php Laravel 什么是守卫?
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/34896130/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Laravel What is a guard?
提问by user1157885
I was looking through the built in auth controllers and I noticed they use something called "Guards". Up until now whenever I made my own logins/register forms I never touched these and would usually just do things like:
我正在查看内置的 auth 控制器,我注意到他们使用了一种叫做“Guards”的东西。到目前为止,每当我制作自己的登录/注册表单时,我从未接触过这些,通常只会做以下事情:
Auth::attempt()
without any type of guard. I've tried looking up what exactly it is but I couldn't really find any information on it, could someone explain to me what the purpose of the guards are?
没有任何类型的守卫。我试过查查它到底是什么,但我真的找不到任何关于它的信息,有人可以向我解释一下守卫的目的是什么吗?
回答by Theson
They're the definition of how the system should store and retrieve information about your users.
它们定义了系统应如何存储和检索有关用户的信息。
You can find the configuration in your config/auth.phpfile. A web guard is the traditional cookie store - so that web guard instructs Laravel to store and retrieve session information the classic way. The API guard, on the other hand, uses tokens. So you would use the API guard if you want to authenticate users and requests using an API token in the header (bearer) or query parameter.
您可以在config/auth.php文件中找到配置。Web 守卫是传统的 cookie 存储 - 因此 Web 守卫指示 Laravel 以经典方式存储和检索会话信息。另一方面,API 守卫使用令牌。因此,如果您想使用标头(承载)或查询参数中的 API 令牌对用户和请求进行身份验证,则可以使用 API 防护。
You can also create your own guardif you wish, and there's also this good introductory blog poston the topic by Matt Stauffer.
回答by sachinsuthariya
A guard is a way of supplying the logic that is used to identify authenticated users. Laravel provides different guards like sessions and tokens. The session guard maintains the state of the user in each request by cookies, and on the other hand, the token guard authenticates the user by checking a valid token in every request.
守卫是一种提供用于识别经过身份验证的用户的逻辑的方式。Laravel 提供了不同的守卫,比如会话和令牌。会话守卫通过 cookie 维护每个请求中用户的状态,另一方面,令牌守卫通过检查每个请求中的有效令牌来验证用户。
回答by debite
Since I had the same question and the other answers did not provide me the information I was looking for (they explain perfectly what a guard does, but not why you should ever worry about calling its methods), I will provide another answer.
由于我有同样的问题,而其他答案没有为我提供我正在寻找的信息(它们完美地解释了守卫的作用,但没有解释为什么您应该担心调用其方法),我将提供另一个答案。
I was also unsure about the difference between methods provided by the auth()helper and methods provided by the guard itself auth()->guard(), as they seemed to do the same.
我也不确定auth()helper 提供的方法和守卫本身提供的方法之间的区别auth()->guard(),因为它们似乎做同样的事情。
A quick dd(auth())reveals that it returns an instance of AuthManager. So we can look up that class in the source code: On the bottom of AuthManager.phpthere is a __call()magic methodwhich forwards all undefined calls to its own guard()method.
快速dd(auth())显示它返回 的实例AuthManager。所以我们可以在源代码中查找那个类: 在AuthManager.php的底部有一个__call()魔法方法,它将所有未定义的调用转发到它自己的guard()方法。
public function __call($method, $parameters)
{
return $this->guard()->{$method}(...$parameters);
}
This clearly shows us that the methods of auth()and auth()->guard()not only seem to do the same, but are exactly the same. So as long as the default guard should be used, an additional ->guard()can be omitted with peace of mind.
这清楚地向我们表明,auth()和的方法auth()->guard()不仅看起来相同,而且完全相同。因此,只要应该使用默认的守卫,->guard()就可以放心地省略额外的守卫。
回答by Hasnain Abid Khanzada
Guard role is to authenticate routes
Guard 的作用是验证路由
- Web guard will authenticate web routes
- Api guard will authenticate api routes.
- For other user types e.g Admin guard will authenticate admin routes and so on.
- Web 守卫将验证 Web 路由
- Api 守卫将验证 api 路由。
- 对于其他用户类型,例如管理员守卫将验证管理员路由等。
