摘要：中的中有一個組件叫，組件提供了整個框架的認(rèn)證功能，這里想簡單追蹤一下它的實現(xiàn)邏輯。

laravel中有一個組件叫auth，auth組件提供了整個框架的認(rèn)證功能，這里想簡單追蹤一下它的實現(xiàn)邏輯。

# IlluminateAuthConsoleAuthMakeCommand.php

public function handle()
{
    // 創(chuàng)建存放auth前端界面的目錄和文件
    // 模版存放在AuthConsole的stubs下
    $this->createDirectories();
    $this->exportViews();

    if (! $this->option("views")) {
        // 生成HomeController控制器文件
        file_put_contents(
            app_path("Http/Controllers/HomeController.php"),
            $this->compileControllerStub()
        );
        // 生成auth相關(guān)路由
    file_put_contents(
        base_path("routes/web.php"),
        file_get_contents(__DIR__."/stubs/make/routes.stub"),
        FILE_APPEND
        );
    }
}

生成文件resources/views/auth、?resources/layouts路由文件 web.php 、和 Http/Controllers/Auth 下的控制器

        function csrf_token()
    {
        $session = app("session");

        if (isset($session)) {
            return $session->token();
        }

        throw new RuntimeException("Application session store not set.");
    }

    public function login(Request $request)
    {
                // 檢查請求體
        $this->validateLogin($request);
                // 判斷是否請求失敗太多次
        if ($this->hasTooManyLoginAttempts($request)) {
            $this->fireLockoutEvent($request);

            return $this->sendLockoutResponse($request);
        }
                // 判斷是否驗證通過
        if ($this->attemptLogin($request)) {
            return $this->sendLoginResponse($request);
        }
                // 記錄請求失敗次數(shù)
        $this->incrementLoginAttempts($request);

        return $this->sendFailedLoginResponse($request);
    }

通過?Auth::guard() 引導(dǎo)到 IlluminateAuthAuthManager
先看? 服務(wù)提供者??AuthServiceProvider
AuthServiceProvider注冊四個服務(wù)

protected function registerAuthenticator()
    {
        $this->app->singleton("auth", function ($app) {
            $app["auth.loaded"] = true;
                        // 生成一個AuthManager實例
            return new AuthManager($app);
        });

        $this->app->singleton("auth.driver", function ($app) {
            return $app["auth"]->guard();
        });
    }

protected function registerUserResolver()
    {
        $this->app->bind(
            AuthenticatableContract::class, function ($app) {
                return call_user_func($app["auth"]->userResolver());
            }
        );
    }

protected function registerAccessGate()
    {
        $this->app->singleton(GateContract::class, function ($app) {
            return new Gate($app, function () use ($app) {
                return call_user_func($app["auth"]->userResolver());
            });
        });
    }

protected function registerRequestRebindHandler()
    {
        $this->app->rebinding("request", function ($app, $request) {
            $request->setUserResolver(function ($guard = null) use ($app) {
                return call_user_func($app["auth"]->userResolver(), $guard);
            });
        });
    }

生成一個AuthManager實例
AuthManager中的trait?CreatesUserProviders
這個trait是用來綁定一個用戶認(rèn)證的Eloqument服務(wù)提供者

public function __construct($app)
    {
                // 綁定application實例
        $this->app = $app;
                // 綁定一個閉包，用于解析用戶。
                // 通過$guard來確定用戶解析用戶的方法
        $this->userResolver = function ($guard = null) {
            return $this->guard($guard)->user();
        };
    }

protected function resolve($name)
    {
        $config = $this->getConfig($name);

                // 根據(jù)配置調(diào)用不同的解析用戶的驅(qū)動方法
        $driverMethod = "create".ucfirst($config["driver"])."Driver";

        if (method_exists($this, $driverMethod)) {
            return $this->{$driverMethod}($name, $config);
        }
    }

分別定位的兩個方法

        public function createSessionDriver($name, $config)
    {
                //     根據(jù)配置文件創(chuàng)建一個相應(yīng)的provider
        $provider = $this->createUserProvider($config["provider"] ?? null);
                
                $guard = new SessionGuard($name, $provider, $this->app["session.store"]);

        return $guard;
    }
    
    public function createTokenDriver($name, $config)
    {
        $guard = new TokenGuard(
            $this->createUserProvider($config["provider"] ?? null),
            $this->app["request"],
            $config["input_key"] ?? "api_token",
            $config["storage_key"] ?? "api_token"
        );
        return $guard;
    }

于是得到?$this->guard($guard)?的user()方法
先看如何實例一個TokenGuard類

public function __construct(UserProvider $provider, Request $request, $inputKey = "api_token", $storageKey = "api_token")
    {
        $this->request = $request;
        $this->provider = $provider;
        $this->inputKey = $inputKey;
        $this->storageKey = $storageKey;
    }

# IlluminateAuthTokenGuard

    public function user()
    {
        if (! is_null($this->user)) {
            return $this->user;
        }

        $user = null;
                // 從request中獲取token
        $token = $this->getTokenForRequest();

        if (! empty($token)) {
                        // 通過用戶provider中的retrieveByCredentials方法來判斷用戶是否認(rèn)證成功
            $user = $this->provider->retrieveByCredentials(
                [$this->storageKey => $token]
            );
        }

        return $this->user = $user;
    }

上面都是通用的加載引導(dǎo)調(diào)用功能，下面的用戶服務(wù)提供者則是可以修改自定義的認(rèn)證的具體功能

# IlluminateAuthDatabaseUserProvider

    public function retrieveByCredentials(array $credentials)
    {
        if (empty($credentials) ||
           (count($credentials) === 1 &&
            array_key_exists("password", $credentials))) {
            return;
        }
        $query = $this->conn->table($this->table);

        foreach ($credentials as $key => $value) {
            if (Str::contains($key, "password")) {
                continue;
            }

            if (is_array($value) || $value instanceof Arrayable) {
                $query->whereIn($key, $value);
            } else {
                $query->where($key, $value);
            }
        }
        
        $user = $query->first();
        
        // 返回auth用戶數(shù)據(jù)包
        return $this->getGenericUser($user);
    }