我正在检查用户是否已登录
Class LoginController extends BaseController {
public function getIndex(){
return View::make('login',array('eventname' => Request::segment(1)));
}
public function postIndex(){
$xx = User::where('email','=',Input::get('email'))->where('event','=',$requestedevent)->first();
$eventattempt = Input::get('event');
if ($xx){
if(Auth::attempt($userDetails)){
if(Auth::check()){
// return var_dump($xx->id);
Session::put('username',Auth::user()->name);
Session::put('userid',Auth::user()->id);
Session::put('event',Auth::user()->event);
return Redirect::to($eventattempt.'/form/page1');
}
} else {
return Redirect::to($eventattempt.'/login')->with('login_errors',true);
}
} else {
return Redirect::to($eventattempt.'/login')->with('login_errors',true);
}
}
}
然后我在Form控制器中做了一个像这样的过滤器
<?php
Class FormController extends BaseController{
public function __construct(){
$this->beforeFilter('auth');
$this->beforeFilter('eventcheck');
}
}
我的filters.php看起来像这样
/*
|--------------------------------------------------------------------------
| Application & Route Filters
|--------------------------------------------------------------------------
|
| Below you will find the "before" and "after" events for the application
| which may be used to do any work before or after a request into your
| application. Here you may also register your custom route filters.
|
*/
App::before(function($request)
{
//
});
App::after(function($request, $response)
{
//
});
/*
|--------------------------------------------------------------------------
| Authentication Filters
|--------------------------------------------------------------------------
|
| The following filters are used to verify that the user of the current
| session is logged into this application. The "basic" filter easily
| integrates HTTP Basic authentication for quick, simple checking.
|
*/
Route::filter('auth', function()
{
//dd('ssss');
if (Auth::guest()){
if (Request::ajax())
{
return Response::make('Unauthorized', 401);
}
else
{
dd(Session::get('event'));
return Redirect::guest('login');
}
}
});
Route::filter('auth.basic', function()
{
return Auth::basic();
});
/*
|--------------------------------------------------------------------------
| Guest Filter
|--------------------------------------------------------------------------
|
| The "guest" filter is the counterpart of the authentication filters as
| it simply checks that the current user is not logged in. A redirect
| response will be issued if they are, which you may freely change.
|
*/
Route::filter('guest', function()
{
if (Auth::check()) return Redirect::to('/');
});
/*
|--------------------------------------------------------------------------
| CSRF Protection Filter
|--------------------------------------------------------------------------
|
| The CSRF filter is responsible for protecting your application against
| cross-site request forgery attacks. If this special token in a user
| session does not match the one given in this request, we'll bail.
|
*/
Route::filter('csrf', function()
{
if (Session::token() != Input::get('_token'))
{
throw new Illuminate\Session\TokenMismatchException;
}
});
Route::filter('eventcheck',function(){
//dd(Session::get('event'));
switch(Request::segment(1))
{
case 'rescom_summit_bangalore_2016':
$requestedevent = 'Rescom Summit Bangalore 2016';
break;
case 'design_mission_saudi_arabia_2016':
$requestedevent = 'Design Mission Saudi Arabia 2016';
break;
case 'design_mission_north_east_2016':
$requestedevent = 'Design Mission North East 2016';
break;
case 'design_mission_south_west_2016':
$requestedevent = 'Design Mission South West 2016';
break;
case 'design_mission_middle_east_2016':
$requestedevent = 'Design Mission Middle East 2016';
break;
case 'design_mission_south_africa_2016':
$requestedevent = 'Design Mission South Africa 2016';
break;
case 'design_mission_turkey_2016':
$requestedevent = 'Design Mission Turkey 2016';
break;
case 'design_mission_asia_2016':
$requestedevent = 'Design Mission Asia 2016';
break;
case 'design_mission_russia_2016':
$requestedevent = 'Design Mission Russia 2016';
break;
case 'healthscape_series_2016':
$requestedevent = 'Healthscape Series 2016';
break;
case 'hotelier_summit_africa_2016':
$requestedevent = 'Hotelier Summit Africa 2016';
break;
case 'design_mission_middle_east_2016':
$requestedevent = 'Design Mission Middle East 2016';
break;
case 'hotelier_summit_india_0se_2016':
$requestedevent = 'Hotelier Summit India Ose 2016';
break;
case 'hotelier_summit_india_Ffe_2016':
$requestedevent = 'Hotelier Summit India Ffe 2016';
break;
}
if ($requestedevent!=Auth::User()->event){
Auth::logout();
Session::flush();
return Redirect::to(Request::segment(1).'/login')->with('login_errors',true);
}
});
所以我在登录后尝试打印Session::get('event')
变量,在我的 Production Server 中显示NULL,但不在我的 本地服务器
任何想法为什么会发生这种情况
更新
我的会话配置看起来像这样
<?php
return array(
/*
|--------------------------------------------------------------------------
| Default Session Driver
|--------------------------------------------------------------------------
|
| This option controls the default session "driver" that will be used on
| requests. By default, we will use the lightweight native driver but
| you may specify any of the other wonderful drivers provided here.
|
| Supported: "file", "cookie", "database", "apc",
| "memcached", "redis", "array"
|
*/
'driver' => 'cookie',
/*
|--------------------------------------------------------------------------
| Session Lifetime
|--------------------------------------------------------------------------
|
| Here you may specify the number of minutes that you wish the session
| to be allowed to remain idle before it expires. If you want them
| to immediately expire on the browser closing, set that option.
|
*/
'lifetime' => 120,
'expire_on_close' => false,
/*
|--------------------------------------------------------------------------
| Session File Location
|--------------------------------------------------------------------------
|
| When using the native session driver, we need a location where session
| files may be stored. A default has been set for you but a different
| location may be specified. This is only needed for file sessions.
|
*/
'files' => storage_path().'/sessions',
/*
|--------------------------------------------------------------------------
| Session Database Connection
|--------------------------------------------------------------------------
|
| When using the "database" or "redis" session drivers, you may specify a
| connection that should be used to manage these sessions. This should
| correspond to a connection in your database configuration options.
|
*/
'connection' => null,
/*
|--------------------------------------------------------------------------
| Session Database Table
|--------------------------------------------------------------------------
|
| When using the "database" session driver, you may specify the table we
| should use to manage the sessions. Of course, a sensible default is
| provided for you; however, you are free to change this as needed.
|
*/
'table' => 'sessions',
/*
|--------------------------------------------------------------------------
| Session Sweeping Lottery
|--------------------------------------------------------------------------
|
| Some session drivers must manually sweep their storage location to get
| rid of old sessions from storage. Here are the chances that it will
| happen on a given request. By default, the odds are 2 out of 100.
|
*/
'lottery' => array(2, 100),
/*
|--------------------------------------------------------------------------
| Session Cookie Name
|--------------------------------------------------------------------------
|
| Here you may change the name of the cookie used to identify a session
| instance by ID. The name specified here will get used every time a
| new session cookie is created by the framework for every driver.
|
*/
'cookie' => 'laravel_session',
/*
|--------------------------------------------------------------------------
| Session Cookie Path
|--------------------------------------------------------------------------
|
| The session cookie path determines the path for which the cookie will
| be regarded as available. Typically, this will be the root path of
| your application but you are free to change this when necessary.
|
*/
'path' => '/',
/*
|--------------------------------------------------------------------------
| Session Cookie Domain
|--------------------------------------------------------------------------
|
| Here you may change the domain of the cookie used to identify a session
| in your application. This will determine which domains the cookie is
| available to in your application. A sensible default has been set.
|
*/
'domain' => null,
/*
|--------------------------------------------------------------------------
| HTTPS Only Cookies
|--------------------------------------------------------------------------
|
| By setting this option to true, session cookies will only be sent back
| to the server if the browser has a HTTPS connection. This will keep
| the cookie from being sent to you if it can not be done securely.
|
*/
'secure' => false,
);
答案 0 :(得分:0)
可能是这种情况。
来自laravel docs:https://laravel.com/docs/master/routing
未放置在Web中间件组中的任何路由都不会 访问会话和CSRF保护,因此请确保所有路由 需要将这些功能放在组内。通常情况下,你会 将您的大部分路线放在此群组中:
Route::group(['middleware' => ['web']], function () {
//all routes
});
将您的路线放在中间件中,您的问题就会解决。