如何根据DB值阻止在laravel sessionguard中登录?

时间:2017-11-03 08:10:14

标签: angularjs laravel

这是我的用户模型&会议守卫:

<?php namespace App;

use Illuminate\Auth\Authenticatable;
use Illuminate\Database\Eloquent\Model;
use Illuminate\Auth\Passwords\CanResetPassword;
use Illuminate\Contracts\Auth\Authenticatable as AuthenticatableContract;
use Illuminate\Contracts\Auth\CanResetPassword as CanResetPasswordContract;
use Illuminate\Support\Facades\DB;

class User extends Model implements AuthenticatableContract, CanResetPasswordContract {

    use Authenticatable, CanResetPassword;

    protected $table = 'users';
    protected $fillable = ['name', 'email', 'password', 'type', 'course_id', 'address', 'phone', 'status', 'avatar'];
    protected $hidden = ['password', 'remember_token'];


    public  function getUserLocked() {

         $result=DB::table('users')->where('status', 'locked')->get();


        return $result;
    }
}

public function login(AuthenticatableContract $user, $remember = false)
{

     $u=new User();
    $result= $u->getUserLocked(); 

         foreach ($result as $locked) {
               if ($locked->id== "locked");

                         return;
        }



    $this->updateSession($user->getAuthIdentifier());

    // If the user should be permanently "remembered" by the application we will
    // queue a permanent cookie that contains the encrypted copy of the user
    // identifier. We will then decrypt this later to retrieve the users.


    if ($remember) {
        $this->createRememberTokenIfDoesntExist($user);

        $this->queueRecallerCookie($user);
    }

    // If we have an event dispatcher instance set we will fire an event so that
    // any listeners will hook into the authentication events and run actions
    // based on the login and logout events fired from the guard instances.
    $this->fireLoginEvent($user, $remember);

    $this->setUser($user);
}

我想要的是当值被锁定时,登录将失败。但除非我注释掉检查锁定的代码,否则我所有登录都失败了。我在哪里做错了。我也尝试在用户模型中使用静态功能。

1 个答案:

答案 0 :(得分:0)

我的意见:

// you don't need this function
public  function getUserLocked() {
    $result=DB::table('users')->where('status', 'locked')->first();
    return $result;
}

然后:

public function login(AuthenticatableContract $user, $remember = false)
{
    // you can use this because you allready in user 
    if ($this->status == "locked")
          return response()->json(['message' => 'You are locked'], 403);
 ....

希望这个帮助

相关问题
最新问题