laravel 5.2 auth不起作用

时间:2016-02-05 04:40:52

标签: php laravel authentication csrf

嗨,我有一个超级堰auth登录我的应用程序工作就像6个月但1天用户,我不能再登录了

登录后我得到了

     TokenMismatchException in VerifyCsrfToken.php line 67:

所以我尝试在VerifyCrsftoken上添加异常URL,就像这样

      protected $except = [
          '/login'
      ];

现在我再次登录登录页面后得到重定向循环我的猜测是auth返回false正确的电子邮件/密码或者不是超级堰,我不知道是什么原因导致任何人都可以帮助我?

route.php

Route::group(['middleware' => 'web'], function () {
    Route::auth();
    Route::get('/', 'WelcomeController@index');
    Route::get('/home', 'AdminController@index');
    Route::get('admin', 'AdminController@index');
    Route::get('admin/tour', 'AdminController@tour');
});

admincontroller.php

<?php namespace App\Http\Controllers;

use App\Http\Requests;
use App\Http\Controllers\Controller;
use Illuminate\Http\Request;
use App\Booking;
use App\Booktour;
use App\Bookcustomer;
use App\Bookdiscount;
use App\Booktourpay;
use App\Customerorder;
use App\Tourdetail;
use App\Tourperiod;
use App\Tourlead;
use Session;
use View;
use Carbon\Carbon;
use Auth;
use Datetime;
use DB;
use Image;
use App\User;

    class AdminController extends Controller {

        public function __construct()
        {
            $this->middleware('auth');
        }

        public function index()
        {
            $count_customer = Bookcustomer::count();    
            $getuser = Auth::user()->name;
            $booking_order = Booking::where('sales_name', '=',$getuser)
                                            ->orderby('created_at', 'DSEC')
                                            ->get();    
            $booktour_open = DB::table('tourlist')->where('status' ,'=', 'เปิดขาย')->count();
            $tour = Booktour::where('status', 'เปิดขาย')
                                    ->orderby('depart_date', 'asc')
                                    ->get();
            $unpaid = Booking::where('sales_name', '=', $getuser)
                                    ->where('status', 'รอเงินโอน')
                                    ->count();      

            $allbook_list = Booking::where('status', '=', "รอเงินโอน")->orderby('created_at', 'DSEC')->get();   
            $today_date = strtotime('now');     
            $payment_list = Booktourpay::Today()->get();

            $user_list_payment = Booktourpay::where('create_by', '=', $getuser)->get();

            return view('admin.home')
            ->with('booking_order', $booking_order)
            ->with('count_customer', $count_customer)
            ->with('booktour_open', $booktour_open)
            ->with('tour', $tour)
            ->with('unpaid', $unpaid)
            ->with('allbook_list', $allbook_list)
            ->with('payment_list', $payment_list)
            ->with('user_list_payment', $user_list_payment);
        }

auth.php

<?php
return [
    /*
    |--------------------------------------------------------------------------
    | Authentication Defaults
    |--------------------------------------------------------------------------
    |
    | This option controls the default authentication "guard" and password
    | reset options for your application. You may change these defaults
    | as required, but they're a perfect start for most applications.
    |
    */
    'defaults' => [
        'guard' => 'web',
        'passwords' => 'users',
    ],
    /*
    |--------------------------------------------------------------------------
    | Authentication Guards
    |--------------------------------------------------------------------------
    |
    | Next, you may define every authentication guard for your application.
    | Of course, a great default configuration has been defined for you
    | here which uses session storage and the Eloquent user provider.
    |
    | All authentication drivers have a user provider. This defines how the
    | users are actually retrieved out of your database or other storage
    | mechanisms used by this application to persist your user's data.
    |
    | Supported: "session", "token"
    |
    */
    'guards' => [
        'web' => [
            'driver' => 'session',
            'provider' => 'users',
        ],
        'api' => [
            'driver' => 'token',
            'provider' => 'users',
        ],
    ],
    /*
    |--------------------------------------------------------------------------
    | User Providers
    |--------------------------------------------------------------------------
    |
    | All authentication drivers have a user provider. This defines how the
    | users are actually retrieved out of your database or other storage
    | mechanisms used by this application to persist your user's data.
    |
    | If you have multiple user tables or models you may configure multiple
    | sources which represent each model / table. These sources may then
    | be assigned to any extra authentication guards you have defined.
    |
    | Supported: "database", "eloquent"
    |
    */
    'providers' => [
        'users' => [
            'driver' => 'eloquent',
            'model' => App\User::class,
        ],
        // 'users' => [
        //     'driver' => 'database',
        //     'table' => 'users',
        // ],
    ],
    /*
    |--------------------------------------------------------------------------
    | Resetting Passwords
    |--------------------------------------------------------------------------
    |
    | Here you may set the options for resetting passwords including the view
    | that is your password reset e-mail. You may also set the name of the
    | table that maintains all of the reset tokens for your application.
    |
    | You may specify multiple password reset configurations if you have more
    | than one user table or model in the application and you want to have
    | separate password reset settings based on the specific user types.
    |
    | The expire time is the number of minutes that the reset token should be
    | considered valid. This security feature keeps tokens short-lived so
    | they have less time to be guessed. You may change this as needed.
    |
    */
    'passwords' => [
        'users' => [
            'provider' => 'users',
            'email' => 'auth.emails.password',
            'table' => 'password_resets',
            'expire' => 60,
        ],
    ],
];

login.blade.php

@extends('layouts.app')

@section('content')
<div class="container">
    <div class="row">
        <div class="col-md-8 col-md-offset-2">
            <div class="panel panel-default">
                <div class="panel-heading">Login</div>
                <div class="panel-body">
                    <form class="form-horizontal" role="form" method="POST" action="{{ url('/login') }}">
                        {!! csrf_field() !!}

                        <div class="form-group{{ $errors->has('email') ? ' has-error' : '' }}">
                            <label class="col-md-4 control-label">E-Mail Address</label>

                            <div class="col-md-6">
                                <input type="email" class="form-control" name="email" value="{{ old('email') }}">

                                @if ($errors->has('email'))
                                    <span class="help-block">
                                        <strong>{{ $errors->first('email') }}</strong>
                                    </span>
                                @endif
                            </div>
                        </div>

                        <div class="form-group{{ $errors->has('password') ? ' has-error' : '' }}">
                            <label class="col-md-4 control-label">Password</label>

                            <div class="col-md-6">
                                <input type="password" class="form-control" name="password">

                                @if ($errors->has('password'))
                                    <span class="help-block">
                                        <strong>{{ $errors->first('password') }}</strong>
                                    </span>
                                @endif
                            </div>
                        </div>

                        <div class="form-group">
                            <div class="col-md-6 col-md-offset-4">
                                <div class="checkbox">
                                    <label>
                                        <input type="checkbox" name="remember"> Remember Me
                                    </label>
                                </div>
                            </div>
                        </div>

                        <div class="form-group">
                            <div class="col-md-6 col-md-offset-4">
                                <button type="submit" class="btn btn-primary">
                                    <i class="fa fa-btn fa-sign-in"></i>Login
                                </button>

                                <a class="btn btn-link" href="{{ url('/password/reset') }}">Forgot Your Password?</a>
                            </div>
                        </div>
                    </form>
                </div>
            </div>
        </div>
    </div>
</div>
@endsection

我尝试向上移动到5.2但仍然不起作用:/

在登录或访问登录页面之后或之前编辑我得到了这个重定向页面是什么造成的? http://postimg.org/image/pcvuyonah/

1 个答案:

答案 0 :(得分:0)

您需要从包含auth中间件的路由组中删除Route :: auth()。