PHP Framework
Laravel
Laravel development: How to implement SPA authentication using Laravel Sanctum?
Laravel development: How to implement SPA authentication using Laravel Sanctum?
Laravel Development: How to implement SPA authentication using Laravel Sanctum?
Laravel Sanctum is the official package for Laravel, designed to provide simple, lightweight API authentication for SPA (Single Page Application) and mobile applications. It uses ephemeral tokens instead of permanent credentials for enhanced security and provides multiple authentication drivers, including cookies, API keys, and JWT.
In this article, we will discuss how to implement SPA authentication using Laravel Sanctum.
The first step is to install Laravel Sanctum. It can be installed using Composer in your Laravel application:
composer require laravel/sanctum
After installation, you need to run migrations to create the tables required by Sanctum:
php artisan migrate
Next, you need to open the app/Http/Kernel.php file and add the Laravel Sanctum middleware in the API middleware group:
LaravelSanctumHttpMiddlewareEnsureFrontendRequestsAreStateful::class,
'throttle:60,1',
IlluminateRoutingMiddlewareSubstituteBindings::class,
],```
现在,Laravel Sanctum已准备好开始在应用程序中进行SPA身份验证。
下一步是将Sanctum添加到Vue或React应用程序中。为此,需要在应用程序中安装axios或其他HTTP客户端库,以便与后端通信。建议使用axios来演示下面的示例代码。
axios需要配置一下:
import axios from 'axios'
export const HTTP = axios.create({
baseURL: http://localhost:8000/api/,
withCredentials: true,
})
withCredentials选项允许axios将cookie发送到后端,这对于使用Laravel Sanctum进行身份验证非常重要。 现在,可以在Vue组件或React组件中使用以下代码来进行身份验证:
// Login
login() {
axios.post('/login', this.credentials)
.then(response => {
this.getUser()
})},
// Logout
logout() {
axios.post('/logout')
.then(response => {
this.$store.commit('logout')
})},
// Get user information
getUser() {
axios.get('/user')
.then(response => {
this.$store.commit('updateUser', response.data)
}).catch(error => {
console.log(error)
})},
在这个例子中,我们使用axios来向/login和/logout路由发送POST请求,以及向/user路由发送GET请求。这三个路由应该在Laravel应用程序中定义,并使用Laravel Sanctum进行身份验证。 使用Laravel Sanctum的默认身份验证驱动程序- cookie-,可以通过以下方式发送令牌:
// In Vue
axios.defaults.headers.common['X-CSRF-TOKEN'] = document.querySelector('meta[name="csrf-token"]').getAttribute('content');
/ / React
import { setAuthToken } from './axiosConfig';
axios.defaults.headers.common['X-CSRF-TOKEN'] = setAuthToken();
这将在每个请求中设置名为X-CSRF-TOKEN的标头。此标头包含一个CSRF令牌,该令牌是在使用Laravel Sanctum时进行身份验证所必需的。
The above is the detailed content of Laravel development: How to implement SPA authentication using Laravel Sanctum?. For more information, please follow other related articles on the PHP Chinese website!
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!
Hot Article
Hot Tools
Notepad++7.3.1
Easy-to-use and free code editor
SublimeText3 Chinese version
Chinese version, very easy to use
Zend Studio 13.0.1
Powerful PHP integrated development environment
Dreamweaver CS6
Visual web development tools
SublimeText3 Mac version
God-level code editing software (SublimeText3)
Hot Topics
1386
52
Laravel - Artisan Commands
Aug 27, 2024 am 10:51 AM
Laravel - Artisan Commands - Laravel 5.7 comes with new way of treating and testing new commands. It includes a new feature of testing artisan commands and the demonstration is mentioned below ?
Laravel - Pagination Customizations
Aug 27, 2024 am 10:51 AM
Laravel - Pagination Customizations - Laravel includes a feature of pagination which helps a user or a developer to include a pagination feature. Laravel paginator is integrated with the query builder and Eloquent ORM. The paginate method automatical
How to get the return code when email sending fails in Laravel?
Apr 01, 2025 pm 02:45 PM
Method for obtaining the return code when Laravel email sending fails. When using Laravel to develop applications, you often encounter situations where you need to send verification codes. And in reality...
Laravel schedule task is not executed: What should I do if the task is not running after schedule: run command?
Mar 31, 2025 pm 11:24 PM
Laravel schedule task run unresponsive troubleshooting When using Laravel's schedule task scheduling, many developers will encounter this problem: schedule:run...
In Laravel, how to deal with the situation where verification codes are failed to be sent by email?
Mar 31, 2025 pm 11:48 PM
The method of handling Laravel's email failure to send verification code is to use Laravel...
How to implement the custom table function of clicking to add data in dcat admin?
Apr 01, 2025 am 07:09 AM
How to implement the table function of custom click to add data in dcatadmin (laravel-admin) When using dcat...
Laravel - Dump Server
Aug 27, 2024 am 10:51 AM
Laravel - Dump Server - Laravel dump server comes with the version of Laravel 5.7. The previous versions do not include any dump server. Dump server will be a development dependency in laravel/laravel composer file.
Laravel Redis connection sharing: Why does the select method affect other connections?
Apr 01, 2025 am 07:45 AM
The impact of sharing of Redis connections in Laravel framework and select methods When using Laravel framework and Redis, developers may encounter a problem: through configuration...
