我正在尝试使用多个身份验证进行自定义登录。与此同时,我正在尝试登录管理员。当管理员登录时,登录功能会处理它(它也只是刷新而没有登录功能)Auth:attempt()似乎总是返回false,但是(我有一个不同的表名和字段)。除此之外,即使用户没有真正登录,我也可以通过更改网址自由访问仪表板。
AuthController
/*
|--------------------------------------------------------------------------
| Registration & Login Controller
|--------------------------------------------------------------------------
|
| This controller handles the registration of new users, as well as the
| authentication of existing users. By default, this controller uses
| a simple trait to add these behaviors. Why don't you explore it?
|
*/
use AuthenticatesAndRegistersUsers, ThrottlesLogins;
/**
* Where to redirect users after login / registration.
*
* @var string
*/
protected $redirectTo = 'admin/dashboard';
/**
* Where to redirect users after logout.
*
* @var string
*/
protected $redirectAfterLogout = 'admin/login';
/**
* Guard for admin
*
*
*/
protected $guard = 'admin';
/**
* Create a new authentication controller instance.
*
* @return void
*/
public function __construct()
{
$this->middleware($this->guestMiddleware(), ['except' => 'logout']);
}
/**
* Get a validator for an incoming registration request.
*
* @param array $data
* @return \Illuminate\Contracts\Validation\Validator
*/
protected function validator(array $data)
{
return Validator::make($data, [
'OUsername' => 'required|max:255|unique:users',
'OPassword' => 'required|min:6|confirmed',
]);
}
/**
* Create a new user instance after a valid registration.
*
* @param array $data
* @return User
*/
protected function create(array $data)
{
return Admin::create([
'OUsername' => $data['OUsername'],
'OPassword' => bcrypt($data['OPassword']),
]);
}
/**
* Show login form.
*
*
*
*/
public function showLoginForm()
{
if (view()->exists('auth.authenticate')) {
return view('auth.authenticate');
}
return view('pages.admin.login');
}
/**
* Show registration form.
*
*
*
*/
public function showRegistrationForm()
{
return view('pages.admin.register');
}
public function login(Request $request)
{
//Get inputs
$username = $request->input('username');
$password = $request->input('password');
//Redirect accordingly
if (Auth::guard('admin')->attempt(array('OUsername' => $username, 'OPassword' => $password)))
{
return redirect()->intended('admin/dashboard');
}
else
{
//when echoing something here it is always displayed thus admin login is just refreshed.
return redirect('admin/login')->withInput()->with('message', 'Login Failed');
}
}
管理员提供商模型
/**
* The database table used by the model.
*
* @var string
*/
protected $table = 'account_officer_t';
/**
* The attributes that are mass assignable.
*
* @var array
*/
protected $fillable = [
'OUsername', 'OPassword',
];
public $timestamps = false;
/**
* Set primary key
*
* @var int
*/
protected $primaryKey = 'AccountOfficerID';
/**
* The attributes that should be hidden for arrays.
*
* @var array
*/
protected $hidden = [
'OPassword', 'remember_token',
];
public function getAuthPassword()
{
return $this->OPassword;
}
路线
/*
|--------------------------------------------------------------------------
| Application Routes
|--------------------------------------------------------------------------
|
| Here is where you can register all of the routes for an application.
| It's a breeze. Simply tell Laravel the URIs it should respond to
| and give it the controller to call when that URI is requested.
|
*/
Route::group(['namespace' => 'Admin', 'middleware' => 'guest'], function(){
//This uses the guest middleware with the class name RedirectIfAuthenticated
Route::auth();
//Route for admin dashboard view
Route::get('admin/dashboard', array('as' => 'dashboard', 'uses' => 'AdminController@showDashboard'));
});
Route::group(['middleware' => ['web']], function () {
//Route for login
Route::get('admin/login','AdminAuth\AuthController@showLoginForm');
Route::post('admin/login','AdminAuth\AuthController@login');
Route::get('admin/logout','AdminAuth\AuthController@logout');
//Route for registration
Route::get('admin/ims-register', 'AdminAuth\AuthController@showRegistrationForm');
Route::post('admin/ims-register', 'AdminAuth\AuthController@register');
});
RedirectIfAuthenticated(访客中间件)
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @param string|null $guard
* @return mixed
*/
public function handle($request, Closure $next, $guard = null)
{
if (Auth::guard('admin')->check()) {
return redirect('admin/dashboard');
}
if (Auth::guard($guard)->check()) {
return redirect('/');
}
return $next($request);
}
我刚开始学习MVC框架并开始使用Laravel。谢谢你的帮助。
备注
我的密码使用bcrypt()存储,列长度为255
我已经尝试使用Hash :: check检查表中的哈希是否与我的输入匹配。它返回true。但是当我这样做时:
dd( Auth::guard('admin')->attempt(array('OUsername' => $username, 'OPassword' => $password)));
这是假的。
尝试根据此question的答案检查结果,特别是#7。仍然相同。
答案 0 :(得分:0)
问题似乎在于这一行
'OPassword' => $password
我把它改成了
'password' => $password
必须是密码而不是OPassword。然后在我的Admin模型中指定了
public function getAuthPassword()
{
return $this->OPassword;
}