Laravel - 当用户手动输入未经授权的URL时,如何注销并显示注销页面

时间:2016-05-03 07:15:12

标签: php laravel-5 laravel-request laravel-authorization

我是laravel的初学者。我正在为多个用户使用角色和权限概念。如果用户手动输入不允许该用户的URL,那么我想注销该用户。

我已成功注销用户,但在内容区域部分显示注销页面而不是登录的单页。

请帮帮我。

提前致谢....

图片快照 enter image description here

这是我的ACL代码 -

public function handle($request, Closure $next, $permission = null)
    {
        if ($request->getSession()->has('user')) {
            $userObj = new \App\User;
            if ($userObj->canAccess($request->getSession()->get('user')[0]['userPerm'], $permission)) {
                return $next($request);
            }
            else{ 
                  redirect('logout')->withErrors(array('mst_error' => 'Unauthorized Access!'))->send();exit;
            }
        }
        return $request->isXmlHttpRequest() ? 
            response(json_encode(array('session_logout' => true)), 401) : 
            redirect('login')->withErrors(array('mst_error' => 'You don\'t have any active session. Please login again'));
    }

1 个答案:

答案 0 :(得分:0)

我已经解决了:)

这是我的句柄功能

//  EditSUPER.m
//  HITS Datenbank
//
//  Created by Jonathan Lucas Fritz on 02.05.16.
//  Copyright © 2016 NOSCIO. All rights reserved.
//

#import "EditSUPER.h"
NSString *key_edit;
NSString *index_edit;
NSMutableDictionary *dica4;
UITextView *textview;
@implementation EditSUPER
-(void)loadandsavefor:(NSString *)key andindex:(NSString *)index
{
    self.backgroundColor = [UIColor blackColor];
    key_edit = key;
    index_edit = index;

    UIButton *back;
    UIButton *save;
    textview = [[UITextView alloc]initWithFrame:CGRectMake(0, 40, self.frame.size.width, self.frame.size.height-40)];
    textview.backgroundColor = [UIColor whiteColor];
    back = [[UIButton alloc]initWithFrame:CGRectMake(0, 0, 150, 40)];
    save = [[UIButton alloc]initWithFrame:CGRectMake(self.frame.size.width-160, 0, 150, 40)];

    [back setTitle:(@"Zurück") forState:UIControlStateNormal];
    [save setTitle:(@"Speichern") forState:UIControlStateNormal];
    [save setTitleColor:[UIColor blueColor] forState:UIControlStateNormal];
    [back setTitleColor:[UIColor blueColor] forState:UIControlStateNormal];
    [save setTitleColor:[UIColor whiteColor] forState:UIControlStateHighlighted];
    [back setTitleColor:[UIColor whiteColor] forState:UIControlStateHighlighted];
    [self addSubview:textview];
    [self addSubview:back];
    [self addSubview:save];
    [save addTarget:self action:@selector(savethat) forControlEvents:UIControlEventPrimaryActionTriggered];
    [back addTarget:self action:@selector(cancelediting) forControlEvents:UIControlEventPrimaryActionTriggered];

    dica4 = (NSMutableDictionary*)[self.parentpop.dataseditable objectAtIndex:index.intValue];
//    dica4 = (NSMutableDictionary*)_usethisdic;
    textview.text = [dica4 valueForKey:key_edit];

}
-(void)savethat //Save the Users Input and replace the old
{
    [textview resignFirstResponder];
    [dica4 setValue:textview.text forKey:key_edit];
    printf("\n %d ",index_edit.intValue);
    [_parentpop.dataseditable replaceObjectAtIndex:index_edit.intValue withObject:dica4];

    [[NSUserDefaults standardUserDefaults] setObject:_parentpop.dataseditable forKey:(@"array")];
    [[NSUserDefaults standardUserDefaults]synchronize];

    [self.parentpop removeFromSuperview];
//    [self.intclasssecond reloadData];

}
-(void)cancelediting //Cancel
{
    [textview resignFirstResponder];
    [self.parentpop removeFromSuperview];
}
@end

这是我的Ajax请求 -

  public function handle($request, Closure $next, $permission = null)
    {
        if ($request->getSession()->has('user')) {
            $userObj = new \App\User;
            if ($userObj->canAccess($request->getSession()->get('user')[0]['userPerm'], $permission)) {
                return $next($request);
            }
            else{
                    return response()->json(array('mst_error'=>'Unauthorized Access.'),401);
                }
        }
        return $request->isXmlHttpRequest() ? 
            response(json_encode(array('session_logout' => true)), 401) : 
            redirect('login')->withErrors(array('mst_error' => 'You don\'t have any active session. Please login again'));
    }

这是我在Auth Controller中未经授权的功能

$.ajax({
            url:url,
            data:data,
            statusCode: {
                401: function(res){
                        location.href = "unauthorized";
                    }
            }
        }).done(function(result){console.log(result);
            $('#section-content').html(result);
        });