在Debian上配置Laravel API认证可以通过多种方式实现,其中最常见的是使用Passport进行认证。以下是详细的步骤指南:
首先,确保你已经安装了Laravel。如果还没有安装,可以使用以下命令:
sudo apt update
sudo apt install composer
composer create-project --prefer-dist laravel/laravel your-project-name
cd your-project-name
Laravel Passport是一个完整的OAuth2服务器实现,可以用来进行API认证。安装Passport的步骤如下:
composer require laravel/passport
php artisan migrate
php artisan passport:install
php artisan passport:install命令会创建两个加密的密钥,这些密钥用于生成访问令牌。请确保将这些密钥保存在.env文件中:
PASSPORT_PRIVATE_KEY=your-private-key
PASSPORT_PUBLIC_KEY=your-public-key
在config/auth.php文件中,将默认的认证驱动更改为Passport:
'guards' => [
'api' => [
'driver' => 'passport',
'provider' => 'users',
],
],
创建一个API路由和一个控制器来处理认证请求。例如,在routes/api.php中添加以下路由:
Route::post('/login', 'Auth\LoginController@login');
Route::post('/logout', 'Auth\LoginController@logout')->middleware('auth:api');
Route::middleware('auth:api')->get('/user', 'Auth\LoginController@user');
然后,创建一个控制器来处理这些请求。你可以使用Artisan命令生成控制器:
php artisan make:controller Auth/LoginController
在app/Http/Controllers/Auth/LoginController.php中添加以下代码:
namespace App\Http\Controllers\Auth;
use App\Http\Controllers\Controller;
use Illuminate\Foundation\Auth\AuthenticatesUsers;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
class LoginController extends Controller
{
use AuthenticatesUsers;
public function __construct()
{
$this->middleware('guest:api')->except('logout');
}
public function login(Request $request)
{
$credentials = $request->only('email', 'password');
if (Auth::attempt($credentials)) {
$user = Auth::user();
$token = $user->createToken('MyApp')->accessToken;
return response()->json(['token' => $token], 200);
} else {
return response()->json(['error' => 'Unauthorized'], 401);
}
}
public function logout(Request $request)
{
Auth::logout();
$request->session()->invalidate();
return response()->json(['message' => 'Logged out successfully'], 200);
}
public function user()
{
return Auth::user();
}
}
如果你的API需要跨域请求,你需要配置CORS。可以使用fruitcake/laravel-cors包来处理:
composer require fruitcake/laravel-cors
然后在config/cors.php中进行配置:
return [
'paths' => ['api/*'],
'allowed_methods' => ['*'],
'allowed_origins' => ['*'],
'allowed_origins_patterns' => [],
'allowed_headers' => ['*'],
'exposed_headers' => [],
'max_age' => 0,
'supports_credentials' => false,
];
现在你可以测试你的API了。使用Postman或其他API测试工具发送请求:
登录请求:
http://your-domain.com/api/login{"email": "user@example.com", "password": "password"}获取用户信息请求:
http://your-domain.com/api/userAuthorization: Bearer your-access-token通过以上步骤,你就可以在Debian上配置Laravel API认证了。
