我在Apache上运行了Laravel v5.5,我需要通过智能卡证书实现用户验证(使用apache SSLVerifyClient require)。
这意味着我需要一个公共文件夹,它会询问客户端的证书,我的公共文件夹结构如下:
/public/
|- index.php <-- laravel main bootstrap
|- login/
|- .htaccess <-- let's apache to ask for client cert only on this folder
|- index.php <-- secondary bootstrap, that should work as main bootstrap
如何从子文件夹( public / login / index.php )引导laravel,以便它将路径和路由保持为主引导( public / index.php )?
我已经尝试过了
<?php
require_once '../index.php';
和
<?php
// copy-paste the content from ../index.php and change the paths
define('LARAVEL_START', microtime(true));
require __DIR__.'/../../vendor/autoload.php';
$app = require_once __DIR__.'/../../bootstrap/app.php';
// ...
但他们都处理路线,好像&#34; / login &#34;是根本&#34; / &#34;
答案 0 :(得分:0)
这是我目前的工作解决方案。由于单独/登录路径的唯一目的是从$ _SERVER收集证书信息,然后将其传递给正确的laravel控制器,我只需要引导laravel来访问正确的会话实例。
// -- file login/index.php
// bootstrap laravel
require __DIR__.'/../../vendor/autoload.php';
$app = require_once __DIR__.'/../../bootstrap/app.php';
$kernel = $app->make(Illuminate\Contracts\Http\Kernel::class);
$request = Illuminate\Http\Request::capture();
// trigger all the middlewares (including SessionStart)
$response = $kernel->handle($request);
// check client verification and store certificate information to session
$request->session()->put([
'login-card-cert' => $request->server('SSL_CLIENT_CERT'),
'login-card-user' => $request->server('SSL_CLIENT_S_DN'),
]);
$request->session()->save();
// use away() to send user out of the sub-folder and back to main laravel route
$response = redirect()->away('/do-login/');
// finish up with request (laravel termination)
$response->send();
$kernel->terminate($request, $response);