Question

$this->beforeFilter(function()
        {
             Config::set('auth.model', 'User');
             if ((Auth::guest())) {
            //dd(Auth::guest());
            $msg3  = "Please Login First";
            // dd("ok");
            return Redirect::to(Request::root().'/auth')->with("error_message", $msg3);

            }

        });

我正在使用Auth :: guest（）函数来阻止未经授权的访问但是当我点击URL时，未经授权的访问工作正常但登录失败...没有这部分代码登录使用Auth :: attempt（）工作正常..什么可能是问题？

修改 //用于登录的AuthController

<?php

// uncomment this to use namespaced controller
//namespace Modules\admin\Controllers;

class AuthController extends \BaseController
{
    public function __construct()
    {
        $this->beforeFilter(function()
        {
            Config::set('auth.model', 'User');
        });
    }



    public function getIndex()
    {

        return \View::make("login");
    }


    public function postLogin()
    {
        $msg7  = "Invalid email address or password";
        // $results['userData'] = user::get();
        // dd($results);
        //$password=Input::get('password');
        //$password=Hash::make('secret');

        $userData = array(
        'email' => Input::get('email'),
        'password'=> Input::get('password')
        );

         $email=Input::get('email');
        // $password=Input::get('password');
  //    dd($password);
        //dd($userData);
        $rules = array(
        'email' => 'required|email',
        'password' => 'required|min:5'
        );



        $remember=Input::get('remember');

        $remember_me=false;
        if (!empty($remember)) {
            $remember_me=true;
        }

        $validator = Validator::make(Input::get(), $rules);
        if($validator->fails()){

            // redirect to the login page with validation errors
            return Redirect::to(Request::root().'/auth')->withErrors($validator)->withInput();


        }


        else{

            //dd(Auth::attempt($userData));
            // check authentication
            if(Auth::attempt($userData,$remember_me)){
                // dd(Auth::attempt($userData));                // redirect to the dashboard page
                 //dd($userData);

                return Redirect::to(Request::root().'/home');

            }else{
                //dd($userData);
                //DB::table('user')->insert($userData);             
                //dd("test");
                // redirect to the login page with error message
                return Redirect::to(Request::root().'/auth')->with("error_message", $msg7);
            }

        }
    }


// logout function
    public function getLogout()
    {
        // delete all data from sesstion
        Auth::logout();
        Session::flush();
        // redirect to login page
        return Redirect::to(Request::root().'/auth');
    }

}

//阻止未经授权访问的DashboardController

<?php

class DashboardController extends BaseController{

    public function __construct()
    {
        $this->beforeFilter(function()
        {
             Config::set('auth.model', 'User');


            if ((Auth::guest())) {
            //dd(Auth::guest());
            $msg3  = "Please Login First";
            // dd("ok");
            return Redirect::to(Request::root().'/auth')->with("error_message", $msg3);

            }

        });

    }


    public function getIndex()
    {
            //dd(Auth::check());

        return View::make('home');
    }

}

Answer 1

问题是您应该在发送登录表单数据时排除您的操作。如果您的控制器中有方法postLogin来处理登录表单中的POST数据，则应使用：

  $this->beforeFilter(function() {
          // here goes code of your filter
  }, array('except' => 'postLogin'));

Reference

Laravel身份验证

1 个答案: