php安装psr7应用,php – 使用基本授权作为中间件PSR-7 PSR-15

TD; LR：我正在努力掌握中间件实施背后的想法.它似乎正在工作,但我如何正确处理响应,以便它向浏览器显示基本授权登录提示？

–

我正在使用：

运行以下代码：

$middleware = [

new \Middlewares\ResponseTime(),

(new \Middlewares\BasicAuthentication([

'username1' => 'password1',

'username2' => 'password2'

]))->attribute('username')

];

// Default handler for end of collection

$default = function (\GuzzleHttp\Psr7\ServerRequest $request) {

// Any implementation of PSR-7 ResponseInterface

return new \GuzzleHttp\Psr7\Response();

};

$collection = new \Equip\Dispatch\MiddlewareCollection($middleware);

// Any implementation of PSR-7 ServerRequestInterface

$request = \GuzzleHttp\Psr7\ServerRequest::fromGlobals();

$response = $collection->dispatch($request, $default);

print_r($response);

返回以下内容：

GuzzleHttp\Psr7\Response Object

(

[reasonPhrase:GuzzleHttp\Psr7\Response:private] => Unauthorized

[statusCode:GuzzleHttp\Psr7\Response:private] => 401

[headers:GuzzleHttp\Psr7\Response:private] => Array

(

[WWW-Authenticate] => Array

(

[0] => Basic realm="Login"

)

[X-Response-Time] => Array

(

[0] => 16.176ms

)

)

[headerNames:GuzzleHttp\Psr7\Response:private] => Array

(

[www-authenticate] => WWW-Authenticate

[x-response-time] => X-Response-Time

)

[protocol:GuzzleHttp\Psr7\Response:private] => 1.1

[stream:GuzzleHttp\Psr7\Response:private] =>

)

看来中间件/响应时间和中间件/ http认证执行得很好.但是,我认为中间件/ http-authentication会显示如下的实际登录提示：

但事实并非如此.我想自己实现它？如果是,我该如何正确地做到这一点？

解决方法:

请将领域更改为“我的领域”.

$middleware = [

new \Middlewares\ResponseTime(),

(new \Middlewares\BasicAuthentication([

'username1' => 'password1',

'username2' => 'password2'

]))->attribute('username')->realm('My realm')

];

GuzzleHttp请求发生在后端,因此它不会像通常在浏览器中那样工作,例如提示输入用户名和密码.当您在不使用任何浏览器的情况下使用Guzzle时,您基本上是在模仿请求.因此,如果您需要提示,则必须在不使用GuzzleHttp的情况下实现此逻辑.

您仍然可以使用Guzzle进行测试,如下所示.

The below code will work.

$request = \GuzzleHttp\Psr7\ServerRequest::fromGlobals()->withHeader('Authorization', 'Basic '.base64_encode('username1:password1'));

$response = $collection->dispatch($request, $default);

echo $response->getStatusCode(); //200

echo $response->getReasonPhrase(); // OK

The below code will fail.

$request = \GuzzleHttp\Psr7\ServerRequest::fromGlobals()->withHeader('Authorization', 'Basic '.base64_encode(''IncorrectUser:IncorrectPassword''));

$response = $collection->dispatch($request, $default);

echo $response->getStatusCode(); //401

echo $response->getReasonPhrase(); // Unauthorized

实现BasicAuthentication的最佳方法是在中间件框架内.

Zend Expressive

//Example using your library

$app->pipe((new \Middlewares\BasicAuthentication([

'username1' => 'password1',

'username2' => 'password2'

])

)->attribute('username')->realm('My realm'));

//Example using other library

$app->pipe(new Tuupola\Middleware\HttpBasicAuthentication([

"users" => [

"root" => "t00r",

"user" => "passw0rd"

]

]));

上述两个代码都按预期工作.对于例如在浏览器中提示输入用户名和密码,并允许用户在发送正确的凭据时查看内容. Guzzle为你造成了问题.

我希望这有帮助.

标签：php,middleware,architecture

来源： https://codeday.me/bug/20190710/1424803.html