我是 Laravel 的新手。我使用 Angular 和 Laravel 制作一个简单的博客。我使用 Sanctum 进行授权和注册。 这是我的代码 AuthController:
<?php
namespace App\Http\Controllers;
use Illuminate\Http\Request;
use App\Http\Controllers\Controller;
use Illuminate\Support\Facades\Hash;
use Auth;
use Validator;
use App\Models\User;
class AuthController extends Controller
{
public function register(Request $request)
{
$validator = Validator::make($request->all(),[
'name' => 'required|string|max:255|unique:users',
'email' => 'required|string|email|max:255|unique:users',
'password' => 'required|string|min:8'
]);
if($validator->fails()){
return response()->json($validator->errors());
}
$user = User::create([
'name' => $request->name,
'email' => $request->email,
'password' => Hash::make($request->password)
]);
$token = $user->createToken('auth_token')->plainTextToken;
Auth::login($user);
return response()
->json(['result' => 'success']);
}
public function login(Request $request)
{
if (!Auth::attempt($request->only('name', 'password')))
{
return response()
->json(['message' => 'Unauthorized']);
}
$user = User::where('name', $request['name'])->firstOrFail();
$token = $user->createToken('auth_token')->plainTextToken;
return response()
->json(['message' => 'Authorized']);
}
// method for user logout and delete token
public function logout()
{
auth()->user()->tokens()->delete();
return response()->json([
'message' => 'You have successfully logged out and the token was successfully deleted'
]);
}
}
web.php
<?php
use Illuminate\Support\Facades\Route;
use App\Http\Controllers\MainController;
use App\Http\Controllers\StoryController;
use App\Http\Controllers\AuthController;
/*
|--------------------------------------------------------------------------
| Web Routes
|--------------------------------------------------------------------------
|
| Here is where you can register web routes for your application. These
| routes are loaded by the RouteServiceProvider within a group which
| contains the "web" middleware group. Now create something great!
|
*/
Route::get('/', [MainController::class, 'home']);
Route::get('/about', [MainController::class,'about']);
Route::get('/review', [MainController::class,'review'])->name('review');
Route::post('/review/check', [MainController::class,'review_check']);
/*Route::get('/about/{id}/{name}', function ($id,$name) {
return "ID:".$id." Name:".$name;
});*/
Auth::routes();
Route::get('/home', [App\Http\Controllers\HomeController::class, 'index'])->name('home');
//Route::post('/api/saveStory', [StoryController::class,'store']);
Route::apiResource('api/saveStory', 'StoryController');
//Route::resource('/api/story', 'StoryController');
Route::post('api/register', [AuthController::class, 'register']);
//API route for login user
Route::post('api/login', [AuthController::class, 'login']);
//Protecting Routes
Route::group(['middleware' => ['auth:sanctum']], function () {
Route::post('api/user-information', function(Request $request) {
return auth()->user();
});
// API route for logout user
Route::post('api/logout', [AuthController::class, 'logout']);
});
这工作正常。但是,当我成功登录并向“api/用户信息”发送帖子请求时,我总是收到错误“401 未经授权”。 角度 2 请求:
loginMethod()
{
this.http.post(this.baseUrl+"api/login", this.loginForm).subscribe(
(data:ResponseLogin)=>{
this.responseLogin=data;
if(this.responseLogin.message ==='Authorized')
{
this.router.navigate(['/user-profile']);
}
console.log("this.responseLogin.message:"+this.responseLogin.message);
},
error => console.log(error)
);
}
Route::group(['middleware' => ['auth:sanctum']], function () {
Route::post('api/user-information', function(Request $request) {
return auth()->user();
});
但是当我使用 Postman 发送请求“api/user-information”时,我成功获取了数据授权用户。 请帮我解决这个问题。
最佳答案
首先,您还必须随请求一起发送授权 token 。您正在向 protected 端点发送请求。 Laravel 有中间件来检查用户是否经过身份验证。如果您尝试向/about 发送请求,这应该不是问题,但您正在向受中间件保护的路由发送请求。
关于php - laravel Auth::login($user) 总是返回 401 Unauthorized,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/71420966/