From 09237b7e02d9f7306f0d98f07240ea3bd6937982 Mon Sep 17 00:00:00 2001 From: sundayenglish Date: Fri, 20 Jun 2025 15:34:24 +0700 Subject: [PATCH] Finish add Passport --- app/Models/User.php | 4 +- app/Providers/AuthServiceProvider.php | 20 ++++----- config/auth.php | 5 +++ ...035905_create_oauth_device_codes_table.php | 42 ------------------- ..._080224_create_oauth_auth_codes_table.php} | 14 ++----- ...0225_create_oauth_access_tokens_table.php} | 14 ++----- ...226_create_oauth_refresh_tokens_table.php} | 12 +----- ..._20_080227_create_oauth_clients_table.php} | 19 +++------ ...te_oauth_personal_access_clients_table.php | 28 +++++++++++++ routes/api.php | 5 +-- 10 files changed, 60 insertions(+), 103 deletions(-) delete mode 100644 database/migrations/2025_06_20_035905_create_oauth_device_codes_table.php rename database/migrations/{2025_06_20_035901_create_oauth_auth_codes_table.php => 2025_06_20_080224_create_oauth_auth_codes_table.php} (65%) rename database/migrations/{2025_06_20_035902_create_oauth_access_tokens_table.php => 2025_06_20_080225_create_oauth_access_tokens_table.php} (68%) rename database/migrations/{2025_06_20_035903_create_oauth_refresh_tokens_table.php => 2025_06_20_080226_create_oauth_refresh_tokens_table.php} (67%) rename database/migrations/{2025_06_20_035904_create_oauth_clients_table.php => 2025_06_20_080227_create_oauth_clients_table.php} (61%) create mode 100644 database/migrations/2025_06_20_080228_create_oauth_personal_access_clients_table.php diff --git a/app/Models/User.php b/app/Models/User.php index 749c7b7..bb44e0a 100644 --- a/app/Models/User.php +++ b/app/Models/User.php @@ -6,11 +6,13 @@ namespace App\Models; use Illuminate\Database\Eloquent\Factories\HasFactory; use Illuminate\Foundation\Auth\User as Authenticatable; use Illuminate\Notifications\Notifiable; +use Laravel\Passport\HasApiTokens; +use Laravel\Passport\Contracts\OAuthenticatable; class User extends Authenticatable { /** @use HasFactory<\Database\Factories\UserFactory> */ - use HasFactory, Notifiable; + use HasApiTokens, HasFactory, Notifiable; /** * The attributes that are mass assignable. diff --git a/app/Providers/AuthServiceProvider.php b/app/Providers/AuthServiceProvider.php index 0f5e115..e6eaad1 100644 --- a/app/Providers/AuthServiceProvider.php +++ b/app/Providers/AuthServiceProvider.php @@ -3,13 +3,10 @@ namespace App\Providers; use Illuminate\Foundation\Support\Providers\AuthServiceProvider as ServiceProvider; -use Laravel\Passport\Bridge\RefreshTokenRepository; -use Laravel\Passport\Bridge\AccessTokenRepository; -use Laravel\Passport\Bridge\ClientRepository; -use Laravel\Passport\Bridge\ScopeRepository; -use Laravel\Passport\Bridge\UserRepository; +use Laravel\Passport\Passport; use League\OAuth2\Server\AuthorizationServer; -use League\OAuth2\Server\Grant\PasswordGrant; +use Laravel\Passport\Bridge\UserRepository; +use Laravel\Passport\Bridge\RefreshTokenRepository; use DateInterval; class AuthServiceProvider extends ServiceProvider @@ -18,18 +15,17 @@ class AuthServiceProvider extends ServiceProvider public function boot(): void { - $this->registerPolicies(); + Passport::tokensExpireIn(now()->addHour()); + Passport::refreshTokensExpireIn(now()->addMonth()); - // Thêm cấu hình hỗ trợ password grant $this->app->afterResolving(AuthorizationServer::class, function ($server) { - $grant = new PasswordGrant( + $grant = new \League\OAuth2\Server\Grant\PasswordGrant( app(UserRepository::class), app(RefreshTokenRepository::class) ); + $grant->setRefreshTokenTTL(new DateInterval('P1M')); // 1 tháng - $grant->setRefreshTokenTTL(new DateInterval('P1M')); // Thời gian sống refresh token: 1 tháng - - $server->enableGrantType($grant, new DateInterval('PT1H')); // Access token sống 1 giờ + $server->enableGrantType($grant, new DateInterval('PT1H')); // 1 giờ }); } } diff --git a/config/auth.php b/config/auth.php index 7d1eb0d..6d9c511 100644 --- a/config/auth.php +++ b/config/auth.php @@ -40,6 +40,11 @@ return [ 'driver' => 'session', 'provider' => 'users', ], + + 'api' => [ + 'driver' => 'passport', // ← Quan trọng: phải là 'passport' + 'provider' => 'users', + ], ], /* diff --git a/database/migrations/2025_06_20_035905_create_oauth_device_codes_table.php b/database/migrations/2025_06_20_035905_create_oauth_device_codes_table.php deleted file mode 100644 index ea07831..0000000 --- a/database/migrations/2025_06_20_035905_create_oauth_device_codes_table.php +++ /dev/null @@ -1,42 +0,0 @@ -char('id', 80)->primary(); - $table->foreignId('user_id')->nullable()->index(); - $table->foreignUuid('client_id')->index(); - $table->char('user_code', 8)->unique(); - $table->text('scopes'); - $table->boolean('revoked'); - $table->dateTime('user_approved_at')->nullable(); - $table->dateTime('last_polled_at')->nullable(); - $table->dateTime('expires_at')->nullable(); - }); - } - - /** - * Reverse the migrations. - */ - public function down(): void - { - Schema::dropIfExists('oauth_device_codes'); - } - - /** - * Get the migration connection name. - */ - public function getConnection(): ?string - { - return $this->connection ?? config('passport.connection'); - } -}; diff --git a/database/migrations/2025_06_20_035901_create_oauth_auth_codes_table.php b/database/migrations/2025_06_20_080224_create_oauth_auth_codes_table.php similarity index 65% rename from database/migrations/2025_06_20_035901_create_oauth_auth_codes_table.php rename to database/migrations/2025_06_20_080224_create_oauth_auth_codes_table.php index c700b50..7b93b40 100644 --- a/database/migrations/2025_06_20_035901_create_oauth_auth_codes_table.php +++ b/database/migrations/2025_06_20_080224_create_oauth_auth_codes_table.php @@ -12,9 +12,9 @@ return new class extends Migration public function up(): void { Schema::create('oauth_auth_codes', function (Blueprint $table) { - $table->char('id', 80)->primary(); - $table->foreignId('user_id')->index(); - $table->foreignUuid('client_id'); + $table->string('id', 100)->primary(); + $table->unsignedBigInteger('user_id')->index(); + $table->unsignedBigInteger('client_id'); $table->text('scopes')->nullable(); $table->boolean('revoked'); $table->dateTime('expires_at')->nullable(); @@ -28,12 +28,4 @@ return new class extends Migration { Schema::dropIfExists('oauth_auth_codes'); } - - /** - * Get the migration connection name. - */ - public function getConnection(): ?string - { - return $this->connection ?? config('passport.connection'); - } }; diff --git a/database/migrations/2025_06_20_035902_create_oauth_access_tokens_table.php b/database/migrations/2025_06_20_080225_create_oauth_access_tokens_table.php similarity index 68% rename from database/migrations/2025_06_20_035902_create_oauth_access_tokens_table.php rename to database/migrations/2025_06_20_080225_create_oauth_access_tokens_table.php index 3e50f7f..598798e 100644 --- a/database/migrations/2025_06_20_035902_create_oauth_access_tokens_table.php +++ b/database/migrations/2025_06_20_080225_create_oauth_access_tokens_table.php @@ -12,9 +12,9 @@ return new class extends Migration public function up(): void { Schema::create('oauth_access_tokens', function (Blueprint $table) { - $table->char('id', 80)->primary(); - $table->foreignId('user_id')->nullable()->index(); - $table->foreignUuid('client_id'); + $table->string('id', 100)->primary(); + $table->unsignedBigInteger('user_id')->nullable()->index(); + $table->unsignedBigInteger('client_id'); $table->string('name')->nullable(); $table->text('scopes')->nullable(); $table->boolean('revoked'); @@ -30,12 +30,4 @@ return new class extends Migration { Schema::dropIfExists('oauth_access_tokens'); } - - /** - * Get the migration connection name. - */ - public function getConnection(): ?string - { - return $this->connection ?? config('passport.connection'); - } }; diff --git a/database/migrations/2025_06_20_035903_create_oauth_refresh_tokens_table.php b/database/migrations/2025_06_20_080226_create_oauth_refresh_tokens_table.php similarity index 67% rename from database/migrations/2025_06_20_035903_create_oauth_refresh_tokens_table.php rename to database/migrations/2025_06_20_080226_create_oauth_refresh_tokens_table.php index afb3c55..b007904 100644 --- a/database/migrations/2025_06_20_035903_create_oauth_refresh_tokens_table.php +++ b/database/migrations/2025_06_20_080226_create_oauth_refresh_tokens_table.php @@ -12,8 +12,8 @@ return new class extends Migration public function up(): void { Schema::create('oauth_refresh_tokens', function (Blueprint $table) { - $table->char('id', 80)->primary(); - $table->char('access_token_id', 80)->index(); + $table->string('id', 100)->primary(); + $table->string('access_token_id', 100)->index(); $table->boolean('revoked'); $table->dateTime('expires_at')->nullable(); }); @@ -26,12 +26,4 @@ return new class extends Migration { Schema::dropIfExists('oauth_refresh_tokens'); } - - /** - * Get the migration connection name. - */ - public function getConnection(): ?string - { - return $this->connection ?? config('passport.connection'); - } }; diff --git a/database/migrations/2025_06_20_035904_create_oauth_clients_table.php b/database/migrations/2025_06_20_080227_create_oauth_clients_table.php similarity index 61% rename from database/migrations/2025_06_20_035904_create_oauth_clients_table.php rename to database/migrations/2025_06_20_080227_create_oauth_clients_table.php index 9794dc8..776ccfa 100644 --- a/database/migrations/2025_06_20_035904_create_oauth_clients_table.php +++ b/database/migrations/2025_06_20_080227_create_oauth_clients_table.php @@ -12,13 +12,14 @@ return new class extends Migration public function up(): void { Schema::create('oauth_clients', function (Blueprint $table) { - $table->uuid('id')->primary(); - $table->nullableMorphs('owner'); + $table->bigIncrements('id'); + $table->unsignedBigInteger('user_id')->nullable()->index(); $table->string('name'); - $table->string('secret')->nullable(); + $table->string('secret', 100)->nullable(); $table->string('provider')->nullable(); - $table->text('redirect_uris'); - $table->text('grant_types'); + $table->text('redirect'); + $table->boolean('personal_access_client'); + $table->boolean('password_client'); $table->boolean('revoked'); $table->timestamps(); }); @@ -31,12 +32,4 @@ return new class extends Migration { Schema::dropIfExists('oauth_clients'); } - - /** - * Get the migration connection name. - */ - public function getConnection(): ?string - { - return $this->connection ?? config('passport.connection'); - } }; diff --git a/database/migrations/2025_06_20_080228_create_oauth_personal_access_clients_table.php b/database/migrations/2025_06_20_080228_create_oauth_personal_access_clients_table.php new file mode 100644 index 0000000..7c9d1e8 --- /dev/null +++ b/database/migrations/2025_06_20_080228_create_oauth_personal_access_clients_table.php @@ -0,0 +1,28 @@ +bigIncrements('id'); + $table->unsignedBigInteger('client_id'); + $table->timestamps(); + }); + } + + /** + * Reverse the migrations. + */ + public function down(): void + { + Schema::dropIfExists('oauth_personal_access_clients'); + } +}; diff --git a/routes/api.php b/routes/api.php index 0a0fdd8..656d576 100644 --- a/routes/api.php +++ b/routes/api.php @@ -7,7 +7,6 @@ use Laravel\Passport\Bridge\AccessTokenRepository; use Laravel\Passport\TokenRepository; use Laravel\Passport\Passport; -Route::post('/oauth/token', function (ServerRequestInterface $serverRequest) { - return app()->make(\Laravel\Passport\Http\Controllers\AccessTokenController::class) - ->issueToken($serverRequest); +Route::middleware('auth:api')->get('/user', function (Request $request) { + return $request->user(); });