我在一个应用程序中有两个受保护区域,但只有admin用户可以在用户(Admin)和employee两个区域中登录。请给我一个问题的建议。
routes.php文件
Route::get('employee/login', array(
'uses' => 'LoginController@create',
'as' => 'login.create'
));
Route::post('employee/login', array(
'uses' => 'LoginController@store',
'as' => 'login.store'
));
LoginController.php
<?php namespace App\Http\Controllers;
use App\Http\Requests;
use App\Http\Controllers\Controller;
use View;
use Illuminate\Http\Request;
use Input;
use Auth;
use Config;
use Redirect;
use App\Employee;
use DB;
use Validator;
class LoginController extends Controller {
public function __construct()
{
Config::set('auth.model', 'Employee');
Config::set('session.path', '/employee');
}
public function create()
{
return View::make('employee.login');
}
public function store()
{
if(Auth::attempt(array('email' => Input::get('email'), 'password' => Input::get('password'))))
{
return Redirect::intended('employee/home');
}
return Redirect::route('login.create')
->withInput()
->with('login_errors', true);
}
public function destroy()
{
Log::logout();
return View::make('employee.destroy');
}
}
Login.blade.php
<html>
<head>
<link href='css/style.css' rel='stylesheet' type='text/css'>
<link href='../css/style.css' rel='stylesheet' type='text/css'>
</head>
<body>
<div class="head_text">
<h2 style="text-align:center;">Employee Login</h2>
</div>
<div class="login_table">
{!! Form::open(array('route' => 'login.store')) !!}
<h1 style="text-align:center;">Login</h1>
<p>
{!! $errors->first('email') !!}
{!! $errors->first('password') !!}
</p>
<p>
{!! Form::label('email', 'Email Address') !!}
{!! Form::text('email', Input::old('email'), array('placeholder' => 'awesome@awesome.com')) !!}
</p>
<p>
{!! Form::label('password', 'Password') !!}
{!! Form::password('password') !!}
</p>
<p>
{!! Form::submit('Login') !!}
</p>
{!! Form::close() !!}
</div>
</body>
</html>
员工(模型)
<?php namespace App\Models;;
use Illuminate\Database\Eloquent\Model;
use Illuminate\Auth\Authenticatable;
use Illuminate\Auth\Passwords\CanResetPassword;
use Illuminate\Auth\Passwords\CanResetPassword;
use Illuminate\Contracts\Auth\Authenticable;
use Illuminate\Auth\Authenticable as AuthenticableTrait;
use Illuminate\Support\Facades\Auth;
use Illuminate\Contracts\Auth\Authenticatable as AuthenticatableContract;
use Illuminate\Contracts\Auth\CanResetPassword as CanResetPasswordContract;
class Employee extends Model implements AuthenticatableContract, CanResetPasswordContract {
use Authenticatable, CanResetPassword;
protected $table = 'employee';
protected $fillable = [
'firstname',
'lastname',
'email',
'birthdate',
'address',
'phone',
'mobileno',
'employeetype',
'partment',
'uniqueemployeeid',
'password',
'repassword'
];
public function setRememberToken($value)
{
$this->remember_token = $value;
}
public function getRememberTokenName()
{
return 'remember_token';
}
public function setPasswordAttrribute($password)
{
$this->attributes['password']=Hash::make($password);
}
public static $rules = array(
'firstname' => 'required',
'lastname' => 'required',
'email' => 'required|email',
'birthdate' => 'required',
'address' => 'required',
'phone' => 'required',
'mobileno' => 'required',
'employeetype' => 'required',
'department' => 'required',
'uniqueemployeeid' => 'required',
'password' => 'required',
'repassword' => 'required|same:password'
);
public function getFullName()
{
return $this->firstname ;
}
}
auth.php
<?php
return [
'driver' => 'eloquent',
'model' => 'App\User',
'model' => 'App\Employee',
'table' => 'users',
'table' => 'employee',
'password' => [
'email' => 'emails.password',
'table' => 'password_resets',
'expire' => 60,
],
];
答案 0 :(得分:3)
要实现这一点,您必须采用以下两种方法之一:RBAC或多重身份验证。
如果您的用户数据(电子邮件,密码,名称,...)存储在一个表中,请使用RBAC。 RBAC通过为每个用户分配角色来工作,因此您将拥有具有管理员或员工角色的用户。然后使用中间件,您可以根据经过身份验证的用户的角色限制对受保护区域的访问。您可以使用多个记录良好的Laravel软件包来实现这一目标,例如Entrust或Laravel-permissions
如果用户数据没有存储在一个表中,例如您有admin表和employee表。使用多重身份验证,您可以在其中定义多个可验证的模型或用户表。然后,您可以根据经过身份验证的用户本身限制对受保护区域的访问。这是Laravel 5.2中的内置功能。对于Laravel 5.1,您可以使用MultiAuth包。