如果laravel身份验证失败,Ajax会成功

时间:2016-08-29 20:38:41

标签: ajax laravel-5.2

我有一个问题我在常规表单上有两个表单,一个是ajax处理表单。常规表单根据需要工作,但即使服务器端的身份验证失败,ajax表单也会成功通过。

我的loginHandler函数位于

之下 
public function handleLogin(Request $request) {

    // init auth boolean to false
    $auth = false;

    // run validation rules
    $validator = User::validation($request->all(), User::$login_validation_rules, User::$login_error_messages);

    // get credentials
    $credentials = $request->only('email','password');

    if($validator->fails()) {
        return back()
            ->withErrors($validator)
            ->withInput();
    }

    $credentials = array_merge($credentials,['activated' => 1]);

    // get remember from request
    $remember = $request->has('remember');


    if (\Auth::attempt($credentials, $remember)) {
        $auth = true;
    }

    if($request->ajax()) {
        $response = response()->json([
            'auth' => $auth,
            'intended' => \URL::route('home')
        ]);

        return $response;
    }

    return redirect()->intended('/');

}

我的ajax代码就是这个

  $('#login-nav').validate({
    rules : {
        email : {
            required : true,
            email : true
        },
        password : {
            required : true
        }
    },
    messages : {
        email : {
            required : '<div class="alert-danger alert-validation">Email is a required field.</div>',
            email : '<div class="alert-danger alert-validation">Please enter a valid Email.</div>'
        },
        password : {
            required : '<div class="alert-danger alert-validation">Password is a required field.</div>'
        }
    },
    submitHandler: function (form){
        $.ajax({
            headers: {
                'X-CSRF-TOKEN': $('meta[name="_token"]').attr('value')
            },
            type: $(form).attr('method'),
            url: $(form).attr('action'),
            data: $(form).serialize(),
            dataType: 'json',
            success: function (data) {
                var html = '<div class="alert alert-success">Login Successful</div>';
                $('#loginMsg').html(html);
                return window.location = '/';
            },
            error: function (data) {
                var html = '<div class="alert alert-danger">Email/Password is invalid</div>';
                $('#loginMsg').html(html);
            }
        });

        return false;
    }

我希望与我的常规非ajax表单具有相同的行为。但不是在我的ajax中出错,它会取得成功。任何帮助将不胜感激。

1 个答案:

答案 0 :(得分:1)

Auth::attempt将返回true或false,默认情况下,如果返回response()->json()而没有第二个参数,则默认为200(成功)。因此,基于Auth::attempt,如果登录失败,则应该返回400,然后它应该进入你的ajax的错误函数。

$auth = \Auth::attempt($credentials, $remember);

if($request->ajax()) {
    $responseCode = 200;
    if( ! $auth) {
       $responseCode = 400;
    }
    $response = response()->json([
        'auth' => $auth,
        'intended' => \URL::route('home')
    ], $responseCode);

    return $response;
}
相关问题
最新问题