Laravel对所选角色的路线限制

时间:2017-10-30 14:29:09

标签: php laravel

我有一个包含两种类型用户的用户表:供应商和客户。如果供应商角色是1重定向到供应商仪表板,并且客户角色是2重定向到客户仪表板,但登录后如何防止路由到客户仪表板(如果作为供应商登录),反之亦然 登录控制器取决于角色:

class CustomerLoginController extends Controller
{
    public function __construct()
    {
        $this->middleware('guest:web');
    }

    public function showLoginForm()
    {
        return view('Customer.login');
    }

    public function login(Request $request)
    {
        $this->validate($request,[
            'email'=>'required|email',
            'password'=>'required|min:6',
        ]);

        if (Auth::guard('web')->attempt(['email'=>$request->email,'password'=>$request->password,'active'=>1,'role_id'=>2], $request->remember)) {

            return redirect()->intended(route('customer.dashboard'));

        } elseif (Auth::guard('web')->attempt(['email'=>$request->email,'password'=>$request->password,'active'=>1,'role_id'=>1],$request->remember)) {
            return redirect()->intended(route('vendor.dashboard'));

        }
        return redirect()->back()->withInput($request->only('email','remember'));
    }

}

登录路由控制器后:

public function __construct()
{
    $this->middleware('auth');
}
public function index()
{
    return view('index.customer.customerdashboard');
}

public function vendor()
{
    return view('index.vendor.vendordashboard');
}

1 个答案:

答案 0 :(得分:1)

您需要使用

创建中间件
php artisan make:middleware PortectedVendorRoutesMiddleware

然后,在该文件的handle方法中,添加逻辑以检查用户的角色

public function handle($request, Closure $next)
{
    if (auth()->user()->role_id == 1) {
       return $next($request);
    }


    abort(404);
}

现在你需要保护你的路线

Route::group(['middleware' => App\Http\Middleware\ProtectVendorRoutesMiddleware::class], function () {

    // Your protected vendor routes here
});

或者从Laravel 5.5开始

Route::middleware([App\Http\Middleware\ProtectVendorRoutesMiddleware::class])->group(function () {

    // Your protected vendor routes here
});

对客户路线重复此过程。