通过 
搜索
搜索vimar / flarum-whoami
将 Whoami 端点添加到 Flarum
v1.0.0
2023-11-07 13:18 UTC
Requires
- php: ^8.0
- flarum/core: ^1.8.0
README
此扩展添加了一个新的端点 "/api/whoami",它公开当前登录用户的数据。通过使用此路由与 POST /api/token 路由,您可以将 Flarum 作为您站点的身份提供者。
安装
手动安装
composer require vimar/flarum-whoami
更新
composer update vimar/flarum-whoami php flarum migrate php flarum cache:clear
Flarum 认证教程
登录
为了模拟 Flarum 的登录语句,我们只需调用 Flarum POST /api/token 以创建注册用户的令牌
POST /api/token HTTP/1.1
{
"identification": "John",
"password": "pass7word",
"remember": 1
}
HTTP/1.1 200 OK
{
"token": "YACub2KLfe8mfmHPcUKtt6t2SMJOGPXnZbqhc3nX",
"userId": "1"
}
然后我们将此令牌存储为 cookie(例如:flarum_token)供将来使用(默认情况下,访问令牌有效期为 1 小时,除非您添加 remember 参数,在这种情况下,它有效期为 5 年。)。
注意:要启用我们网站和 Flarum 之间的单点登录(SSO),我们还需要将 session_remember 令牌作为 flarum_remember cookie 存储;
验证登录用户资料
现在,每次我们想知道一个用户是否已登录时,我们只需要调用以下端点
POST /api/whoami HTTP/1.1
Authorization: Token YACub2KLfe8mfmHPcUKtt6t2SMJOGPXnZbqhc3nX
HTTP/1.1 200 OK
{
"data": {
"type": "users",
"id": "4",
"attributes": {
"username": "John",
"displayName": "Jon Doe",
"slug": "John-Doe",
"joinTime": "2003-04-02T20:29:29+00:00",
"discussionCount": 125,
"commentCount": 2799,
"canEdit": true,
"canEditCredentials": true,
"canEditGroups": true,
"canDelete": true,
"lastSeenAt": "2023-11-07T09:43:13+00:00",
"isEmailConfirmed": true,
"email": "john@doe.com",
"markedAllAsReadAt": null,
"unreadNotificationCount": 0,
"newNotificationCount": 0,
"preferences": {
...
},
"isAdmin": true,
...
},
"relationships": {
"groups": {
"data": [
{
"type": "groups",
"id": "1"
}
]
}
}
},
"included": [
{
"type": "groups",
"id": "1",
"attributes": {
"nameSingular": "Admin",
"namePlural": "Admins",
"color": "#B72A2A",
"icon": "fas fa-wrench",
"isHidden": 0
}
}
]
}
登出
要登出,我们需要删除包含访问令牌的会话 cookie,并最终通过调用