在composer.json里面加入： ``` "require": { "laravel/passport": "~4.0" }, ``` 或者用composer安裝： ``` composer require laravel/passport=~4.0 ``` 在config/app.php里面加入： ``` 'providers' => [ /* * Laravel Framework Service Providers... */ Laravel\Passport\PassportServiceProvider::class, ], ``` 生成認證頁面后，進行數據遷移 ``` php artisan make:auth php artisan migrate ``` ``` php artisan passport:install ``` app/User.php頁面如下： ``` <?php namespace App; use Laravel\Passport\HasApiTokens; use Illuminate\Notifications\Notifiable; use Illuminate\Foundation\Auth\User as Authenticatable; class User extends Authenticatable { use Notifiable, HasApiTokens; /** * The attributes that are mass assignable. * * @var array */ protected $fillable = [ 'name', 'email', 'password', ]; /** * The attributes that should be hidden for arrays. * * @var array */ protected $hidden = [ 'password', 'remember_token', ]; } ``` app/Providers/AuthServiceProvider.php如下： ``` <?php namespace App\Providers; use Laravel\Passport\Passport; use Illuminate\Support\Facades\Gate; use Illuminate\Foundation\Support\Providers\AuthServiceProvider as ServiceProvider; class AuthServiceProvider extends ServiceProvider { /** * The policy mappings for the application. * * @var array */ protected $policies = [ 'App\Model' => 'App\Policies\ModelPolicy', ]; /** * Register any authentication / authorization services. * * @return void */ public function boot() { $this->registerPolicies(); Passport::routes(); // token時間限制無效，暫時未知原因 Passport::tokensExpireIn(now()->addMinutes(5)); Passport::refreshTokensExpireIn(now()->addMinutes(5)); } } ``` 在config/auth.php： ``` 'guards' => [ 'web' => [ 'driver' => 'session', 'provider' => 'users', ], 'api' => [ 'driver' => 'passport', 'provider' => 'users', ], ], ``` 在app/Http/Controllers/UserController.php: ``` <?php namespace App\Http\Controllers; use Illuminate\Http\Request; use App\Http\Controllers\Controller; use Auth; use Validator; use App\User; class UserController extends Controller { public function userLogin(Request $request){ $validator = Validator::make($request->all(), [ 'email' => 'required|email', 'password' => 'required' ]); if ($validator->fails()) { return response()->json(['error'=>$validator->errors()], 401); } if(Auth::attempt(['email' => request('email'), 'password' => request('password')])){ $user = Auth::user(); $success['token'] = $user->createToken('MyApp')->accessToken; return response()->json(['success' => $success], 200); } else{ return response()->json(['error'=>'Unauthorised'], 401); } } public function userRegister(Request $request) { $validator = Validator::make($request->all(), [ 'name' => 'required', 'email' => 'required|email', 'password' => 'required', 'c_password' => 'required|same:password', ]); if ($validator->fails()) { return response()->json(['error'=>$validator->errors()], 401); } $input = $request->all(); $input['password'] = bcrypt($input['password']); $user = User::create($input); $success['token'] = $user->createToken('MyApp')->accessToken; $success['name'] = $user->name; return response()->json(['success'=>$success], 200); } public function userDetails() { $users = User::get(); return response()->json(['success' => $users], 200); } } ```