LaravelPhp Sanctum登录认证Android
LaravelPhp Sanctum登录认证Android
提问于 2022-05-24 10:25:20
我有一个完全工作的SPA网站建立与LaravelPhp 8桑克顿认证和Vuejs。现在,我正在构建一个使用相同API的Android应用程序。连接到不需要身份验证的API可以很好地工作,但受保护的API却不能。我发送POST登录,它可以工作,但在那之后,其他受保护的API就不能工作了。它返回错误401 (:Network401),我是否使用会话cookie,然后如何设置会话cookie?谢谢。
这就是SPA的工作方式:
下面是config/auth.php ( API上写着令牌,但我从未在我的SPA中使用令牌)
'guards' => [
'web' => [
'driver' => 'session',
'provider' => 'users',
],
'api' => [
'driver' => 'token',
'provider' => 'users',
'hash' => false,
],
],路由/api.php
Route::post('login', ['as' => 'login', 'uses' => 'App\Http\Controllers\LoginController@login']);
Route::middleware(['auth:sanctum'])->group(function () {
Route::get('customer', 'App\Http\Controllers\CustomerController@show');
}.env:
SANCTUM_STATEFUL_DOMAINS=mywebsite.si
SESSION_DOMAIN=.mywebsite.si
BROADCAST_DRIVER=log
CACHE_DRIVER=file
QUEUE_CONNECTION=sync
SESSION_DRIVER=file
SESSION_LIFETIME=120(安卓) Http.java
public class Http {
Context context;
private String url, method = "GET", data = null, response = null;
private Integer statusCode = 0;
private LocalStorage localStorage;
public Http(Context context, String url) {
this.context = context;
this.url = url;
localStorage = new LocalStorage(context);
}
public void setMethod(String method) {
this.method = method.toUpperCase();
}
public void setData(String data) {
this.data = data;
}
public String getResponse() {
return response;
}
public Integer getStatusCode() {
return statusCode;
}
public void send() {
try {
URL sUrl = new URL(url);
HttpURLConnection connection = (HttpURLConnection) sUrl.openConnection();
connection.setRequestMethod(method);
connection.setRequestProperty("Accept", "application/json");
connection.setRequestProperty("Content-Type", "application/json");
connection.setRequestProperty("X-Requested-With", "XMLHttpRequest");
connection.setRequestProperty("Cookie", "Access-Control-Allow-Credentials=true; Access-Control-Allow-Origin=https://mywebsite.si;");
if (!method.equals("GET")) {
connection.setDoOutput(true);
}
if (data != null) {
OutputStream os = connection.getOutputStream();
os.write(data.getBytes());
os.flush();
os.close();
}
statusCode = connection.getResponseCode();
InputStreamReader isr;
if (statusCode >= 200 && statusCode <= 299) {
// if success response
isr = new InputStreamReader(connection.getInputStream());
} else {
// if error response
isr = new InputStreamReader(connection.getErrorStream());
}
BufferedReader br = new BufferedReader(isr);
StringBuffer sb = new StringBuffer();
String line;
while ((line = br.readLine()) != null) {
sb.append(line);
}
br.close();
response = sb.toString();
} catch (IOException e) {
e.printStackTrace();
}
}
}LoginActivity:
String data = params.toString();
String url = getString(R.string.api_server) + "/login";
new Thread(new Runnable() {
@Override
public void run() {
Http http = new Http(LoginActivity.this, url);
http.setMethod("post");
http.setData(data);
http.send();
runOnUiThread(new Runnable() {
@Override
public void run() {
Integer code = http.getStatusCode();
if (code == 200) {
try {
JSONObject response = new JSONObject(http.getResponse());
} catch (JSONException e) {
e.printStackTrace();
}
} else if (code == 422) {
try {
JSONObject response = new JSONObject(http.getResponse());
String msg = response.getString("message");
alertFail(msg);
} catch (JSONException e) {
e.printStackTrace();
}
} else if (code == 401) {
try {
JSONObject response = new JSONObject(http.getResponse());
String msg = response.getString("message");
alertFail(msg);
} catch (JSONException e) {
e.printStackTrace();
}
} else {
Toast.makeText(LoginActivity.this, "Error " + code, Toast.LENGTH_SHORT).show();
}
}
});
}
}).start();UserActivity:
String url = getString(R.string.api_server) + "/customer";
new Thread(new Runnable() {
@Override
public void run() {
Http http = new Http(UserActivity.this, url);
http.send();
runOnUiThread(new Runnable() {
@Override
public void run() {
Integer code = http.getStatusCode();
if (code == 200) {
try {
JSONObject response = new JSONObject(http.getResponse());
} catch (JSONException e) {
e.printStackTrace();
}
} else {
Toast.makeText(UserActivity.this, "Error " + code, Toast.LENGTH_SHORT).show();
}
}
});
}
}).start();
}登录响应:
cache-control: no-cache, private
connection: Keep-Alive
content-type: application/json
date: Tue, 24 May 2022 10:19:21 GMT
keep-alive: timeout=5, max=100
transfer-encoding: chunked
vary: Origin
x-android-received-millis: 1653387298665
x-android-response-source: NETWORK 200
x-android-selected-protocol: http/1.1
x-android-sent-millis: 1653387298552
x-ratelimit-limit: 20
x-ratelimit-remaining: 18Stack Overflow用户
发布于 2022-05-24 10:31:08
您必须为auth设置标题:圣所保护的api
Authorization: Bearer <token-here>如果您以正确的方式使用圣所,您可以针对auth模型生成令牌,并使用这些令牌来获取
看看这篇文章https://www.twilio.com/blog/build-restful-api-php-laravel-sanctum
圣殿根据令牌自动检查标头并对用户进行身份验证。
页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://stackoverflow.com/questions/72361256
复制相关文章
相似问题
腾讯云开发者
