PHP security verification through Lumen Passport
When developing web applications, user authentication and permission control are important aspects that cannot be ignored. To ensure the security of the application, we need to implement a method to authenticate users and grant different permissions to specific users. In PHP development, Lumen is a lightweight and efficient framework that can help us quickly build web applications. Lumen Passport is a Lumen extension based on Laravel Passport, which can help us implement simple and powerful authentication.
This article will introduce how to implement PHP security verification through Lumen Passport to ensure that our application only allows access by authorized users.
First, we need to install the Lumen Passport extension package. Enter the project root directory in the terminal and execute the following command:
composer require dusterio/lumen-passport
After the installation is complete, we need to register the Passport service provider. Open the bootstrap/app.php
file and add the following code in the Register Service Providers
section:
$app->register(DusterioLumenPassportPassportServiceProvider::class);
Then, in bootstrap/app.php
Add the following reference at the beginning:
use DusterioLumenPassportLumenPassport;
Next, we need to generate the key and database migration files. Run the following command in the terminal:
php artisan passport:keys php artisan passport:client --password php artisan migrate
After generating the key and database migration files, we can start configuring authentication.
First, open the config/auth.php
file and change the default driver from token
to passport
:
'defaults' => [ 'guard' => 'api', 'passwords' => 'users', 'provider' => 'users', 'hash' => false, ], // ... 'guards' => [ 'api' => [ 'driver' => 'passport', 'provider' => 'users', ], ],
Then, open the app/Providers/AuthServiceProvider.php
file and add the LaravelPassportPassport::routes()
method to the boot()
method:
use LaravelPassportPassport; // ... public function boot() { $this->registerPolicies(); Passport::routes(); }
Next, we need to use Passport
in the user model. Open the app/User.php
file and add the following reference at the top of the class:
use LaravelPassportHasApiTokens;
Then, add the HasApiTokens
trait to the User
class Medium:
use LaravelPassportHasApiTokens; class User extends Authenticatable { use HasApiTokens; // ... }
Now, we have completed the configuration of authentication. Next, let’s look at how to use Lumen Passport in a controller.
First, we need to use Passport
in the controller. Open your controller file and add the following reference at the top of the class:
use LaravelPassportPassport;
Then, call the Passport::actingAs()
method in the method that requires authentication. This method accepts a user model instance as a parameter to simulate user login:
public function login() { $user = User::find(1); // 通过用户 ID 获取用户 Passport::actingAs($user); // ... }
When the user logs in, Lumen Passport will generate an access token, which we can use to make interface calls. In methods that require user authentication, we can use auth()->user()
to obtain the currently logged in user instance:
public function profile() { $user = auth()->user(); return response()->json([ 'user' => $user, ]); }
Through the above steps, we have succeeded Implemented PHP security authentication through Lumen Passport. Now we can use authentication in our application to secure specific routes and functionality to ensure only authorized users have access.
Summary:
This article introduces how to implement PHP security verification through Lumen Passport. We first installed the Lumen Passport extension package and generated the key and database migration files. We then configure authentication by changing the configuration and using the Passport method. Finally, using the Passport
class in the controller, we can implement user login and access token generation. In this simple and powerful way, we can easily implement user authentication and permission control to protect the security of our applications.
The above is the detailed content of PHP security authentication with Lumen Passport. For more information, please follow other related articles on the PHP Chinese website!