我正在以下列方式验证我的用户
<?php
namespace App\Http\Controllers;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
use App\Http\Requests;
use App\Http\Controllers\Controller;
use Illuminate\Support\Facades\Input;
use App\User;
use Session;
use Validator;
class CollectionloginController extends Controller
{
/**
* Display a listing of the resource.
*
* @return Response
*/
public function getIndex(){
return View('collectionmodule/login');
}
public function postCollectionlogin(){
$rules = array(
'email'=>'required',
'password'=>'required'
);
$validator = Validator::make(Input::all(), $rules);
if ($validator->fails())
{
return redirect('collection/login')->withErrors($validator);
}else {
$cred = array(
'email' => Input::get('email'),
'password' => Input::get('password')
);
$role = User::where('email','=',Input::get('email'))->first();
if (Auth::attempt($cred) && $role->role == 'collector'){
if (Auth::check()){
Session::put('role','collector');
Session::put('name',Auth::user()->name);
return redirect('collection/home');
}
}
else{
Session::flush();
Auth::logout();
return redirect('collection/login')->with('login_errors',true);
}
}
}
}
和我的路线是
//Collection started by vikram
Route::controller('collection/login','CollectionloginController');
Route::controller('collection/home','CollectionController');
Route::get('collection', function () {
return view('collectionmodule.login');
});
Route::get('collection/logout',function(){
Session::flush();
Auth::logout();
return Redirect::to('collection/target');
});
控制器是
命名空间App \ Http \ Controllers;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
use App\Http\Requests;
use App\Http\Controllers\Controller;
use Illuminate\Support\Facades\Input;
use App\User;
class CollectionController extends Controller
{
/**
* Display a listing of the resource.
*
* @return Response
*/
public function getIndex(){
$empid= Auth::user()->empid;
$invoice = Invoice::orderBy('Id', 'desc')->get();
return View('collectionmodule/home')->with(array('invoices'=>$invoice));
}
}
我的问题是如何在访问任何函数之前验证类collectionContorller,就像经过身份验证的用户不是收集器一样,它应该重定向回登录页面
我也遇到类似的问题
我想到的一种方法是这样的
public function __construct(){
if(Session::get('role')!="collector"){
$validotrs= "The User is not a collector";
return redirect('collection/login')->withErrors($validator);
}
}
任何人都可以帮助我
答案 0 :(得分:3)
您不应手动设置会话。如果用户已登录,您可以通过Auth外观访问它,如下所示:Auth::user()。
但基本上,如果要在处理请求之前检查当前的身份验证设置或其他任何设置,则应使用Middleware。
php artisan make:middleware Collector
在App\Http\Middleware\Collector下新创建的文件中,您可以更改handle函数来表示您的逻辑:
public function handle($request, Closure $next)
{
if (Session::get('role') != "collector")
return redirect('collection/login');
// Alternatively, using Auth Facade
if ($request->user()->role != 'collector')
return redirect('collection/login');
return $next($request);
}
现在您必须在App\Http\Kernel.php数组的$routeMiddleware中注册中间件。
'collector' => \App\Http\Middleware\Collector::class,
在您的收藏家 - 控制器中,您现在可以像这样引用它:
public function __construct()
{
$this->middleware('collector');
}
在每次向控制器发出请求时,collector中间件都会被检查并执行您定义的逻辑。
修改
如果您需要动态中间件,它看起来像这样:
# /App/Http/Middlware/Role.php
public function handle($request, Closure $next, $role)
{
if ($request->user()->role != $role)
return redirect('collection/login');
return $next($request);
}
在你的控制器中:
public function __construct()
{
$this->middleware('role:collector'); // replace 'collector' with whatever role you need.
}