1

我已经建立了一个前端角度系统和后端 laravel 系统。一切正常,但在登录过程中没有生成令牌。注册过程运行良好,并将用户详细信息存储在数据库中。

路由.php

Route::post('/api/register', 'RegisterController@register');
Route::post('api/authenticate', 'LoginController@authenticate');
Route::get('api/authenticate/user/email/{email}/password/{password}', 'LoginController@getAuthenticatedUser');

注册控制器.php

 public function register(Request $request){
    $newuser= $request->all();
    $password=Hash::make($request->input('password'));

    $newuser['password'] = $password;
    return Register::create($newuser);
}

登录控制器.php

/*public function authenticate(Request $request){*/
public function authenticate($email, $password){
    /*$credentials = $request->only('email', 'password');*/
    $credentials = array('email' => $email, 'password' => $password);
    try{
        if(! $token = JWTAuth::attempt($credentials)){
            return \Response::json(['error' => 'invalid_credentials'], 401);
        }
    }
    catch(JWTException $e){
        return \Response::json(['error' => 'could_not_create_token'], 500);
    }
    return \Response::json(compact('token'));
}


public function getAuthenticatedUser($email, $password){
    try{
        if(! $user = JWTAuth::parseToken()->authenticate($email, $password)){
            return \Response::json(['user_not_found'], 404);
        }
    }
    catch(Tymon\JWTAuth\Exceptions\TokenExpiredException $e){
        return \Response::json(['token_expired'], $e->getStatusCode());
    }
    catch(Tymon\JWTAuth\Exceptions\TokenInvalidException $e){
        return \Response::json(['token_invalid'], $e->getStatusCode());
    }
    catch(Tymon\JWTAuth\Exceptions\JWTException $e){
        return \Response::json(['token_absent'], $e->getStatusCode());
    }
    return \Response::json(compact('user'));
    /*return \Response::json(array('user' => 'Steve', 'state' => 'CA'));*/
}

authController.js

reglogApp.controller('AuthController', function($scope, $http, $auth, $rootScope, $state){
$scope.email='';
$scope.password='';
$scope.newUser={};
$scope.loginError=false;
$scope.loginErrorText='';


$scope.login = function(){
    var credentials = {
        email: $scope.email,
        password: $scope.password
    }
    console.log('Entered Login Function', credentials);

    $auth.login(credentials).then(function(){
        return $http.get('http://reglog.xyz.com/api/authenticate/user/email/puppy@gmail.com/password/ABHVF123456789000');

        },function(error){
            $scope.loginError = true;
            $scope.loginErrorText = error.data.error;
            console.log('Login Error', $scope.loginErrorText);
        }).then(function(response){
                $rootScope.currentUser = response.data.user;
                $scope.loginError = false;
                $scope.loginErrorText = '';
                console.log('Current User', $rootScope.currentUser);
                $state.go('dashboard');
        });

}

$scope.register = function(){
    $scope.name = $scope.newUser.name;
    $scope.email = $scope.newUser.email;
    $scope.password = $scope.newUser.password;
    console.log($scope.name, $scope.email, $scope.password);
    $http.post('http://reglog.xyz.com/api/register', $scope.newUser).success(function(data){
        console.log('Registered');
        $scope.email = $scope.newUser.email;
        $scope.password = $scope.newUser.password;
        $scope.login();
    });
}

});

4

5 回答 5

4

您需要在标头中发送授权令牌。您可能需要修改 Apache 设置以允许发送授权标头。

授权:不记名{yourtokenhere}

您可以使用以下命令修改 .htaccess 文件:

RewriteCond %{HTTP:Authorization} ^(.*)

RewriteRule .* - [e=HTTP_AUTHORIZATION:%1]

于 2015-11-27T19:37:51.700 回答
3

JWTAuth::parseToken()要求令牌以以下格式在标头中发送:

Authorization: Bearer {yourtokenhere}

我相信,你不会那样做。所以,你getAuthenticatedUser失败了。

于 2015-11-25T12:05:46.060 回答
1

您可以尝试在 php.ini 中设置 always_populate_raw_post_data = -1

这对我有用

于 2016-05-19T11:57:03.873 回答
0

我猜这LoginController::getAuthenticatedUser()似乎是在验证用户的凭据(电子邮件和密码)。

不过,方法中也JWTAuth::parseToken()->authenticate($email, $password)getAuthenticatedUser()JWTAuth::parseToken()负责验证来自请求1的令牌。客户端必须使用令牌向GET /api/authenticate端点发送请求。

在我看来,LoginController::authenticate()通过 JSON Web Token 识别和响应用户信息给客户端。email和参数在password中不是必需的LoginController:: getAuthenticatedUser(),因为令牌能够识别用户。

登录控制器.php

public function getAuthenticatedUser(){
    try{
        if(! $user = JWTAuth::parseToken()->authenticate()){
            return \Response::json(['user_not_found'], 404);
        }
    }
    catch(Tymon\JWTAuth\Exceptions\TokenExpiredException $e){
        return \Response::json(['token_expired'], $e->getStatusCode());
    }
    catch(Tymon\JWTAuth\Exceptions\TokenInvalidException $e){
        return \Response::json(['token_invalid'], $e->getStatusCode());
    }
    catch(Tymon\JWTAuth\Exceptions\JWTException $e){
        return \Response::json(['token_absent'], $e->getStatusCode());
    }
    return \Response::json(compact('user'));
    /*return \Response::json(array('user' => 'Steve', 'state' => 'CA'));*/
}
于 2015-11-30T05:59:11.680 回答
-2

简单编辑 .htaccess 文件。即,在 /public/.htaccess 内部

选项 - 多视图 

RewriteEngine On

# Redirect Trailing Slashes...
RewriteRule ^(.*)/$ /$1 [L,R=301]
# Authorization Header
RewriteCond %{HTTP:Authorization} .
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
# Handle Front Controller...
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^ index.php [L]

于 2016-10-09T05:06:21.033 回答