通过以下链接搜索:
laravelha / jwt-auth-acl
该软件包的最新版本(0.0.7)没有提供许可证信息。
JWT Auth ACL
0.0.7
2020-03-10 14:30 UTC
Requires
- php: ^7.2
- darkaonline/l5-swagger: ^6.0|^7.0
- illuminate/support: ^6.0|^7.0
- laravelha/support: ^1.0
- tymon/jwt-auth: ^1.0
Requires (Dev)
- nunomaduro/larastan: ^0.5.2
- orchestra/testbench: ^4.0
- phpunit/phpunit: ^8.5
- squizlabs/php_codesniffer: 3.*
README
JWT Auth ACL 是一个用于身份验证和授权的 Laravel 软件包。
中间件 ha.acl 会检查认证用户是否有权限访问该路由,如果用户在任何角色中拥有与路由同名的权限,则认为其具有授权。
安装
- 使用 composer 安装软件包:
composer require laravelha/jwt-auth-acl - 删除默认的用户文件
app/User.phpdatabase/factories/UserFactory.phpdatabase/migrations/2014_10_12_000000_create_users_table.php
- 发布配置:
php artisan vendor:publish --foce --tag ha-auth-config - 发布种子文件:
php artisan vendor:publish --foce --tag ha-auth-seeds - 在需要检查权限的路由上添加
ha.acl - 运行
php artisan db:seed --class=PermissionsTableSeeder以填充权限表 - 运行
php artisan jwt:secret - 将
config/l5-swagger.php设置为读取vendor/laravelha/jwt-auth-acl/src上的注释 - 运行
php artisan l5-swagger:generate以生成文档
使用
- 在受保护的路由上添加
ha.acl - 发布种子文件:
php artisan vendor:publish --foce --tag ha-auth-seeds - 运行
php artisan db:seed --class=PermissionsTableSeeder以填充权限表
创建角色
Tinker
php artisan tinker factory(Role::class)->create(['name' => 'Name', 'description' => 'Description'])
GuzzleHttp
$client = new GuzzleHttp\Client(['base_uri' => APP_URL]); $client->post('/api/roles', [ 'headers' => ['Authorization': 'BEARER '.TOKEN], 'json' => [ 'name': 'Name', 'descriptiom': 'Descriptiom', ], ]
axios
axios.post('/api/auth/login', { email: 'admin@laravelha.com', password: 'password', }); axios.defaults.headers.common['Authorization'] = AUTH_TOKEN; axios.post('/api/auth/roles', { name: 'Name', description: 'Description' });
cUrl
curl -X POST "APP_URL/api/auth/login" -H "accept: application/json" -H "Content-Type: application/json" -d "{ \"email\": \"admin@laravelha.com\", \"password\": \"password\"}" curl -X POST "APP_URL/api/auth/roles" -H "accept: application/json" -H "Authorization: Bearer TOKEN" -d "{ \"name\": \"Name\", \"description\": \"Description\"}"
同步角色权限
Tinker
php artisan tinker $role = Role::find(ID) $role->permissions->sync([ID_P1, ID_P2, ID_P3..])
GuzzleHttp
$client = new GuzzleHttp\Client(['base_uri' => APP_URL]); $client->post('/api/roles', [ 'headers' => ['Authorization': 'BEARER '.TOKEN], 'json' => [ 'permissions': [ID_P1, ID_P2, ID_P3..] ], ]
axios
axios.post('/api/auth/login', { email: 'admin@laravelha.com', password: 'password', }); axios.defaults.headers.common['Authorization'] = AUTH_TOKEN; axios.put('/api/auth/roles/' + ID, { permissions: [ID_P1, ID_P2, ID_P3..], });
cUrl
curl -X POST "APP_URL/api/auth/login" -H "accept: application/json" -H "Content-Type: application/json" -d "{ \"email\": \"admin@laravelha.com\", \"password\": \"password\"}" curl -X PUT "APP_URL/api/auth/roles/ID" -H "accept: application/json" -H "Authorization: Bearer TOKEN" -d "{ \"permissions\": \"[ID_P1, ID_P2, ID_P3..]\"}"
同步用户角色
Tinker
php artisan tinker $user = User::find(ID) $user->roles->sync([ID_R1, ID_R2, ID_R3..])
GuzzleHttp
$client = new GuzzleHttp\Client(['base_uri' => APP_URL]); $client->post('/api/users', [ 'headers' => ['Authorization': 'BEARER '.TOKEN], 'json' => [ 'permissions': [ID_R1, ID_R2, ID_R3..] ], ]
axios
axios.post('/api/auth/login', { email: 'admin@laravelha.com', password: 'password', }); axios.defaults.headers.common['Authorization'] = AUTH_TOKEN; axios.put('/api/auth/users/' + ID, { permissions: [ID_R1, ID_R2, ID_R3..], });
cUrl
curl -X POST "APP_URL/api/auth/login" -H "accept: application/json" -H "Content-Type: application/json" -d "{ \"email\": \"admin@laravelha.com\", \"password\": \"password\"}" curl -X PUT "APP_URL/api/auth/users/ID" -H "accept: application/json" -H "Authorization: Bearer TOKEN" -d "{ \"roles\": \"[ID_R1, ID_R2, ID_R3..]\"}"
截图
