PHP security authentication with Lumen Passport

PHP security verification through Lumen Passport

When developing web applications, user authentication and permission control are important aspects that cannot be ignored. To ensure the security of the application, we need to implement a method to authenticate users and grant different permissions to specific users. In PHP development, Lumen is a lightweight and efficient framework that can help us quickly build web applications. Lumen Passport is a Lumen extension based on Laravel Passport, which can help us implement simple and powerful authentication.

This article will introduce how to implement PHP security verification through Lumen Passport to ensure that our application only allows access by authorized users.

First, we need to install the Lumen Passport extension package. Enter the project root directory in the terminal and execute the following command:

composer require dusterio/lumen-passport

After the installation is complete, we need to register the Passport service provider. Open the bootstrap/app.php file and add the following code in the Register Service Providers section:

$app->register(DusterioLumenPassportPassportServiceProvider::class);

Then, in bootstrap/app.php Add the following reference at the beginning:

use DusterioLumenPassportLumenPassport;

Next, we need to generate the key and database migration files. Run the following command in the terminal:

php artisan passport:keys
php artisan passport:client --password
php artisan migrate

After generating the key and database migration files, we can start configuring authentication.

First, open the config/auth.php file and change the default driver from token to passport:

'defaults' => [
    'guard' => 'api',
    'passwords' => 'users',
    'provider' => 'users',
    'hash' => false,
],

// ...

'guards' => [
    'api' => [
        'driver' => 'passport',
        'provider' => 'users',
    ],
],

Then, open the app/Providers/AuthServiceProvider.php file and add the LaravelPassportPassport::routes() method to the boot() method:

use LaravelPassportPassport;

// ...

public function boot()
{
    $this->registerPolicies();

    Passport::routes();
}

Next, we need to use Passport in the user model. Open the app/User.php file and add the following reference at the top of the class:

use LaravelPassportHasApiTokens;

Then, add the HasApiTokens trait to the User class Medium:

use LaravelPassportHasApiTokens;

class User extends Authenticatable
{
    use HasApiTokens;
    
    // ...
}

Now, we have completed the configuration of authentication. Next, let’s look at how to use Lumen Passport in a controller.

First, we need to use Passport in the controller. Open your controller file and add the following reference at the top of the class:

use LaravelPassportPassport;

Then, call the Passport::actingAs() method in the method that requires authentication. This method accepts a user model instance as a parameter to simulate user login:

public function login()
{
    $user = User::find(1); // 通过用户 ID 获取用户
    Passport::actingAs($user);
    
    // ...
}

When the user logs in, Lumen Passport will generate an access token, which we can use to make interface calls. In methods that require user authentication, we can use auth()->user() to obtain the currently logged in user instance:

public function profile()
{
    $user = auth()->user();
    
    return response()->json([
        'user' => $user,
    ]);
}

Through the above steps, we have succeeded Implemented PHP security authentication through Lumen Passport. Now we can use authentication in our application to secure specific routes and functionality to ensure only authorized users have access.

Summary:

This article introduces how to implement PHP security verification through Lumen Passport. We first installed the Lumen Passport extension package and generated the key and database migration files. We then configure authentication by changing the configuration and using the Passport method. Finally, using the Passport class in the controller, we can implement user login and access token generation. In this simple and powerful way, we can easily implement user authentication and permission control to protect the security of our applications.

The above is the detailed content of PHP security authentication with Lumen Passport. For more information, please follow other related articles on the PHP Chinese website!