我有以下代码
<?php
namespace App\Http\Middleware;
use Closure;
use Session;
class CheckLogin
{
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
if(!Session::has('userAuthDetail')){
// return redirect('login');
// return redirect()->guest('/login');
} else {
return $next($request);
}
}
}
Route::get('/login', ['as' => 'login', 'uses' => 'Auth\LoginController@login']);
Route::group(['middleware' => ['login']], function () {
Route::post('/add','MyController@submitData');
});
登录控制器
public function postLogin(Request $request) {
// print_r($request->all());
$data['email']=$request->email;
$data['password']=$request->password;
$response= ApiModel::userLogin($data);
if($response->msg=='success'){
session(['userAuthDetail' => $response->data[0]]);
return redirect('/');
} else if($response->msg=='failed'){
return redirect('/');
}
}
如果我在中间件中添加if else条件然后网站抛出错误
VerifyCsrfToken.php第156行中的ErrorException:尝试获取属性 非对象
如果我删除if else并添加
public function handle($request, Closure $next)
{
if(!Session::has('userAuthDetail')){
}
return $next($request);
}
然后工作正常但如果凭据失败则将其重定向到仪表板。
注意:我不能使用laravel auth,因为我正在与用php编写的api进行通信
更新
kernal.php
<?php
namespace App\Http;
use Illuminate\Foundation\Http\Kernel as HttpKernel;
class Kernel extends HttpKernel
{
/**
* The application's global HTTP middleware stack.
*
* These middleware are run during every request to your application.
*
* @var array
*/
protected $middleware = [
\Illuminate\Foundation\Http\Middleware\CheckForMaintenanceMode::class,
\Illuminate\Foundation\Http\Middleware\ValidatePostSize::class,
\App\Http\Middleware\TrimStrings::class,
\Illuminate\Foundation\Http\Middleware\ConvertEmptyStringsToNull::class,
];
/**
* The application's route middleware groups.
*
* @var array
*/
protected $middlewareGroups = [
'web' => [
\App\Http\Middleware\EncryptCookies::class,
\Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class,
\Illuminate\Session\Middleware\StartSession::class,
// \Illuminate\Session\Middleware\AuthenticateSession::class,
\Illuminate\View\Middleware\ShareErrorsFromSession::class,
\App\Http\Middleware\VerifyCsrfToken::class,
\Illuminate\Routing\Middleware\SubstituteBindings::class,
\App\Http\Middleware\CheckLogin::class,
],
'api' => [
'throttle:60,1',
'bindings',
],
];
/**
* The application's route middleware.
*
* These middleware may be assigned to groups or used individually.
*
* @var array
*/
protected $routeMiddleware = [
'auth' => \Illuminate\Auth\Middleware\Authenticate::class,
'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
'bindings' => \Illuminate\Routing\Middleware\SubstituteBindings::class,
'can' => \Illuminate\Auth\Middleware\Authorize::class,
'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class,
'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class,
'login' => \App\Http\Middleware\CheckLogin::class,
];
}
答案 0 :(得分:0)
如果用户会话未创建为
,则应返回登录页面public function handle($request, Closure $next)
{
if(!Session::has('userAuthDetail')){
//return to login page
}
return $next($request);//if session exist then forward the request
}
答案 1 :(得分:0)
Line 156 of VerifyCsrfToken.php表示它尝试调用$response->headers->setCookie(...)。您的错误表明$ response为null,这就是if(!Session::has('userAuthDetail')) { ... }场景中的CheckLogin中间件会发生的情况。
基本上,你有一个返回null的中间件(或者什么都没有,在PHP世界中哪种被视为null)。这是不允许的,中间件必须始终返回某种响应(或抛出异常)。
TL; DR:您的中间件必须为所有执行路径返回响应。