第一部分 安装Passport(laravel/passport)第一步. 使用 Composer 安装 Passport :composer require laravel/passport=~7.0第二步. Passport 服务提供器使用框架注册自己的数据库迁移目录,因此在注册提供器后,就应该运行 Passport 的迁移命令来自动创建存储客户端和令牌的数据表: php artisan migrate第三步. 接下来,运行 passport:install 命令来创建生成安全访问令牌时所需的加密密钥,同时,这条命令也会创建用于生成访问令牌的「个人访问」客户端和「密码授权」客户端: php artisan passport:install第二部分 开始配置第四步. 将 LaravelPassportHasApiTokens Trait 添加到 AppUser 模型中,`这个 Trait 会给你的模型提供一些辅助函数,用于检查已认证用户的令牌和使用范围:<?phpnamespace App;use Illuminate\Notifications\Notifiable;use Illuminate\Contracts\Auth\MustVerifyEmail;use Illuminate\Foundation\Auth\User as Authenticatable;use Laravel\Passport\HasApiTokens;class User extends Authenticatable{ use HasApiTokens, Notifiable; // other code}第五步. 在AuthServiceProvider中, 增加 “Passport::routes()“和过期时间:<?phpnamespace App\Providers;use Laravel\Passport\Passport;class AuthServiceProvider extends ServiceProvider{ /** * Register any authentication / authorization services. * * @return void / public function boot() { // other code Passport::routes(); Passport::tokensExpireIn(now()->addDays(30)); //这里设置为30天过期 Passport::refreshTokensExpireIn(now()->addDays(30)); }}第六步. 在 auth.php中, 更改 api 认证方式为passport:<?phpreturn [ ‘guards’ => [ ‘web’ => [ ‘driver’ => ‘session’, ‘provider’ => ‘users’, ], ‘api’ => [ ‘driver’ => ‘passport’, ‘provider’ => ‘users’, ], ]];第三部分 提供测试接口第七步. 增加相应API路由配置:<?phpRoute::group([’namespace’ => ‘Api’], function () { // 登录 Route::post(’login’, ‘LoginController@login’); // 注册 Route::post(‘register’, ‘LoginController@register’); Route::group([‘middleware’ => ‘auth:api’], function () { // 用户信息 Route::get(‘user’, ‘LoginController@read’); });});第八步. 创建controller => php artisan make:controller Api/LoginController:<?phpnamespace App\Http\Controllers\Api;use App\User;use Illuminate\Http\Request;use App\Http\Controllers\Controller;use Illuminate\Support\Facades\Auth;use Illuminate\Support\Facades\Validator;class LoginController extends Controller{ public $successStatus = 200; /* * 登录API * * @param Request $request * @param email 登录邮箱 * @param password 登录密码 * * @return \Illuminate\Http\Response / public function login(Request $request) { // 邮箱和密码验证 if(Auth::attempt([’email’ => request(’email’), ‘password’ => request(‘password’)])){ $user = Auth::user(); $success[’token’] = $user->createToken(‘EDU’)->accessToken; return response()->json([‘success’ => $success], $this->successStatus); } else{ return response()->json([’error’=>‘Unauthorised’], 401); } } /* * 注册API * * @param Request $request * @param email 登录邮箱 * @param password 登录密码 * * @return \Illuminate\Http\Response / public function register(Request $request) { // 数据验证 $validator = Validator::make($request->all(), [ ’name’ => ‘required’, ’email’ => ‘required|email’, ‘password’ => ‘required’, ‘c_password’ => ‘required|same:password’ ]); if ($validator->fails()) { return response()->json([’error’=>$validator->errors()], 401); } // 读取参数并保存数据 $input = $request->all(); $input[‘password’] = bcrypt($input[‘password’]); $user = User::create($input); // 创建token并返回 $success[’token’] = $user->createToken(‘EDU’)->accessToken; $success[’name’] = $user->name; return response()->json([‘success’=>$success], $this->successStatus); } /* * 读取用户信息API * * @return \Illuminate\Http\Response */ public function read() { $user = Auth::user(); return response()->json([‘success’ => $user], $this->successStatus); }}第九步. 使用Postman测试API:测试API数据获取,需要在headers中添加Token; 格式key=Authorization,value=Bearer空格token