
<?php
// 取消如下配置的注释
$app->withFacades();
$app->withEloquent();
$app->register(App\Providers\AppServiceProvider::class);
$app->register(App\Providers\AuthServiceProvider::class);

// 加载配置文件config/auth.php
// 可将vendor/laravel/config文件夹复制到项目根目录
$app->configure('auth');

// 开启并修改默认认证中间件并增加client_credentials验证的中间件
// 因为本人使用了passport的client_credentials凭证
$app->routeMiddleware([
    'auth' => App\Http\Middleware\Authenticate::class,
    'client' => \Laravel\Passport\Http\Middleware\CheckClientCredentials::class
]);

// 新增passport注册
$app->register(Laravel\Passport\PassportServiceProvider::class);
$app->register(Dusterio\LumenPassport\PassportServiceProvider::class);
  • 修改auth.php配置 
// 修改如下
'guards' => [
    'api' => [
        'driver' => 'passport',
        'provider' => 'passport-provider'
    ],
],

'providers' => [
    'passport-provider' => [
        'driver' => 'eloquent',
        'model' => \App\User::class
    ]
],
  • 增加HasApiTokens Trait 到user model 
// lumen的默认路径 app/user.php
/// 添加HasApiTokens
use Laravel\Passport\HasApiTokens;
class User extends Model implements AuthenticatableContract, AuthorizableContract
{
    use Authenticatable, Authorizable, HasApiTokens;
}

四、创建数据表和客户端

### 控制台执行命令
### 创建数据表
php artisan migrate
### 创建客户端
php artisan passport:client --client
### 会生成client_credentials的client_id和client_secret

五、获取令牌Token

### 因passport自带oauth路由,无需新建路由
### 获取token,本人使用postman测试接口
### 请求url: 域名/oauth/token 请求方式: POST
### 注意:不能以参数的形式请求,应模拟表单提交,postman->body->x-www-form-urlencode
### 具体参数: client_id: 步骤四生成的client_id; client_secret:同上, grrant_type: client_credentials
### 返回结果:
{
    "token_type": "Bearer",
    "expires_in": 31622399,
    "access_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImp0aSI6IjUwZWJiYWRhYzVjNTFmOTJiMzcwNGI5MjM0ODQxNWUzZDhiMzdiYmE1Nzk4ZmIxYmY4Y2VkODA1YmMwZGI4MTgxOGQ1ZTAwNTI3MjdjZWFhIn0.eyJhdWQiOiIzIiwianRpIjoiNTBlYmJhZGFjNWM1MWY5MmIzNzA0YjkyMzQ4NDE1ZTNkOGIzN2JiYTU3OThmYjFiZjhjZWQ4MDViYzBkYjgxODE4ZDVlMDA1MjcyN2NlYWEiLCJpYXQiOjE1Njk1NjQ3MjQsIm5iZiI6MTU2OTU2NDcyNCwiZXhwIjoxNjAxMTg3MTI0LCJzdWIiOiIiLCJzY29wZXMiOltdfQ.Kif33MaoPypJN2WNofILA2PKu_YsX7ArAzK9PCxksaiUrQHVUb5a9LdhBdvMLHaQ5gMn8KvkChKkG5xFWjI5Z8ARUEw7ucdYAW0-lfnxNvDf_Z9KOMdNZWXYYyY4t-4UYqhlRcZWclm4fEHkTWj60RLqYSlnArc0C6cKM_LYDjREHN1VJc_1hAN60uUgxBxAjLC5cMCtNlrZkrgm390UTPcUxTD_6N3a2wsLOKPJF9dz235WE_PZ2_SwMl-xaBQWgpu2pxFk1D8LSIB-q-v4eCJthXsWuTFmWJePr5Y8_hvV7Rlv-2y-4xYjt0okg_umcPputUixMunQ8nTYP2OI5DwO8veiaqrh87hsxeshvM4KXMiUgbgi73fLmS5uwhwVm-Klq4QZDJGcM6Vqj-CFwW3TAFbT0HimjZt5DiTgHdPpaTla6k4TO-ZV232HwnD1iyG90sCez2ZI2v4ab_RShGfvHh6njC_nfjEcaduweKVy2KJuYv_EvmVe94VKoYjC7MsUwm-OyNirvN3oGztvi6vnb2XGndLtmsEgmEJjD5l2oimKhKdEiinGW2RV7bindBpbI8d4Yx23yenz02pXiZHq4Rl6AJQq0kKOmnYATWVooEPJ-r051ykrcI8_VNSMC-wnr6E_iLou8jnbCUxBlwolUUBnZ7BOj5W5_Gt63Nc"
}

六、Token验证 

扫描二维码关注公众号,回复: 13302121 查看本文章
  • 创建路由
$api->get('test', ['middleware' => 'client', function() use ($api) {
    return response('auth success');
}]);
/*// 特别注意 //*/
/*// lumen中必须以此格式使用client的中间件 //*/
/*// 文档中也没说明,尝试了好久发现 //*/
// 错误示范1:Undefined variable: closure 【报错】
$api->get('test', ['middleware' => 'client'], function () {
    return response('auth success');
});
// 错误示范2:middleware not exits 【报错】
$api->get('test', function () {
    return response('auth success');
})>middleware('client');

至此lumen的passport client_credentials凭证验证基本完成。谨以此预防同我一样入坑的同学

猜你喜欢

目录

热门文章