即使密码错误,Laravel也会登录身份验证

时间:2017-08-03 09:35:34

标签: php laravel laravel-5 laravel-5.4

这有点令人困惑,因为我是laravel的新手。它始终将表单操作的网址中的applicant/login重定向到应使用正确身份验证重定向到applicant/home的表单。

这是我控制器中的代码:

public function authenticate(Request $request)
{   
    $credentials = $request->only('email', 'password');

    if ($this->guard()->attempt($credentials)) {
        /* 
        $user = Admin::where('email', $credentials['email'])->first();
        // Authentication passed...
        $this->guard()->loginUsingId($user->id);
        */
         return redirect()->intended('applicant/home');
    }

    return view('applicants.home');
}

这是我表单中的代码:

<form method="post" action="{{ url('/applicants/login') }}">
    {!! csrf_field() !!}

    <div class="form-group has-feedback {{ $errors->has('email') ? ' has-error' : '' }}">
        <input type="email" class="form-control" name="email" value="{{ old('email') }}" placeholder="Email">
        <span class="glyphicon glyphicon-envelope form-control-feedback"></span>
        @if ($errors->has('email'))
            <span class="help-block">
            <strong>{{ $errors->first('email') }}</strong>
        </span>
        @endif
    </div>

    <div class="form-group has-feedback{{ $errors->has('password') ? ' has-error' : '' }}">
        <input type="password" class="form-control" placeholder="Password" name="password">
        <span class="glyphicon glyphicon-lock form-control-feedback"></span>
        @if ($errors->has('password'))
            <span class="help-block">
            <strong>{{ $errors->first('password') }}</strong>
        </span>
        @endif

    </div>
    <div class="row">
        <div class="col-xs-8">
            <div class="checkbox icheck">
                <label>
                   <!--<input type="checkbox" name="remember"> Remember Me -->
                </label>
            </div>
        </div>
        <!-- /.col -->
        <div class="col-xs-4">
            <button type="submit" class="btn btn-primary btn-block btn-flat">Sign In</button>
        </div>
        <!-- /.col -->
    </div>
</form>

3 个答案:

答案 0 :(得分:1)

Laravel默认使用auth方法。

制作:php artisan make:auth

将创建包含文件的文件夹。

in

  

/resources/views/auth/login.blade.php

您有登录表单。

现在您的表单必须如下所示:

<form method="post" action="{{ url('/login') }}">
            {!! csrf_field() !!}

            <div class="form-group has-feedback {{ $errors->has('email') ? ' has-error' : '' }}">
                <input type="email" class="form-control" name="email" value="{{ old('email') }}" placeholder="Email">
                <span class="glyphicon glyphicon-envelope form-control-feedback"></span>
                @if ($errors->has('email'))
                    <span class="help-block">
                    <strong>{{ $errors->first('email') }}</strong>
                </span>
                @endif
            </div>

            <div class="form-group has-feedback{{ $errors->has('password') ? ' has-error' : '' }}">
                <input type="password" class="form-control" placeholder="Password" name="password">
                <span class="glyphicon glyphicon-lock form-control-feedback"></span>
                @if ($errors->has('password'))
                    <span class="help-block">
                    <strong>{{ $errors->first('password') }}</strong>
                </span>
                @endif

            </div>
            <div class="row">
                <div class="col-xs-8">
                    <div class="checkbox icheck">
                        <label>
                           <!--<input type="checkbox" name="remember"> Remember Me -->
                        </label>
                    </div>
                </div>
                <!-- /.col -->
                <div class="col-xs-4">
                    <button type="submit" class="btn btn-primary btn-block btn-flat">Sign In</button>
                </div>
                <!-- /.col -->
            </div>
        </form>

并在

  

应用程序/ HTTP /控制器/ AUTH

你有

  

LoginController.php

,在:

class LoginController extends Controller
{
you must have this:

protected $redirectTo = '/home'; home, or what you want;)
}

另外,请检查您拥有的web.php(路线文件):

Auth::routes();

答案 1 :(得分:1)

我认为您可以尝试这可能对您有所帮助:

只需使用laravel默认身份验证登录并注册用户,如:

php artisan make:auth

希望对你有所帮助!!!

答案 2 :(得分:1)

正如@LluísPuigFerrer建议的那样,使用Laravel在Auth中的构建。网上有很多文档。

确保在web.php内定义路线时使用auth middleware。当用户想要访问使用auth middleware的页面时,如果已登录,则会要求他们登录或授予访问权限

Route::group(['middleware' => 'auth'], function() { 
    // All the routes that require login authentication
};
相关问题
最新问题