我正在使用laravel 5.2 with entrust / zizaco。当用户进行身份验证时,他们具有admin角色,但是当我将dd(1)放入app_user角色中间件时,请求会进入! 该请求还会输入admin和business_owner角色中间件。 即使用户注销,之后他们的每个请求都通过auth中间件!!
Route::group(['middleware' => 'auth'], function () {
Route::group(['middleware' => ['role:admin']], function (){
// Routes go here
});
Route::group(['middleware' => ['role:app_user']], function (){
// Routes go here
});
Route::group(['middleware' => ['role:business_owner']], function (){
// Routes go here
});
});
答案 0 :(得分:0)
是的,请求应输入身份验证中间件,您可以在中间件中编写代码。 这是用于验证用户的中间件中的laravel:
public function handle($request, Closure $next)
{
if ($this->auth->guest()) { // if user isn't authenticated
if ($request->ajax()) { // if request is ajax
return response('Unauthorized.', 401); // return 401 res
} else {
return redirect()->guest('login'); // else redirect login page
}
}
return $next($request); // return next res(e.g dashboard) if user is authenticated
}