多用户模型 Laravel JWT 身份验证
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/36839158/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Multiple User Models Laravel JWT Auth
提问by Yann1ck
I have to user models in my eloquent:
我必须在我的雄辩中使用模型:
- User
- OfficeUser
- 用户
- 办公用户
OfficeUser is in defined in the JWT config as standard model. Now I have written a Middleware for authenticate each of them
OfficeUser 在 JWT 配置中定义为标准模型。现在我已经编写了一个中间件来验证它们中的每一个
authUser:
授权用户:
public function handle($request, Closure $next)
{
Config::set('auth.providers.users.model', \App\User::class);
try {
if (! $user = JWTAuth::parseToken()->authenticate()) {
return response()->json(['user_not_found'], 404);
}
} catch (Tymon\JWTAuth\Exceptions\TokenExpiredException $e) {
return response()->json(['token_expired'], $e->getStatusCode());
} catch (Tymon\JWTAuth\Exceptions\TokenInvalidException $e) {
return response()->json(['token_invalid'], $e->getStatusCode());
} catch (Tymon\JWTAuth\Exceptions\JWTException $e) {
return response()->json(['token_absent'], $e->getStatusCode());
}
return $next($request);
}
authOfficeUser
授权用户
public function handle($request, Closure $next)
{
try {
if (! $user = JWTAuth::parseToken()->authenticate()) {
return response()->json(['user_not_found'], 404);
}
} catch (Tymon\JWTAuth\Exceptions\TokenExpiredException $e) {
return response()->json(['token_expired'], $e->getStatusCode());
} catch (Tymon\JWTAuth\Exceptions\TokenInvalidException $e) {
return response()->json(['token_invalid'], $e->getStatusCode());
} catch (Tymon\JWTAuth\Exceptions\JWTException $e) {
return response()->json(['token_absent'], $e->getStatusCode());
}
return $next($request);
}
Additionally I have a login function for each of them:
此外,我为他们每个人都有一个登录功能:
LoginUser
登录用户
if ($user){
if (Hash::check($request->password, $user->password)) {
// grab credentials from the request
$credentials = $request->only('email', 'password');
try {
// attempt to verify the credentials and create a token for the user
Config::set('auth.providers.users.model', \App\User::class);
if (! $token = JWTAuth::attempt($credentials)) {
return response()->json(['error' => 'invalid_credentials'], 401);
}
} catch (JWTException $e) {
// something went wrong whilst attempting to encode the token
return response()->json(['error' => 'could_not_create_token'], 500);
}
LoginOfficeUser
登录办公用户
if ($user){
if (Hash::check($request->password, $user->password)) {
// grab credentials from the request
$credentials = $request->only('email', 'password');
try {
// attempt to verify the credentials and create a token for the user
Config::set('auth.providers.users.model', \App\OfficeUser::class);
if (! $token = JWTAuth::attempt($credentials)) {
return response()->json(['error' => 'invalid_credentials'], 401);
}
} catch (JWTException $e) {
// something went wrong whilst attempting to encode the token
return response()->json(['error' => 'could_not_create_token'], 500);
}
Unfortunately when I login and try to call a route behind the authUser Middleware I get an "user_not_found"
不幸的是,当我登录并尝试调用 authUser 中间件后面的路由时,我得到一个“user_not_found”
Does anybody have an idea why this happens? OfficeUser authentication works fine
有人知道为什么会这样吗?OfficeUser 身份验证工作正常
回答by Amal Ajith
Posting for anyone who finds this questions
为发现此问题的任何人发帖
Although it's not recommended to have two user tables, but I had a similar requirement of setting up JWT with one of our clients. This is how I solved the issue.
虽然不建议有两个用户表,但我有一个类似的要求,即与我们的一个客户设置 JWT。这就是我解决问题的方法。
No need to make any changes to the providers in `config/auth.php'
无需对 `config/auth.php' 中的提供程序进行任何更改
'providers' => [
'users' => [
'driver' => 'eloquent',
'model' => App\User::class,
],
]
In your authentication controller, dynamically modify the model used by the providers by setting
在您的身份验证控制器中,通过设置动态修改提供者使用的模型
\Config::set('auth.providers.users.model', \App\Trainer::class);
\Config::set('auth.providers.users.model', \App\Trainer::class);
Example code
示例代码
In authenticate() method
在 authentication() 方法中
if ($credentials['user_type'] == 'consultant') {
\Config::set('auth.providers.users.model', \App\Trainer::class);
} else {
\Config::set('auth.providers.users.model', \App\User::class);
}
//Find the user
//Create the token
if ($user) {
$customClaims = ['user_type' => $credentials['user_type']];
$token = JWTAuth::fromUser($user,$customClaims);
} else {
return response()->json(['error' => 'invalid_credentials'], 401);
}
You will have to do the same while parsing the token to authenticate the user as well. Example code
在解析令牌以对用户进行身份验证时,您也必须这样做。示例代码
In getAuthenticatedUser() method
在 getAuthenticatedUser() 方法中
$payload = JWTAuth::parseToken()->getPayload();
$user_type = $payload->get('user_type');
if($user_type === 'consultant'){
\Config::set('auth.providers.users.model', \App\Trainer::class);
}else{
\Config::set('auth.providers.users.model', \App\User::class);
}
if (!$user = JWTAuth::parseToken()->authenticate()) {
return response()->json(['user_not_found'], 404);
}
回答by shavindip
You can change the __constructfunction in each of your controllers as follows. So that jwt know which model to authenticate.
您可以__construct按如下方式更改每个控制器中的功能。让 jwt 知道要验证哪个模型。
OfficeUserController
办公室用户控制器
function __construct()
{
Config::set('jwt.user', OfficeUser::class);
Config::set('auth.providers', ['users' => [
'driver' => 'eloquent',
'model' => OfficeUser::class,
]]);
}
