Laravel 5.8 JWT API 仅在用户状态为活动时登录用户

Posted 2023-03-10

【中文标题】Laravel 5.8 JWT API 仅在用户状态为活动时登录用户

【英文标题】：Laravel 5.8 JWT API Login a user only if his status is active

【发布时间】：2021-01-16 09:20:07

【问题描述】：

我正在尝试实施，如果您尝试使用他的凭据登录，那么登录系统会检查帐户状态，如果状态为 ACTIVE，它会登录，否则会显示错误通知，您的帐户已被阻止。

我的数据库列名及其值

列account_status

值ACTIVE 和BLOCKED

我在我的控制器中尝试过，但它不起作用

    <?php

namespace App\Http\Controllers\Api;

use App\Http\Controllers\Controller;
use App\Http\Requests\UserLoginRequest;
use App\Http\Resources\User as UserResource;
use App\User;

class LoginController extends Controller


    public function login(UserLoginRequest $request)
    

        if (!$token = auth()->attempt($request->only(['mobile_number', 'password']))) 
            return response()->json([
                'errors' => [
                    'mobile_number' => ['Sorry we cant find you with those details.'],
                ],
            ], 422);
        ;

        return (new UserResource($request->user()))->additional([
            'meta' => [
                'token' => $token,
            ],
        ]);
    

    public function logout()
    
        auth()->logout();
    

【问题讨论】：

你从哪里得到$token？

@Sok Chanty 我更新了我的问题检查一次

【参考方案1】：

这段代码非常干净和足智多谋：

use Illuminate\Support\Facades\Auth;
use Tymon\JWTAuth\Exceptions\UserNotDefinedException;
use Tymon\JWTAuth\Exceptions\TokenInvalidException;

   public function login(LoginRequest $request)
    
        $credentials = $request->validated();
        $rememberMe = $request->input('remember_me');
        try 
            if (auth()->attempt($credentials)) 
                $user = Auth::user();
                if (!auth()->user()->status) 
                    throw new UserNotDefinedException('user is inactive');
                
                $token = ($rememberMe == true) ? JWTAuth::customClaims(['exp' => now()->addDays(1000)->timestamp,])->fromUser($user) : JWTAuth::fromUser($user);
                return $this->respondWithToken($token);
             else 
                throw new TokenInvalidException('user credential is invalid');
            
         catch (UserNotDefinedException $e) 
            return response()->json(['message' => __('messages.login.user.deactivate')], Response::HTTP_BAD_REQUEST);
         catch (TokenInvalidException $e) 
            return response()->json(['message' => __('messages.login.invalid.credentials')], Response::HTTP_UNPROCESSABLE_ENTITY);
        ;
    

【参考方案2】：

试试这个：

use Auth;

if (Auth::attempt(['email' => $email, 'password' => $password, 'account_status'=>'ACTIVE'])) 
   // Authentication passed...
   return (new UserResource($request->user()))->additional([
        'meta' => [
             'token' => $token,
           ],
        ]);
    
   return response()->json([
      'errors' => ["email" => "Something wrong"]
   ]);

【讨论】：

"message":"语法错误，意外')'，期待']'"，

你必须声明：$email = request('email');在 if 条件之前。

其显示令牌 null , "meta": "token": null

是中间件还是别的什么？

它是一个控制器