我需要帮助,有人可以告诉我,如果我的工作与身份验证用户配置文件一致吗?我有下一个文件:
file routes.php(本例中我只使用了两组)
<?php
//home
Route::get('/',function()
{
return Redirect::to('login');
});
//login get
Route::get('login','AuthController@showLogin');
//login for form
Route::post('login','AuthController@postLogin');
//routes for admin
Route::group(array('before' => 'adminFilter'),function()
{
Route::get('/adminHomePage',function()
{
return View::make('adminHome');
});
});
//route for common user
Route::group(array('before' => 'commonUserFilter'),function()
{
Route::get('/commonUserPage',function()
{
return View::make('commonPage');
});
});
Route::get('logout','AuthController@logout');
?>
file filters.php
<?php
Route::filter('adminFilter', function($route, $request)
{
if (Auth::user()->profile != 1)
{
return Redirect::to('/logout');
}
});
Route::filter('commonUserFilter',function($route, $request)
{
if (Auth::user()->profile != 2)
{
return Redirect::to('/logout');
}
});
?>
文件AuthController.php
<?php
public function showLogin()
{
return View::make('login');
}
public function postLogin()
{
//Get user data from login form
$user = array(
'user' => Input::get('username'),
'password' => Input::get('password'));
if(Auth::attempt($user,true))
{
switch (Auth::user()->profile)
{
case 1:
//home admin
return Redirect::to('/adminHomePage');
break;
case 2:
//home common user
return Redirect::to('/commonUserPage');
break;
}
}
else
{
return Redirect::to('login')
->with('mensaje_error','Incorrect data.')
->withInput();
}
}
public function logOut()
{
Auth::logout();
return Redirect::to('/login')
->with('mensaje_error', 'Your session was closed.');
}
?>
答案 0 :(得分:0)
一个安全问题(如果您使用的是Laravel 4 +)
在routes.php中:
Route::post('name', Controller@class);
将其更改为:
Route::group(array('before' => 'csrf'), function() {
Route::post('name', Controller@class);
});
在您的表单中,您必须添加以下内容:{{ Form::token() }}。
一个小提示:我更愿意为您的所有路线指定一个独特的名称..如何找到它here。