php api中间件,laravel5.5 api.php 里面的路由，走中间件的时候提示未授权 401？

我们这个项目进行了半年了，以前没问题，上周六开始所有接口就提示

，

项目信息：

laravel5.5，前台使用控制器加载页面(return view())，后台使用iview-admin，node做服务器请求laravel的api.php 中的接口；前台页面中获取登录信息正常；登录功能是采用了oAuth登录了集团平台。

为了确保后端逻辑也实际业务没有问题，贴出在blade模板中的php代码

$user = \Auth::user();

$contact = new ArrayObject();

if ($user) {

$user->setVisible([

'user_id',

'username',

'name',

'avatar'

]);

// 对应的联系人

$_contact = $user->contact();

if ($_contact) {

$_contact->setVisible([

'contact_id',

'name',

'is_admin',

'is_sub_admin'

]);

$contact = $_contact->toArray();

} else {

}

$user = $user->toArray();

} else {

$user = new ArrayObject();

}

$corp = \XXH::corp();

if ($corp) {

$corp->setVisible([

'corp_id',

'user_id',

'logo',

'name',

'type',

'code'

]);

$corp = $corp->toArray();

} else {

$corp = new ArrayObject();

}

$data = [

'baseUrl' => url('/'),

'state' => [

'user' => $user,

'contact' => $contact,

'corp' => $corp

],

];

echo 'window.XXH = ' . json_encode($data);

?>

以下是输出：

报错详细信息

"exceptions": {

"count": 1,

"exceptions": [

{

"type": "Illuminate\\Auth\\AuthenticationException",

"message": "Unauthenticated.",

"code": 0,

"file": "D:\\jeff\\code\\jianwen\\vendor\\laravel\\framework\\src\\Illuminate\\Auth\\Middleware\\Authenticate.php",

"line": 66,

"surrounding_lines": [

" }\n",

" }\n",

"\n",

" throw new AuthenticationException('Unauthenticated.', $guards);\n",

" }\n",

"}\n"

],

"xdebug_link": null

}

]

},

应对回答者的需要，贴出auth代码

return [

/*

|--------------------------------------------------------------------------

| Authentication Defaults

|--------------------------------------------------------------------------

|

| This option controls the default authentication "guard" and password

| reset options for your application. You may change these defaults

| as required, but they're a perfect start for most applications.

|

*/

'defaults' => [

'guard' => 'web',

'passwords' => 'users',

],

/*

|--------------------------------------------------------------------------

| Authentication Guards

|--------------------------------------------------------------------------

|

| Next, you may define every authentication guard for your application.

| Of course, a great default configuration has been defined for you

| here which uses session storage and the Eloquent user provider.

|

| All authentication drivers have a user provider. This defines how the

| users are actually retrieved out of your database or other storage

| mechanisms used by this application to persist your user's data.

|

| Supported: "session", "token"

|

*/

'guards' => [

'web' => [

'driver' => 'session',

'provider' => 'users',

],

'api' => [

// jhc 修改

'driver' => 'passport',

'provider' => 'users',

],

],

/*

|--------------------------------------------------------------------------

| JUser Providers

|--------------------------------------------------------------------------

|

| All authentication drivers have a user provider. This defines how the

| users are actually retrieved out of your database or other storage

| mechanisms used by this application to persist your user's data.

|

| If you have multiple user tables or models you may configure multiple

| sources which represent each model / table. These sources may then

| be assigned to any extra authentication guards you have defined.

|

| Supported: "database", "eloquent"

|

*/

'providers' => [

'users' => [

'driver' => 'eloquent',

'model' => App\Models\User::class,//jhc 修改

],

// 'users' => [

// 'driver' => 'database',

// 'table' => 'users',

// ],

],

/*

|--------------------------------------------------------------------------

| Resetting Passwords

|--------------------------------------------------------------------------

|

| You may specify multiple password reset configurations if you have more

| than one user table or model in the application and you want to have

| separate password reset settings based on the specific user types.

|

| The expire time is the number of minutes that the reset token should be

| considered valid. This security feature keeps tokens short-lived so

| they have less time to be guessed. You may change this as needed.

|

*/

'passwords' => [

'users' => [

'provider' => 'users',

'table' => 'password_resets',

'expire' => 60,

],

],

// jhc 添加

'agent' => [

'agent_id' => env('AUTH_AGENT_ID', ''),

'redirect_url' => env('AUTH_REDIRECT_URL', ''),

'platform_url' => env('AUTH_PALTFORM_URL', ''),

'gateway_url' => env('AUTH_GATEWAY_URL', ''),

'corp_user_api' => 'auth_user',

'corp_token_api' => 'corp_tokens',

'corp_info' => 'auth_corp',

'token' => env('AUTH_TOKEN', ''),

'encoding_key' => env('AUTH_ENCODING_KEY', '')

],

];