使用没有密码的JWTLaravel5进行身份验证-AuthenticationwithJWTLaravel5withoutpassword

14  

try with this:

试试这个：

$user=User::where('email','=','user2@gmail.com')->first();

if (!$userToken=JWTAuth::fromUser($user)) {
            return response()->json(['error' => 'invalid_credentials'], 401);
        }

return response()->json(compact('userToken'));

it's work for me, hope can help

它对我有用，希望可以帮到你

5  

Generating token for the customers (without password) can be achieved through

可以通过为客户生成令牌（无密码）

$user = \App\Modules\User\Models\UserModel::whereEmail('xyz@gmail.com')->first();
$userToken=JWTAuth::fromUser($user);

Here $userToken will stores the token after existence check of email in the table configured in UserModel file.

这里$ userToken将在UserModel文件中配置的表中存在电子邮件检查后存储令牌。

I have assumed that you stores both customer and moderators in the same table, there must be some flag to discriminate among them. Assume the flag is user_type

我假设您将客户和版主存储在同一个表中，必须有一些标志来区分它们。假设标志是user_type

$token = null;
$user = \App\Modules\User\Models\UserModel::whereEmail('xyz@gmail.com')->first();
if($user['user_type'] == 'customer'){
   $credentials = $request->only('email');
   $token =JWTAuth::fromUser($user);
}else if($user['user_type'] == 'moderator'){
   $credentials = $request->only('email','password');
   $token = JWTAuth::attempt($credentials);
}else{
   //No such user exists

}
return $token;

As far as custom claims are concerned these are custom defined payloads which can be attached to token string.

就自定义声明而言，这些是自定义的有效负载，可以附加到令牌字符串。

For example, JWTAuth::attempt($credentials,['role'=>1]); Will attempt to add role object to token payload. Once you decode the token string through JWT Facade JWTAuth::parseToken()->getPayload(); you in turn get all payloads defined in required_claims under config/jwt.php with additional role payload.

例如，JWTAuth :: attempt（$ credentials，['role'=> 1]）;将尝试将角色对象添加到令牌有效内容。通过JWT Facade解码令牌字符串JWTAuth :: parseToken（） - > getPayload（）;您将获得在config / jwt.php下的required_claims中定义的所有有效负载以及其他角色有效负载。

Refer https://github.com/tymondesigns/jwt-auth/wiki/Creating-Tokens#creating-a-token-based-on-anything-you-like Let me know in case you requires anything else.

请参阅https://github.com/tymondesigns/jwt-auth/wiki/Creating-Tokens#creating-a-token-based-on-anything-you-like如果您需要其他任何内容，请告诉我。

0  

Rather than making a different login strategy for customers and moderators, you can add token authentication to both user type. this will makes your life easier and prepare for scalability. In your api, you can just restrict moderator users to not have access to the api by sending

您可以为两种用户类型添加令牌身份验证，而不是为客户和管理员制定不同的登录策略。这将使您的生活更轻松，并为可扩展性做好准备。在您的api中，您可以通过发送限制主持人用户无权访问API

'method not allowed')

Apart from this suggestion, I believe @Alimnjan code should work.

除了这个建议，我相信@Alimnjan代码应该可行。