以前のページで説明したとおり,ログインを実行するたびに新たなトークンが新規に発行されます.ここではユーザが自身で発行した全てのトークンを一覧で取得してみます.
まずルート定義に /tokens の URI を追加します.
routes/api.php (抜粋)
Route::group(['middleware' => 'auth:sanctum'], function(){
Route::get('/comments', [CommentController::class, 'index']) -> name('comments.index');
Route::get('/comments/{comment_id}', [CommentController::class, 'show']) -> name('comments.show');
Route::post('/comments', [CommentController::class, 'store']) -> name('comments.store');
Route::put('/comments/{comment_id}', [CommentController::class, 'update']) -> name('comments.update');
Route::delete('/comments/{comment_id}', [CommentController::class, 'destroy']) -> name('comments.destroy');
Route::get('/user', [UserController::class, 'show']) -> name('user.show');
Route::get('/tokens', [UserController::class, 'tokens']) -> name('user.tokens');
});
Route::post('login', [UserController::class, 'login']);
続いてコントローラに tokens() 関数を追加します.
app/Http/Controllers/UserController.php
<?php
namespace App\Http\Controllers;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
use App\Models\User;
class UserController extends Controller
{
function login(Request $request)
{
$user = User::where('email', $request->email)->first();
if (!$user || !password_verify($request->password, $user->password)) {
return response([
'message' => ['認証情報が異なります']
], 404);
}
$token = $user->createToken('comments-api-token')->plainTextToken;
$response = [
'user' => $user,
'token' => $token
];
return response($response, 201);
}
function show()
{
$user = Auth::user();
return ['user' => $user, 'comments' => $user->comments];
}
function tokens()
{
$user = Auth::user();
$tokens = $user->tokens;
return $tokens;
// return ["tokens" => $tokens, "user" => $user]; // これでも良い
}
}
ユーザID = 1 の発行済みトークンで接続してトークンの一覧を確認すると,発行済みトークンは1件であることがわかりました.ただし,トークンそのものはやはり表示されないことに注意してください.
C:\Users\Rinsaka>curl -H "Authorization: Bearer 1|fzYV0EEfaDBGy5sifY9V3A6LWZBPmZklpWy4Auxd018912e0" http://192.168.56.101:8000/api/tokens/ ⏎ [{"id":1,"tokenable_type":"App\\Models\\User","tokenable_id":1,"name":"comments-api-token","abilities":["*"],"last_used_at":"2023-12-18T03:27:14.000000Z","expires_at":null,"created_at":"2023-12-18T02:21:08.000000Z","updated_at":"2023-12-18T03:27:14.000000Z"}] C:\Users\Rinsaka>
同じユーザで2回続けてトークンを発行します.発行されたトークンの ID は 4 と 5 になりました.
C:\Users\Rinsaka>curl -X POST -d "email=a@sample.com" -d "password=abc" http://192.168.56.101:8000/api/login/ ⏎ {"user":{"id":1,"name":"A. Sample","email":"a@sample.com","email_verified_at":null,"created_at":"2023-11-02T15:01:01.000000Z","updated_at":"2023-11-02T15:01:01.000000Z"},"token":"4|pZZRrP4XsvmtsI5dF6gxyxZPa66yR5p43muS4u7obcf94fa6"} C:\Users\Rinsaka>curl -X POST -d "email=a@sample.com" -d "password=abc" http://192.168.56.101:8000/api/login/ ⏎ {"user":{"id":1,"name":"A. Sample","email":"a@sample.com","email_verified_at":null,"created_at":"2023-11-02T15:01:01.000000Z","updated_at":"2023-11-02T15:01:01.000000Z"},"token":"5|EKxCQ0KbIDIofZ0CglUgYxL8oeHPOzu7t43HJk9Bfdb5c692"} C:\Users\Rinsaka>
トークンの一覧を取得すると,新規に発行したトークン(id = 4, 5)も含まれていることがわかりました.
C:\Users\Rinsaka>curl -H "Authorization: Bearer 1|fzYV0EEfaDBGy5sifY9V3A6LWZBPmZklpWy4Auxd018912e0" http://192.168.56.101:8000/api/tokens/ ⏎ [{"id":1,"tokenable_type":"App\\Models\\User","tokenable_id":1,"name":"comments-api-token","abilities":["*"],"last_used_at":"2023-12-18T03:28:52.000000Z","expires_at":null,"created_at":"2023-12-18T02:21:08.000000Z","updated_at":"2023-12-18T03:28:52.000000Z"},{"id":4,"tokenable_type":"App\\Models\\User","tokenable_id":1,"name":"comments-api-token","abilities":["*"],"last_used_at":null,"expires_at":null,"created_at":"2023-12-18T03:28:20.000000Z","updated_at":"2023-12-18T03:28:20.000000Z"},{"id":5,"tokenable_type":"App\\Models\\User","tokenable_id":1,"name":"comments-api-token","abilities":["*"],"last_used_at":null,"expires_at":null,"created_at":"2023-12-18T03:28:21.000000Z","updated_at":"2023-12-18T03:28:21.000000Z"}] C:\Users\Rinsaka>