Laravel 4:如何保护组路由管理员和用户?

时间:2014-09-07 07:25:29

标签: laravel-4

美好的一天!请告诉我如何分割路由用户和管理员?要授权用户访问您的主页,并且只能移动到正确的路线,管理员会在您的网页上显示并且只能看到他们的路线。 我的文件routes.php 

Route::get('/', array(
'as' => 'home',
'uses' => 'HomeController@home'
));




Route::group(array('before' => 'auth'), function(){

Route::group(array('before' => 'csrf'), function(){

    Route::post('/account/change-password', array(
        'as' => 'account-change-password-post',
        'uses' => 'AccountController@postChangePassword'
    ));
});

Route::get('/account/change-password', array(
    'as' => 'account-change-password',
    'uses' => 'AccountController@getChangePassword'
));


Route::get('/user/{username}', array(
    'as' => 'profile-user',
    'uses' => 'ProfileController@user'
)); 

Route::get('/account/sign-out', array(
    'as' => 'account-sign-out',
    'uses' => 'AccountController@getSignOut'
));

});




Route::group(array('before' => 'admin'), function(){
Route::get('/dashboard', array(
    'as' => 'dashboard',
    'uses' => 'TiketsController@dashboard'
));

Route::get('/tiket-new', array(
    'as' => 'tiket-new',
    'uses' => 'TiketsController@tiketNew'
));

Route::get('/tiket-work', array(
    'as' => 'tiket-work',
    'uses' => 'TiketsController@tiketWork'
));

Route::get('/tiket-complete', array(
    'as' => 'tiket-complete',
    'uses' => 'TiketsController@tiketComplete'
));

Route::get('/tiket-arhive', array(
    'as' => 'tiket-arhive',
    'uses' => 'TiketsController@tiketArhive'
));
});


Route::group(array('before' => 'user'), function(){


Route::get('/user-dashboard', array(
    'as' => 'user-dashboard',
    'uses' => 'TiketsController@userDashboard'
));
});

我的AccountController.php 

public function postSignIn(){

    $validator = Validator::make(Input::all(), 
        array(
            'email'          => 'required|email',
            'password'       => 'required'
    ));

    if($validator->fails()){

        return Redirect::route('account-sign-in')
                ->withErrors($validator)
                ->withInput();
    } else {

        $remember = (Input::has('remember')) ? true : false;



        $auth = Auth::attempt(array(
            'email' => Input::get('email'),
            'password' => Input::get('password'),
            'active' => 1
        ), $remember);





        if($auth){
            if (Auth::user()->role==5) {

                return Redirect::intended('/dashboard');
            }
            if (Auth::user()->role==1) {

                return Redirect::intended('/user-dashboard');
            }


        } else {
            return Redirect::route('account-sign-in')
                ->with('global', 'Error');
        }
    }

不幸的是,当这样的路由管理员和用户可以看到彼此的页面。请尽可能详细地告诉我,如何区分不同的用户群?

1 个答案:

答案 0 :(得分:1)

你可以使用

Route::filter('pattern: admin/*', 'auth')

这种匹配模式如

admin/cpanel
admin/dir/path/...

。 。 

Route::filter('pattern: user/*', 'auth2')
相关问题
最新问题