islem-kms/l5-mauth-pass 问题修复 & 功能扩展

解决BUG、新增功能、兼容多环境部署,快速响应你的开发需求

邮箱:yvsm@zunyunkeji.com | QQ:316430983 | 微信:yvsm316

islem-kms/l5-mauth-pass

Composer 安装命令:

composer require islem-kms/l5-mauth-pass

包简介

A

README 文档

README

Add multi-authentication support to Laravel Passport

Compatibility

Laravel Passport
^2.0
^3.0

Installing and configuring

  • Install using composer:
composer require islem-kms/l5-mauth-pass
  • If you are using a Laravel version less than 5.5 you need to add the provider on config/app.php:
    'providers' => [
        ...
        IslemKms\PassportMultiauth\Providers\MultiauthServiceProvider::class,
    ],
  • Migrate database to create oauth_access_token_providers table:
php artisan migrate
  • Add new provider in config/auth.php using a model that extends of Authenticatable class and use HasApiTokens trait.

Ex.:

  • Configure your model:
<?php

use Illuminate\Database\Eloquent\Model;
use Illuminate\Notifications\Notifiable;
use Illuminate\Foundation\Auth\User as Authenticatable;
use Laravel\Passport\HasApiTokens;

class Admin extends Authenticatable
{
   use Notifiable, HasApiTokens;
  • And your config/auth.php providers:
<?php

return [
    ...

    'providers' => [
        'users' => [
            'driver' => 'eloquent',
            'model' => App\User::class,
        ],

        // ** New provider**
        'admins' => [
            'driver' => 'eloquent',
            'model' => App\Administrator::class,
        ],
    ],
];
  • Add a new guard in config/auth.php guards array using driver passport and the provider added above:
    'guards' => [
        'web' => [
            'driver' => 'session',
            'provider' => 'users',
        ],

        'api' => [
            'driver' => 'passport',
            'provider' => 'users',
        ],

        // ** New guard **
        'admin' => [
            'driver' => 'passport',
            'provider' => 'admins',
        ],
    ]
  • Register the middlewares AddCustomProvider and ConfigAccessTokenCustomProvider on $middlewareGroups attribute on app/Http/Kernel.
class Kernel extends HttpKernel
{
    ...

    /**
     * The application's route middleware groups.
     *
     * @var array
     */
    protected $middlewareGroups = [
        'web' => [
            \App\Http\Middleware\EncryptCookies::class,
            \Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class,
            \Illuminate\Session\Middleware\StartSession::class,
            // \Illuminate\Session\Middleware\AuthenticateSession::class,
            \Illuminate\View\Middleware\ShareErrorsFromSession::class,
            \App\Http\Middleware\VerifyCsrfToken::class,
            \Illuminate\Routing\Middleware\SubstituteBindings::class,
        ],

        'api' => [
            'throttle:60,1',
            'bindings',
            \Barryvdh\Cors\HandleCors::class,
            'custom-provider',
        ],

        'custom-provider' => [
            \IslemKms\PassportMultiauth\Http\Middleware\AddCustomProvider::class,
            \IslemKms\PassportMultiauth\Http\Middleware\ConfigAccessTokenCustomProvider::class,
        ]
    ];

    ...
}
  • Encapsulate the passport routes for access token with the registered middleware in AuthServiceProvider:
use Route;
use Laravel\Passport\Passport;

class AuthServiceProvider extends ServiceProvider
{
    ...
    
    /**
     * Register any authentication / authorization services.
     *
     * @return void
     */
    public function boot()
    {
        $this->registerPolicies();

        Passport::routes();

        // Middleware `api` that contains the `custom-provider` middleware group defined on $middlewareGroups above
        Route::group(['middleware' => 'api'], function () {
            Passport::routes(function ($router) {
                return $router->forAccessTokens();
            });
        });
    }
    ...
}

Optional: Publish migrations:

php artisan vendor:publish

And choose the provider IslemKms\PassportMultiauth\Providers\MultiauthServiceProvider

Usage

  • Add the provider parameter in your request at /oauth/token:
POST /oauth/token HTTP/1.1
Host: localhost
Accept: application/json, text/plain, */*
Content-Type: application/json;charset=UTF-8
Cache-Control: no-cache

{
    "username":"user@domain.com",
    "password":"password",
    "grant_type" : "password",
    "client_id": "client-id",
    "client_secret" : "client-secret",
    "provider" : "admins"
}
  • You can pass your guards on auth middleware as you wish. Example:
Route::group(['middleware' => ['api', 'auth:admin']], function () {
    Route::get('/admin', function ($request) {
        // Get the logged admin instance
        return $request->user(); // You can use too `$request->user('admin')` passing the guard.
    });
});

The api guard use is equals the example with admin.

  • You can pass many guards to auth middleware.

OBS: To pass many you need pass the api guard on end of guards and the guard api as parameter on $request->user() method. Ex:

// `api` guard on end of guards separated by comma
Route::group(['middleware' => ['api', 'auth:admin,api']], function () {
    Route::get('/admin', function ($request) {
        // Passing `api` guard to `$request->user()` method
        // The instance of user authenticated (Admin or User in this case) will be returned
        return $request->user('api');
    });
});

Refreshing tokens

  • Add the provider parameter in your request at /oauth/token:
POST /oauth/token HTTP/1.1
Host: localhost
Accept: application/json, text/plain, */*
Content-Type: application/json;charset=UTF-8
Cache-Control: no-cache

{
    "grant_type" : "refresh_token",
    "client_id": "client-id",
    "client_secret" : "client-secret",
    "refresh_token" : "refresh-token",
    "provider" : "admins"
}

Using scopes

  • If you are using more than one guard on same route, use the following package middlewares instead of using the scope and scopes middlewares from Laravel\Passport.
protected $routeMiddleware = [
    'multiauth.scope' => \IslemKms\PassportMultiauth\Http\Middleware\MultiAuthCheckForAnyScope::class,
    'multiauth.scopes' => \IslemKms\PassportMultiauth\Http\Middleware\MultiAuthCheckScopes::class,
];

The middlewares are equals the Laravel\Passport middlewares with guard api on request->user() object.

User Sample:

Route::group([
    'middleware' => ['auth:admin,api', 'multiauth.scope:read-books']
], function ($request) {
    return $request->user('api');
});

Unit tests

If you are using multi-authentication in a request you need to pass just an Authenticatable object to Laravel\Passport\Passport::actingAs(). E.g.:

  • You have a route with multi-auth:
Route::group(['middleware' => 'auth:admin,api'], function () {
    Route::get('/foo', function ($request) {
        return $request->user('api'); // Return user or admin
    });
});
  • On your test just pass your entity to Passport::actingAs():
use App\User;
use App\Admin;
use Laravel\Passport\Passport;

class MyTest extends TestCase
{
    public function testFooAdmin()
    {
        $admin = factory(Admin::class)->create();

        Passport::actingAs($admin);

        // When you use your endpoint your admin will be returned
        $this->json('GET', '/foo')
            ->assertStatus(200)
            ->assertJson([
                'data' => [
                    'id' => 1,
                    'name' => 'Admin',
                    'email' => 'admin@admin.com'
                ]
            ]);
    }

    public function testFooUser()
    {
        $user = factory(User::class)->create();

        Passport::actingAs($user);

        // When you use your endpoint your user will be returned
        $this->json('GET', '/foo')
            ->assertStatus(200)
            ->assertJson([
                'data' => [
                    'id' => 1,
                    'name' => 'User',
                    'email' => 'user@user.com'
                ]
            ]);
    }
}
  • If your route has just one guard:
Route::group(['middleware' => 'auth:admin'], function () {
    Route::get('/foo', function ($request) {
        return $request->user(); // Return admin
    });
});
  • And on your tests just pass your entity, scopes and guard to Passport::actingAs():
use App\User;
use App\Admin;
use Laravel\Passport\Passport;

class MyTest extends TestCase
{
    public function testFooAdmin()
    {
        $admin = factory(Admin::class)->create();

        Passport::actingAs($admin, [], 'admin');

        // When you use your endpoint your admin will be returned
        $this->json('GET', '/foo')
            ->assertStatus(200)
            ->assertJson([
                'data' => [
                    'id' => 1,
                    'name' => 'Admin',
                    'email' => 'admin@admin.com'
                ]
            ]);
    }
}

islem-kms/l5-mauth-pass 适用场景与选型建议

islem-kms/l5-mauth-pass 是一款 基于 PHP 开发的 Composer 扩展包,目前已累计 1.16k 次下载、GitHub Stars 达 0, 最近一次更新时间为 2018 年 02 月 09 日, 在 PHP 生态内属于活跃度较高的组件。

它主要适用于以下技术方向: 「laravel」 「passport」 「multi-auth」 等业务场景。在实际项目中,围绕这些方向常见需要落地的问题包括:接口对接、性能调优、并发安全、与既有框架(Laravel / ThinkPHP / Yii / Webman 等)的兼容适配,以及生产环境的日志埋点与稳定性保障。

我们在过去多个企业项目中使用过 islem-kms/l5-mauth-pass 或与其功能相近的方案,如果你在选型或落地过程中遇到问题,例如 版本兼容、二次改造、私有化封装、与内部系统对接、生产 BUG 排查,欢迎联系我们协助评估。

围绕 islem-kms/l5-mauth-pass 我们能提供哪些服务?
定制开发 / 二次开发

基于 islem-kms/l5-mauth-pass 在你已有业务上做功能扩展、字段裁剪、UI 适配、与内部账号 / 权限 / 日志系统的深度对接。

BUG 修复 & 性能优化

线上偶发问题、内存泄漏、慢查询、并发异常等排查修复;针对高流量场景做缓存、队列、索引层面的调优。

项目外包 & 长期维护

承接完整的项目从需求 → 设计 → 开发 → 上线 → 长期运维;也可按月提供技术保姆服务。

yvsm@zunyunkeji.com QQ:316430983 微信:yvsm316 西安尊云信息科技 · 专注 PHP / Go / 分布式系统研发

统计信息

  • 总下载量: 1.16k
  • 月度下载量: 0
  • 日度下载量: 0
  • 收藏数: 0
  • 点击次数: 19
  • 依赖项目数: 0
  • 推荐数: 0

GitHub 信息

  • Stars: 0
  • Watchers: 0
  • Forks: 0
  • 开发语言: PHP

其他信息

  • 授权协议: MIT
  • 更新时间: 2018-02-09