我正在尝试在我的Laravel项目中执行多次身份验证。最初我把它放给用户,然后生成令牌并且它正常工作。当我也添加员工时,不会为员工生成令牌。当我为用户删除时,现在员工正在工作但是两者都不起作用。
'guards' => [
'web' => [
'driver' => 'session',
'provider' => 'users',
//'provider' => 'employees'
],
'api' => [
'driver' => 'token',
'provider' => 'users',
//'provider' => 'employees'
],
'employees' => [
'driver' => 'session',
'provider' => 'employees',
],
],
任何人都可以请我帮忙。谢谢。
答案 0 :(得分:0)
在您的auth.php文件中,在providers数组中为定义的防护添加提供程序。
'guards' => [
'web' => [
'driver' => 'session',
'provider' => 'users',
//'provider' => 'employees'
],
'api' => [
'driver' => 'token',
'provider' => 'users',
//'provider' => 'employees'
],
'employees' => [
'driver' => 'session',
'provider' => 'employees',
],
],
'providers' => [
'users' => [
'driver' => 'eloquent',
'model' => App\User::class,
],
'employees' => [
'driver' => 'eloquent',
'model' => App\Employees::class,
],
],
如果您使用2种不同的身份验证模式,请执行上述操作。如果您使用相同的模型根据用户角色进行身份验证,请为员工和用户提供相同的模型。
为员工登录创建路线。
Route::get('/employee/login','Auth\EmployeeLoginController@showLoginForm')->name('employee.login');
Route::post('/employee/login','Auth\EmployeeLoginController@login')->name('employee.login.submit');
创建EmployeeLoginController
<?php
namespace App\Http\Controllers\Auth;
use Illuminate\Http\Request;
use App\Http\Controllers\Controller;
use Auth;
class EmployeeLoginController extends Controller
{
public function __construct()
{
$this->middleware('guest:employee');
}
public function showLoginForm()
{
return view('auth.employee-login');
}
public function login(Request $request)
{
// Validate the form data
$this->validate($request, [
'email' => 'required|email',
'password' => 'required|min:6'
]);
// Attempt to log the user in
if (Auth::guard('employee')->attempt(['email' => $request->email, 'password' => $request->password], $request->remember)) {
// if successful, then redirect to their intended location
return redirect()->intended(route('employee.Product.list'));
}
// if unsuccessful, then redirect back to the login with the form data
return redirect()->back()->withInput($request->only('email'));
}
}
如果您使用的是2种不同的型号,请执行上述操作。如果您使用相同的模型进行基于角色的身份验证,则只需在尝试方法
中添加以下按角色检查attempt(['email' => $request->email, 'password' => $request->password, 'role' => 'employee'], $request->remember))
然后在你的app \ Exception文件夹中添加修改handler.php文件中未经验证的方法
protected function unauthenticated($ request,AuthenticationException $ exception)
{
if ($request->expectsJson()) {
return response()->json(['error' => 'Unauthenticated.'], 401);
}
$guard = array_get($exception->guards(),0);
switch ($guard) {
case 'admin':
$login = 'admin.login';
break;
case 'employee':
$login = 'employee.login';
break;
default:
$login = 'login';
break;
}
return redirect()->guest(route($login));
}
这里实际上你是$ login变量用于重定向到你想要的用户未经过身份验证的网址。
最后在你的app \ middleware \ RedirectIfAuthenticated.php文件中删除句柄方法并添加以下内容。
public function handle($request, Closure $next, $guard = null)
{
switch ($guard) {
case 'admin':
if (Auth::guard($guard)->check()) {
return redirect()->route('admin.index');
}
break;
case 'employee':
if (Auth::guard($guard)->check()) {
return redirect()->route('employee.dashboard');
}
break;
default:
if (Auth::guard($guard)->check()) {
return redirect('/');
}
break;
}
return $next($request);
}
如果用户经过身份验证,您将重定向用户。
为了更好地理解,请查看此视频。这适用于5.3和5.4这将有助于您了解所有这些是如何工作的。