我已经覆盖了postLogin以检查用户状态的尝试方法以及用户名和密码
我的更新代码是:
public function postLogin(Request $request)
{
$this->validate($request, [
'username' => 'required',
'password' => 'required',
]);
$credentials = $request->only('username', 'password', 'status' = 1);
if ($this->auth->attempt($credentials, $request->has('remember')))
{
return redirect()->intended($this->redirectPath());
}
return redirect($this->loginPath())
->withInput($request->only('username', 'remember'))
->withErrors([
'username' => 'These credentials do not match our records.',
]);
}
但不起作用,用户状态为0,他可以登录。
我的错在哪里?
答案 0 :(得分:3)
你做错了。如果您想在登录过程中添加其他检查,则无需覆盖postLogin()
相反,您需要添加middleware,以便在请求后检查状态:
artisan make:middleware UserStatusMiddleware
编辑中间件以在请求后检查状态:
class UserStatusMiddleware {
/**
* The Guard implementation.
*
* @var Guard
*/
protected $auth;
/**
* Create a new filter instance.
*
* @param Guard $auth
* @return void
*/
public function __construct(Guard $auth)
{
$this->auth = $auth;
}
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
$user = $this->auth->getUser();
if ($user->status === 1) {
return Redirect::to('home');
} else {
$this->auth->logout();
return Redirect::to('auth/login');
}
}
}
app/Http/Kernel.php protected $routeMiddleware = [
'status' => 'App\Http\Middleware\UserStatusMiddleware',
];
$router->post("/auth/login", "Auth\AuthController@postLogin", ['middleware' => 'status']);
答案 1 :(得分:0)
试试吧
$credentials = $request->only('username', 'password');
if(empty($credentials['status'])){
$credentials['status'] = 1;
}