承接 lcharette/laravel-auth-api 相关项目开发

从需求分析到上线部署,全程专人跟进,保证项目质量与交付效率

邮箱:yvsm@zunyunkeji.com | QQ:316430983 | 微信:yvsm316

lcharette/laravel-auth-api

Composer 安装命令:

composer require lcharette/laravel-auth-api

包简介

Basic auth API routes for Single Page Application.

README 文档

README

Branch Build Coverage Style
main

Basic reusable auth API routes for Laravel based SPA application. No UI is provided with this package, except the one require for email validation and password recovery. This is meant to be the starting point for your Vue (or similar) based frontend.

This is still a work in progress and might not be used for production yet

Usage

Setup

composer require lcharette/laravel-auth-api

Next, you'll need to update your User model so it implemen Tymon\JWTAuth\Contracts\JWTSubject. The Lcharette\AuthApi\Auth\isJWTSubject trait can be used to add the required methods. For example :

class User extends Authenticatable implements JWTSubject
{
    use Notifiable, SoftDeletes, HasFactory, isJWTSubject;
   
    ...
}

Available Routes

Once installed, this packages adds the following routes to you Laravel app :

Method Route Description Required Data
POST /api/register Post to this route to register a new user. username, email, password, password_confirm
POST /api/login Perform login and return auth token. email, password
POST /api/logout Perform logout action and invalidade current token.
POST /api/refresh Refresh current token and returns new one.
GET /api/user Return the current user information inside data key.

All routes will return a 200 status with json string if successfull. Any error will returns as a 400 error code with the error detail inside the json response. A 403 (forbidden) status code will be returned if the route is accessed without a valid token (except for login and register routes).

Limiting Other Routes

If you want to limit routes from your app to only "logged in" user, that is users that provides a valid token, you can add the Lcharette\AuthApi\Http\Middleware\RequireAuth middleware to any route or group of route. For example, this will make /list returns a 403 error if a valid token is not passed with the request :

Route::middleware([RequireAuth::class, 'api'])->group(function () {
    Route::get('/lists', [ListController::class, 'index']);
});

Alternatively, the Lcharette\AuthApi\Http\Middleware\RequireGuest middleware can be used if the route required the user not to be logged in.

Posting Token from Axios (Vue.js)

Token can be retreived from the login response and set as default header for future axios request. Just be sure to removed the token on logout or 401 error.

axios.post("/api/login", { email, password })
    .then(resp => {
        axios.defaults.headers.common['Authorization'] = 'Bearer ' + resp.data.access_token
    })
    .catch(err => {
        localStorage.removeItem("access_token");
    });

TODO

  • Revoke token
  • Update profile
  • Update password
  • Two Factor
  • Password reset
  • Email confirmation
  • Custom user Trait / Interface
  • Add more customisabilisation

License

This package is open-sourced under the MIT license.

统计信息

  • 总下载量: 52
  • 月度下载量: 0
  • 日度下载量: 0
  • 收藏数: 0
  • 点击次数: 0
  • 依赖项目数: 0
  • 推荐数: 0

GitHub 信息

  • Stars: 0
  • Watchers: 1
  • Forks: 0
  • 开发语言: PHP

其他信息

  • 授权协议: MIT
  • 更新时间: 2021-04-01

承接程序开发

PHP开发

VUE

Vue开发

前端开发

小程序开发

公众号开发

系统定制

数据库设计

云部署

网站建设

安全加固