0

我正在使用 laravel 4 和 sentry 2 构建一个 RESTful API,我尝试使用 postSignin 方法创建 API,但失败了。更正请求在 postSignin 这是过滤器和路由。

过滤器

    Route::filter('api', function()
    {
    // Check if the user is logged in
    if ( ! Sentry::check())
    {   
        return Response::json(array('digle'=> array(
            'status' => 1,
            'desc' => 'Unauthorized',
        )));
    }
});

路线

    Route::group(array('prefix' => 'api/v1','before' => 'api'), function()
    {
    //Test
    Route::get('/', array('as'=>'/', 'uses'=>'ApiTestController@getIndex'));

    //Login
    Route::get('signin', array('uses' => 'ApiTestController@getSignin'));
    Route::post('signin', 'ApiTestController@postSignin');

    //Logout
    Route::get('logout', array('uses' => 'ApiTestController@getLogout'));

});

控制器

 /**
 * Route /signin 
 *
 * @return Response POST 
 */
public function postSignin()
{
    //Declare the rules for the form validation
    $rules = array(
        'email'    => 'required|email',
        'password' => 'required|between:3,32',
    );

    // Create a new validator instance from our validation rules
    $validator = Validator::make(Input::all(), $rules);

    // If validation fails, we'll exit the operation now.
    if ($validator->fails())
    {
        // Ooops.. something went wrong
        //return Redirect::back()->withInput()->withErrors($validator);
        return Response::json(array('digle' => array(
           'Error' => 'error',
        )));
    }

    try
    {   
        $userdata = array(
            'email' => Input::get('email'),
            'password'=> Input::get('password')
        );
        // Try to log the user in
        Sentry::authenticate($userdata, false);


        return Response::json(array('digle' => array(
            'status' => 0,
            'desc' => 'succes'
        )));
    }
    catch (Cartalyst\Sentry\Users\UserNotFoundException $e)
    {
        return Response::json(array('digle' => array(
            'status' => $this->messageBag->add('email', Lang::get('auth/message.account_not_found'))
        )));

    }
    catch (Cartalyst\Sentry\Users\UserNotActivatedException $e)
    {
        return Response::json(array('digle' => array(
            'status' => $this->messageBag->add('email', Lang::get('auth/message.account_not_activated'))
        )));

    }
    catch (Cartalyst\Sentry\Throttling\UserSuspendedException $e)
    {
        return Response::json(array('digle' => array(
            'status' => $this->messageBag->add('email', Lang::get('auth/message.account_suspended'))
        )));

    }
    catch (Cartalyst\Sentry\Throttling\UserBannedException $e)
    {
        return Response::json(array('digle' => array(
            'status' => $this->messageBag->add('email', Lang::get('auth/message.account_banned'))
        )));

    }

    //something went wrong
    return Response::json(array('digle' => array(
            'status' => 0
    )));
}

并使用参数电子邮件和密码发出获取请求http://xxx.xx/api/v1/signin然后我使用 postman 或 restclient 测试代码

4

1 回答 1

0

您的before=>'api'过滤器对登录路由处于活动状态。

过滤器阻止“@postSignin”操作运行,因此您将始终看到过滤器生成的“未授权”响应。

解决方案:您必须将 'signin' 路由移到 'api' 组之外,或者以其他方式将操作从哨兵检查过滤中排除。

于 2014-05-22T07:37:14.060 回答