opt

app/Http/Controllers/Passport/AuthController.php

@@ -131,7 +131,8 @@ class AuthController extends Controller
         }
 
         $data = [
-            'token' => $user->token
+            'token' => $user->token,
+            'auth_data' => base64_encode("{$user->email}:{$user->password}")
         ];
         $request->session()->put('email', $user->email);
         $request->session()->put('id', $user->id);
@@ -202,7 +203,10 @@ class AuthController extends Controller
 
     public function getQuickLoginUrl(Request $request)
     {
-        $user = User::where('token', $request->input('token'))->first();
+        $authData = explode(':', base64_decode($request->input('auth_data')));
+        $user = User::where('email', $authData[0])
+            ->where('password', $authData[1])
+            ->first();
         if (!$user) {
             abort(500, '令牌有误');
         }

app/Http/Middleware/User.php

@@ -15,8 +15,11 @@ class User
      */
     public function handle($request, Closure $next)
     {
-        if ($request->input('access_token')) {
-            $user = \App\Models\User::where('token', $request->input('access_token'))->first();
+        if ($request->input('auth_data')) {
+            $authData = explode(':', base64_decode($request->input('auth_data')));
+            $user = \App\Models\User::where('password', $authData[1])
+                ->where('email', $authData[0])
+                ->first();
             if ($user) {
                 $request->session()->put('email', $user->email);
                 $request->session()->put('id', $user->id);

config/app.php

@@ -236,5 +236,5 @@ return [
     | The only modification by laravel config
     |
     */
-    'version' => '1.5.0'
+    'version' => '1.5.1'
 ];