{"id":27671,"date":"2021-05-11T13:13:00","date_gmt":"2021-05-11T10:13:00","guid":{"rendered":"https:\/\/themewp.inform.click\/?p=27671"},"modified":"2021-10-17T05:04:03","modified_gmt":"2021-10-17T02:04:03","slug":"hur-man-anvander-laravel-passport-for-rest-api-autentisering","status":"publish","type":"post","link":"https:\/\/themewp.inform.click\/sv\/hur-man-anvander-laravel-passport-for-rest-api-autentisering\/","title":{"rendered":"Hur man anv\u00e4nder Laravel Passport f\u00f6r REST API-autentisering"},"content":{"rendered":"

I dagens webbutveckling \u00e4r API: er eller webbtj\u00e4nster mycket popul\u00e4ra. Medan utvecklingen av en mobilapplikation spelar API en roll f\u00f6r att \u00f6verf\u00f6ra data mellan mobilapplikation och webb. Att h\u00e5lla API: er samtals\u00e4kra och autentiserade \u00e4r viktigt f\u00f6r att skydda data som \u00f6verf\u00f6rs mellan applikation till applikation.<\/p>\n

I den h\u00e4r artikeln studerar vi om Laravel Passport som g\u00f6r det m\u00f6jligt f\u00f6r oss att autentisera API: er. Pass \u00e4r byggt p\u00e5 toppen av OAuth2-servern vilket \u00e4r mycket s\u00e4krare p\u00e5 det s\u00e4tt som det bygger.<\/p>\n

N\u00e4r vi hanterade API: n skickade vi en \u00e5tkomsttoken f\u00f6r att verifiera om den inkommande beg\u00e4ran \u00e4r giltig. Om det \u00e4r auktoriserat b\u00f6r endast det till\u00e5ta interaktion med applikationen. Laravel pass ger ett bekv\u00e4mt s\u00e4tt att skapa och verifiera token mot API-samtalet.<\/p>\n

Installation<\/h3>\n

F\u00f6r att komma ig\u00e5ng antar vi att du har installerat Laravel p\u00e5 ditt system. F\u00f6r att installera passet, k\u00f6r kommandot nedan i terminalen.<\/p>\n

composer require laravel\/passport<\/code><\/pre>\n
Ovanf\u00f6r kommandot skulle fungera med den senaste versionen av Laravel. Om du k\u00f6r \u00e4ldre version kommer kommandot att vara n\u00e5got annorlunda beroende p\u00e5 din Laravel-version. Till exempel, om har Laravel 5.5 installerat b\u00f6r ditt kommando vara:<\/p>\n
composer require laravel\/passport=~4.0<\/code><\/pre>\n
Detta kommando skapar en egen databasmigreringskatalog. Dessa migreringar skapar tabeller som lagrar klienterna och \u00e5tkomsttoken.<\/p>\n
config\/app.php<\/code>Registrera Passport-tj\u00e4nsteleverant\u00f6ren i din fil i leverant\u00f6rsarrangemanget.<\/p>\n
config \/ app.php<\/p>\n
'providers' =>[\n\u00a0\u00a0....\n\u00a0\u00a0LaravelPassportPassportServiceProvider::class,\n],<\/code><\/pre>\n
L\u00e5t oss k\u00f6ra migreringen som skapar databastabellerna f\u00f6r Passport.<\/p>\n
php artisan migrate<\/code><\/pre>\n
Nu, om du g\u00e5r till din databasklient, kommer du att m\u00e4rka de nya tabellerna som skapats i din databas.<\/p>\n
\"Hur<\/a><\/p>\n
K\u00f6r sedan kommandot nedan som skapar krypteringsnycklar f\u00f6r att generera s\u00e4ker \u00e5tkomsttoken. Kommandot nedan skapar ”personlig \u00e5tkomst" och ”l\u00f6senordstilldelning” -klienter som lagras i tabellen oauth_clients<\/code>.<\/p>\n
php artisan passport:install<\/code><\/pre>\n
\"Hur<\/a><\/p>\n
Anv\u00e4ndaren kan kopiera dessa tokens f\u00f6r n\u00e4sta steg. Egentligen kommer vi att se tv\u00e5 s\u00e4tt att skapa \u00e5tkomsttoken. Det ena \u00e4r genom detta "l\u00f6senord bevilja" klienter och en annan \u00e4r p\u00e5 inloggningsautentisering.<\/p>\n
Passkonfiguration<\/h3>\n
G\u00e5 till Laravel-katalogerna och \u00f6ppna AppUser<\/code>modellfilen. I den h\u00e4r filen m\u00e5ste vi l\u00e4gga till LaravelPassportHasApiTokens<\/code>egenskaper.<\/p>\n
app \/ User.php<\/strong>.<\/p>\n
<?php\n\u00a0\nnamespace App;\n\u00a0\nuse LaravelPassportHasApiTokens;\nuse IlluminateNotificationsNotifiable;\nuse IlluminateFoundationAuthUser as Authenticatable;\n\u00a0\nclass User extends Authenticatable\n{\n\u00a0\u00a0\u00a0\u00a0use HasApiTokens, Notifiable;\n\u00a0\u00a0\u00a0\u00a0....\n}<\/code><\/pre>\n
Efter detta m\u00e5ste vi anropa Passport::routes<\/code>metoden i boot<\/code>metoden f\u00f6r AuthServiceProvider<\/code>.<\/p>\n
app \/ Providers \/ AuthServiceProvider.php<\/strong><\/p>\n
<?php\n\u00a0\nnamespace AppProviders;\n\u00a0\nuse LaravelPassportPassport;\nuse IlluminateSupportFacadesGate;\nuse IlluminateFoundationSupportProvidersAuthServiceProvider as ServiceProvider;\n\u00a0\nclass AuthServiceProvider extends ServiceProvider\n{\n\u00a0\u00a0\u00a0\u00a0\/**\n\u00a0\u00a0\u00a0\u00a0\u00a0* The policy mappings for the application.\n\u00a0\u00a0\u00a0\u00a0\u00a0*\n\u00a0\u00a0\u00a0\u00a0\u00a0* @var array\n\u00a0\u00a0\u00a0\u00a0\u00a0*\/\n\u00a0\u00a0\u00a0\u00a0protected $policies = [\n\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0'AppModel' => 'AppPoliciesModelPolicy',\n\u00a0\u00a0\u00a0\u00a0];\n\u00a0\n\u00a0\u00a0\u00a0\u00a0\/**\n\u00a0\u00a0\u00a0\u00a0\u00a0* Register any authentication \/ authorization services.\n\u00a0\u00a0\u00a0\u00a0\u00a0*\n\u00a0\u00a0\u00a0\u00a0\u00a0* @return void\n\u00a0\u00a0\u00a0\u00a0\u00a0*\/\n\u00a0\u00a0\u00a0\u00a0public function boot()\n\u00a0\u00a0\u00a0\u00a0{\n\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0$this->registerPolicies();\n\u00a0\n\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0Passport::routes();\n\u00a0\u00a0\u00a0\u00a0}\n}<\/code><\/pre>\n
\u00c4ntligen, i config\/auth.php<\/code>filen st\u00e4ller du in ’drivrutinsalternativet f\u00f6r’ api ’autentiseringsvakt till’ pass ’enligt f\u00f6ljande:<\/p>\n
config \/ auth.php<\/strong><\/p>\n
'guards' => [\n\u00a0\u00a0\u00a0\u00a0'web' => [\n\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0'driver' => 'session',\n\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0'provider' => 'users',\n\u00a0\u00a0\u00a0\u00a0],\n\u00a0\n\u00a0\u00a0\u00a0\u00a0'api' => [\n\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0'driver' => 'passport',\n\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0'provider' => 'users',\n\u00a0\u00a0\u00a0\u00a0],\n],<\/code><\/pre>\n
Skapa REST API och skydda det med Laravel Passport<\/h3>\n
Laravel skapar en fil routes\/api.php<\/code>d\u00e4r vi ska deklarera v\u00e5ra REST API: er slutpunkt. Vi kan skydda v\u00e5rt API genom att l\u00e4gga till middleware auth:api<\/code>till det.<\/p>\n
rutter \/ api.php<\/strong><\/p>\n
Route::get('\/api\/categories', 'ApiController@categories')->middleware('auth:api');<\/code><\/pre>\n
F\u00f6r flera slutpunkter beh\u00f6ver vi inte l\u00e4gga till mellanprogram varje g\u00e5ng. Ist\u00e4llet kan vi g\u00f6ra det enligt f\u00f6ljande:<\/p>\n
Route::group(['middleware' => 'auth:api'], function(){\n\u00a0\u00a0\u00a0\u00a0Route::get('products', 'ApiController@products');\n\u00a0\u00a0\u00a0\u00a0Route::get('categories', 'ApiController@categories');\n});<\/code><\/pre>\n
Eftersom v\u00e5ra slutpunkter "produkter" \u00e4r skyddade om vi kallar det direkt utan auktoriseringstoken f\u00e5r vi ett "obeh\u00f6rigt" svar.<\/p>\n
\"Hur<\/a><\/p>\n
Det betyder att n\u00e4r du ringer till API \u00e4r det viktigt att skicka auktoriseringstoken i varje beg\u00e4ran. S\u00e5, Passport kommer att verifiera token och returnera svaret.<\/p>\n
Skapa \u00e5tkomsttoken f\u00f6r API<\/h3>\n
Det finns flera s\u00e4tt att skapa en \u00e5tkomsttoken f\u00f6r applikationen. Vi kommer att se 2 av dem f\u00f6r denna handledning.<\/p>\n
F\u00f6rsta alternativet<\/h4>\n
P\u00e5 ett f\u00f6rsta s\u00e4tt m\u00e5ste du ringa till \/ oauth \/ token med n\u00f6dv\u00e4ndiga parametrar och du f\u00e5r token som svar.<\/p>\n
Vi antar att du anv\u00e4nder ett Guzzle HTTP-bibliotek<\/a> f\u00f6r att g\u00f6ra API-beg\u00e4ran. L\u00e5t oss s\u00e4ga att du har ett annat projekt fr\u00e5n vilket du g\u00f6r API-beg\u00e4ran.<\/p>\n
<?php\nrequire_once \"vendor\/autoload.php\";\n\u00a0\nuse GuzzleHttpClient;\n\u00a0\n$client = new Client([\n\u00a0\u00a0\u00a0\u00a0\/\/ Base URI is used with relative requests\n\u00a0\u00a0\u00a0\u00a0'base_uri' => 'http:\/\/laravel.dev',\n]);\n\u00a0\n$response = $client->post('\/oauth\/token', [\n\u00a0\u00a0\u00a0\u00a0'form_params' => [\n\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0'grant_type' => 'password',\n\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0'client_id' => '2',\n\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0'client_secret' => '8qyKG7WKb3O3FZh2hUyEOZ3dAj5l9S5ljn2bdeJf',\n\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0'username' => 'sajid@test.com',\n\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0'password' => 'my_password',\n\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0'scope' => '*',\n\u00a0\u00a0\u00a0\u00a0],\n]);\n\u00a0\n$arr_result = json_decode((string) $response->getBody(), true);<\/code><\/pre>\n
Ovan kod returnerar en matris som inneh\u00e5ller nyckeln ’access_token’. Parametrarna client_id och client_secret vi fick n\u00e4r vi k\u00f6r passport:install<\/code>. Du kan ocks\u00e5 f\u00e5 dessa uppgifter fr\u00e5n din databastabell ’oauth_clients’.<\/p>\n
F\u00f6rs\u00f6k igen fr\u00e5n brevb\u00e4raren genom att skicka access_token till slutproduktens ” slutpunkt ” s\u00e5 ska vi f\u00e5 svaret.<\/p>\n
\"Hur<\/a><\/p>\n
I sj\u00e4lva verket m\u00e5ste du ringa detta API som nedan:<\/p>\n
$response = $client->get('\/products', [\n\u00a0\u00a0\u00a0\u00a0'headers' => [\n\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0'Authorization' => 'Bearer '.$access_token,\n\u00a0\u00a0\u00a0\u00a0]\n]);\n\u00a0\n$arr_result = json_decode((string) $response->getBody(), true);<\/code><\/pre>\n
Andra alternativet<\/h4>\n
I det f\u00f6rsta alternativet b\u00f6r du k\u00e4nna till client_id och client_secret f\u00f6r att generera din token. Detta kan inte vara ett bekv\u00e4mt s\u00e4tt i vissa scenarier. Passport ger ett annat alternativ att generera \u00e5tkomsttoken endast genom inloggningsuppgifter.<\/p>\n
I v\u00e5r ApiController.php<\/code>l\u00e4gga till inloggningsmetod med post beg\u00e4ran och skriva under koden i den.<\/p>\n
<?php\n\u00a0\nnamespace AppHttpControllers;\n\u00a0\nuse IlluminateHttpRequest;\nuse IlluminateSupportFacadesStorage;\nuse IlluminateSupportFacadesAuth;\n\u00a0\nclass ApiController extends Controller\n{\n\u00a0\u00a0\u00a0\u00a0public function login(){ \n\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0if(Auth::attempt(['email' => request('email'), 'password' => request('password')])){ \n\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0$user = Auth::user(); \n\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0$success['token'] =\u00a0 $user->createToken('MyApp')-> accessToken; \n\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0return response()->json(['success' => $success], 200); \n\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0} \n\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0else{ \n\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0return response()->json(['error'=>'Unauthorised'], 401); \n\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0} \n\u00a0\u00a0\u00a0\u00a0}<\/code><\/pre>\n
F\u00f6r att g\u00f6ra detta API-samtal m\u00e5ste vi registrera en rutt f\u00f6r det.<\/p>\n
rutter \/ api.php<\/strong><\/p>\n
Route::post('login', 'ApiController@login');<\/code><\/pre>\n
Anv\u00e4ndaren kan g\u00f6ra en HTTP-postf\u00f6rfr\u00e5gan till detta API genom att skriva koden nedan:<\/p>\n
$response = $client->post('\/api\/login', [\n\u00a0\u00a0\u00a0\u00a0'form_params' => [\n\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0'email' => 'sajid@test.com',\n\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0'password' => 'my_password'\n\u00a0\u00a0\u00a0\u00a0],\n]);\n\u00a0\n$arr_result = json_decode((string) $response->getBody(), true);<\/code><\/pre>\n
\"Hur<\/a><\/p>\n
Vi hoppas att du f\u00f6rst\u00e5r anv\u00e4ndningen av Laravel Passport f\u00f6r REST API-autentisering. Vi vill h\u00f6ra dina tankar i kommentarf\u00e4ltet nedan. Vi rekommenderar ocks\u00e5 att du g\u00e5r igenom artikeln Laravel API Tutorial: Hur man bygger och testar ett RESTful API<\/a> som vi tyckte var anv\u00e4ndbart f\u00f6r l\u00e4sare.<\/p>\n
Inspelningsk\u00e4lla:  artisansweb.net<\/a><\/div><\/p>\n","protected":false},"excerpt":{"rendered":"
Vill du implementera Laravel Passport i din ans\u00f6kan? I den h\u00e4r artikeln visar vi ypu hur du installerar Passport, konfigurerar det och hur du anv\u00e4nder det.<\/p>\n","protected":false},"author":1,"featured_media":22200,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":"","_wp_rev_ctl_limit":""},"categories":[503],"tags":[850],"class_list":["post-27671","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-laravel2-10","tag-affiai-sv"],"_links":{"self":[{"href":"https:\/\/themewp.inform.click\/sv\/wp-json\/wp\/v2\/posts\/27671","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/themewp.inform.click\/sv\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/themewp.inform.click\/sv\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/themewp.inform.click\/sv\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/themewp.inform.click\/sv\/wp-json\/wp\/v2\/comments?post=27671"}],"version-history":[{"count":0,"href":"https:\/\/themewp.inform.click\/sv\/wp-json\/wp\/v2\/posts\/27671\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/themewp.inform.click\/sv\/wp-json\/wp\/v2\/media\/22200"}],"wp:attachment":[{"href":"https:\/\/themewp.inform.click\/sv\/wp-json\/wp\/v2\/media?parent=27671"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/themewp.inform.click\/sv\/wp-json\/wp\/v2\/categories?post=27671"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/themewp.inform.click\/sv\/wp-json\/wp\/v2\/tags?post=27671"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}