Laravel 5.5 未调用授权策略
Laravel 5.5 Authorization Policy Not Being Called
来自 Home.vue
的登录调用
methods: {
login: function (e){
e.preventDefault();
this.standing = true; // Disables Login Button
axios.post('/oauth/token', {
email: this.email, // I verify with email
password: this.password,
username: this.username,
grant_type: 'password',
client_id: integer_of_client_id,
client_secret: 'secret_token',
}).then({response => {
window.axios.defaults.headers.common['Authorization'] = 'Bearer '+ response.data.access_token;
// Make call to /api/user
// ...
好的,所以我在这里对我的命名空间进行了双重和三次检查,但我无法弄清楚 Laravel 是如何缺少我创建的这个策略的:
Reply.vue 上的 AXIOS CALL(删除回复)
axios.delete('/api/barracks/reply/delete/' + this.reply.id, { id: this.reply.id });
ROUTES/API.PHP
Route::delete('/barracks/reply/delete/{forumReply}','ForumRepliesController@destroy');
控制器
public function destroy(ForumReply $forumReply)
{
$this->authorize('destroy', $forumReply);
$forumReply->delete();
return response()->json(['Success',204]);
}
AuthServiceProvider.php
// ... Stuff
use App\ForumReply;
use App\Policies\ForumReplyPolicy;
class AuthServiceProvider extends ServiceProvider
{
/**
* The policy mappings for the application.
*
* @var array
*/
protected $policies = [
ForumReply::class => ForumReplyPolicy::class
];
/**
* Register any authentication / authorization services.
*
* @return void
*/
public function boot()
{
$this->registerPolicies();
// Passport Stuff
}
}
FourmReplyPolicy.php
namespace App\Policies;
use App\User;
use App\ForumReply;
use Illuminate\Auth\Access\HandlesAuthorization;
class ForumReplyPolicy
{
use HandlesAuthorization;
public function destroy(User $user, ForumReply $forumReply)
{
return true;
}
}
回应
我收到了 Laravel 的 403 响应,我一直找不到原因。
对于来到此线程并使用 web.php 路由和 ->middleware
的任何人
我遇到了同样的问题,即未在此行调用策略:
Route::get('/post', 'PostController@index')
->middleware('can:index, App\Post');
问题是索引、App 之间的 space 字符。删除后它可以正常工作。
因此,在尝试了很多次之后,我发现了一个临时的解决方法,不幸的是它有点难看。我已将其插入每个必要的控制器的开头。
$user = \JWTAuth::toUser(\JWTAuth::getToken());
\Auth::loginUsingID($user->id);
然后我可以使用授权策略并检索经过身份验证的用户信息。
来自 Home.vue
的登录调用methods: {
login: function (e){
e.preventDefault();
this.standing = true; // Disables Login Button
axios.post('/oauth/token', {
email: this.email, // I verify with email
password: this.password,
username: this.username,
grant_type: 'password',
client_id: integer_of_client_id,
client_secret: 'secret_token',
}).then({response => {
window.axios.defaults.headers.common['Authorization'] = 'Bearer '+ response.data.access_token;
// Make call to /api/user
// ...
好的,所以我在这里对我的命名空间进行了双重和三次检查,但我无法弄清楚 Laravel 是如何缺少我创建的这个策略的:
Reply.vue 上的 AXIOS CALL(删除回复)
axios.delete('/api/barracks/reply/delete/' + this.reply.id, { id: this.reply.id });
ROUTES/API.PHP
Route::delete('/barracks/reply/delete/{forumReply}','ForumRepliesController@destroy');
控制器
public function destroy(ForumReply $forumReply)
{
$this->authorize('destroy', $forumReply);
$forumReply->delete();
return response()->json(['Success',204]);
}
AuthServiceProvider.php
// ... Stuff
use App\ForumReply;
use App\Policies\ForumReplyPolicy;
class AuthServiceProvider extends ServiceProvider
{
/**
* The policy mappings for the application.
*
* @var array
*/
protected $policies = [
ForumReply::class => ForumReplyPolicy::class
];
/**
* Register any authentication / authorization services.
*
* @return void
*/
public function boot()
{
$this->registerPolicies();
// Passport Stuff
}
}
FourmReplyPolicy.php
namespace App\Policies;
use App\User;
use App\ForumReply;
use Illuminate\Auth\Access\HandlesAuthorization;
class ForumReplyPolicy
{
use HandlesAuthorization;
public function destroy(User $user, ForumReply $forumReply)
{
return true;
}
}
回应
我收到了 Laravel 的 403 响应,我一直找不到原因。
对于来到此线程并使用 web.php 路由和 ->middleware
的任何人我遇到了同样的问题,即未在此行调用策略:
Route::get('/post', 'PostController@index')
->middleware('can:index, App\Post');
问题是索引、App 之间的 space 字符。删除后它可以正常工作。
因此,在尝试了很多次之后,我发现了一个临时的解决方法,不幸的是它有点难看。我已将其插入每个必要的控制器的开头。
$user = \JWTAuth::toUser(\JWTAuth::getToken());
\Auth::loginUsingID($user->id);
然后我可以使用授权策略并检索经过身份验证的用户信息。