基于Laravel Auth自定义接口API用户认证的实现方法

use AppModelsUser;
use IlluminateContractsAuthAuthenticatable;
use IlluminateContractsAuthUserProvider as Provider;

class UserProvider implements Provider
{

/**

• Retrieve a user by their unique identifier.
• @param mixed $identifier
• @return IlluminateContractsAuthAuthenticatable|null
  */
  public function retrieveById($identifier)
  {
  return app(User::class)::getUserByGuId($identifier);
  }

/**

• Retrieve a user by their unique identifier and "remember me" token.
• @param mixed $identifier
• @param string $token
• @return IlluminateContractsAuthAuthenticatable|null
  */
  public function retrieveByToken($identifier,$token)
  {
  return null;
  }

/**

• Update the "remember me" token for the given user in storage.
• @param IlluminateContractsAuthAuthenticatable $user
• @param string $token
• @return bool
  */
  public function updateRememberToken(Authenticatable $user,$token)
  {
  return true;
  }

/**

• Retrieve a user by the given credentials.
• @param array $credentials
• @return IlluminateContractsAuthAuthenticatable|null
  */
  public function retrieveByCredentials(array $credentials)
  {
  if ( !isset($credentials['api_token'])) {
  return null;
  }

return app(User::class)::getUserByToken($credentials['api_token']);
}

/**

• Rules a user against the given credentials.
• @param IlluminateContractsAuthAuthenticatable $user
• @param array $credentials
• @return bool
  */
  public function validateCredentials(Authenticatable $user,array $credentials)
  {
  if ( !isset($credentials['api_token'])) {
  return false;
  }

return true;
}
}

use AppExceptionsRestApiException;
use AppModelsAbstractsRestApiModel;
use IlluminateContractsAuthAuthenticatable;

class User extends RestApiModel implements Authenticatable
{

protected $primaryKey = 'guid';

public $incrementing = false;

protected $keyType = 'string';

/**

• 获取唯一标识的，可以用来认证的字段名，比如 id，guid
• @return string
  */
  public function getAuthIdentifierName()
  {
  return $this->primaryKey;
  }

/**

• 获取主键的值
• @return mixed
  */
  public function getAuthIdentifier()
  {
  $id = $this->{$this->getAuthIdentifierName()};
  return $id;
  }

public function getAuthPassword()
{
return '';
}

public function getRememberToken()
{
return '';
}

public function setRememberToken($value)
{
return true;
}

public function getRememberTokenName()
{
return '';
}

protected static function getBaseUri()
{
return config('api-host.user');
}

public static $apiMap = [
'getUserByToken' => ['method' => 'GET','path' => 'login/user/token'],'getUserByGuId' => ['method' => 'GET','path' => 'user/guid/:guid'],];

/**

• 获取用户信息 (by guid)
• @param string $guid
• @return User|null
  */
  public static function getUserByGuId(string $guid)
  {
  try {
  $response = self::getItem('getUserByGuId',[
  ':guid' => $guid
  ]);
  } catch (RestApiException $e) {
  return null;
  }

return $response;
}

/**

• 获取用户信息 (by token)
• @param string $token
• @return User|null
  */
  public static function getUserByToken(string $token)
  {
  try {
  $response = self::getItem('getUserByToken',[
  'Authorization' => $token
  ]);
  } catch (RestApiException $e) {
  return null;
  }

return $response;
}
}

use IlluminateHttpRequest;
use IlluminateAuthGuardHelpers;
use IlluminateContractsAuthGuard;
use IlluminateContractsAuthUserProvider;

class UserGuard implements Guard

{
use GuardHelpers;

protected $user = null;

protected $request;

protected $provider;

/**

• The name of the query string item from the request containing the API token.
• @var string
  */
  protected $inputKey;

/**

• The name of the token "column" in persistent storage.
• @var string
  */
  protected $storageKey;

/**

• The user we last attempted to retrieve
• @var
  */
  protected $lastAttempted;

/**

• UserGuard constructor.
• @param UserProvider $provider
• @param Request $request
• @return void
  */
  public function __construct(UserProvider $provider,Request $request = null)
  {
  $this->request = $request;
  $this->provider = $provider;
  $this->inputKey = 'Authorization';
  $this->storageKey = 'api_token';
  }

/**

• Get the currently authenticated user.
• @return IlluminateContractsAuthAuthenticatable|null
  */
  public function user()
  {
  if(!is_null($this->user)) {
  return $this->user;
  }

$user = null;

$token = $this->getTokenForRequest();

if(!empty($token)) {
$user = $this->provider->retrieveByCredentials(
[$this->storageKey => $token]
);
}

return $this->user = $user;
}

/**

• Rules a user's credentials.
• @param array $credentials
• @return bool
  */
  public function validate(array $credentials = [])
  {
  if (empty($credentials[$this->inputKey])) {
  return false;
  }

$credentials = [$this->storageKey => $credentials[$this->inputKey]];

$this->lastAttempted = $user = $this->provider->retrieveByCredentials($credentials);

return $this->hasValidCredentials($user,$credentials);
}

/**

• Determine if the user matches the credentials.
• @param mixed $user
• @param array $credentials
• @return bool
  */
  protected function hasValidCredentials($user,$credentials)
  {
  return !is_null($user) && $this->provider->validateCredentials($user,$credentials);
  }

/**

• Get the token for the current request.
• @return string
  */
  public function getTokenForRequest()
  {
  $token = $this->request->header($this->inputKey);

return $token;
}

/**

• Set the current request instance.
• @param IlluminateHttpRequest $request
• @return $this
  */
  public function setRequest(Request $request)
  {
  $this->request = $request;

return $this;
}
}

// auth:api -> token guard.
// @throw Exception
Auth::extend('token',function($app,$name,array $config) {
if($name === 'api') {
return app()->make(UserGuard::class,[
'provider' => Auth::createUserProvider($config['provider']),'request' => $app->request,]);
}
throw new Exception('This guard only serves "auth:api".');
});
.
.
.

'defaults' => [
'guard' => 'api','passwords' => 'users',],/
|--------------------------------------------------------------------------
| Authentication Guards
|--------------------------------------------------------------------------
|
| Next,you may define every authentication guard for your application.
| Of course,a great default configuration has been defined for you
| here which uses session storage and the Eloquent user provider.
|
| All authentication drivers have a user provider. This defines how the
| users are actually retrieved out of your database or other storage
| mechanisms used by this application to persist your user's data.
|
| Supported: "session","token"
|
/

'guards' => [
'web' => [
'driver' => 'session','provider' => 'users','api' => [
'driver' => 'token','provider' => 'token',/
|--------------------------------------------------------------------------
| User Providers
|--------------------------------------------------------------------------
|
| All authentication drivers have a user provider. This defines how the
| users are actually retrieved out of your database or other storage
| mechanisms used by this application to persist your user's data.
|
| If you have multiple user tables or models you may configure multiple
| sources which represent each model / table. These sources may then
| be assigned to any extra authentication guards you have defined.
|
| Supported: "database","eloquent"
|
/

'providers' => [
'users' => [
'driver' => 'eloquent','model' => AppModelsUser::class,'token' => [
'driver' => 'token',/
|--------------------------------------------------------------------------
| Resetting Passwords
|--------------------------------------------------------------------------
|
| You may specify multiple password reset configurations if you have more
| than one user table or model in the application and you want to have
| separate password reset settings based on the specific user types.
|
| The expire time is the number of minutes that the reset token should be
| considered valid. This security feature keeps tokens short-lived so
| they have less time to be guessed. You may change this as needed.
|
/

'passwords' => [
'users' => [
'provider' => 'users','table' => 'password_resets','expire' => 60,];