Laravel登录不断提供未经身份验证的异常错误

时间:2018-08-28 00:24:31

标签: php laravel laravel-5

因此,我一直在为这个正在工作的项目的另一种类型的用户(称为超级用户)开发新的登录控制器。我一直在根据我在github

上找到的这个项目来制作控制器及其附加的所有其他文件。

因此,我创建了控制器,并添加和修改了所有必要的文件,即使在技术上也没有问题,甚至在技术上也证明了我正在使用新的防护装置。但是随后出现了问题。就在我测试登录名时,无论尝试多少次,它总是将我重定向回登录页面(在这种情况下,它也是子页面的索引。

奇怪的是,A)Laravel不会向我抛出任何错误,B)当我通过忘记的密码控制器重置密码时,它会登录(我认为是因为功能使其一次可以自动登录)您重置它)

最近几天,我一直在疯狂地寻找答案,但是找不到与我的问题非常相似的东西。我的怀疑是,这与我修改了Exception Handler或LoginController中的login函数的方式有关,因为logout函数的工作没有任何问题。它还可以执行密码重置,没有任何问题,这意味着我为用户创建的Guard正确配置。

我还知道它正在从正确的数据库中读取数据,因为一旦密码重置,它就可以使用超级用户的凭据登录。

希望有人可以帮助我,这是超级用户LoginController的代码:

namespace App\Http\Controllers\Super\AuthSuper;

use Illuminate\Http\Request;
use App\Http\Controllers\Controller;
use Illuminate\Support\Facades\Auth;

class LoginController extends Controller
{


/**
 * Where to redirect users after login.
 *
 * @var string
 */
//protected $redirectTo = '/home'; 

/**
 * Create a new controller instance.
 *
 * @return void
 */
public function __construct()
{
    $this->middleware('guest:super')->except('logout');
}

public function showIndex(){
    return view('caja.sucursal');
}

public function login(Request $request)
   {
       $this->validate($request, [
           'email' => 'required|email',
           'password' => 'required|min:6'
       ]);

       $credential = [
           'email' => $request->email,
           'password' => $request->password
       ];

       // Attempt to log the user in
       if (guard()->attempt($credential)){
           // If login succesful, then redirect to their intended location
           return redirect()->intended(route('caja.home'));
       }

       // If Unsuccessful, then redirect back to the login with the form 
  data
       return redirect()->back()->withInput($request->only('email', 'remember'));
   }


public function logout(){
    Auth::guard('super')->logout();
    return redirect('/sucursal')->with('flash','Se ha cerrado la Sesión');;
}




public function guard()
{
    return Auth::guard('super');
}
}

如您所见,在这里,我为其分配了“超级”保护,然后使用它来检查尝试登录的用户是否拥有它,如果他们这样做并且凭据正确,则应将其发送到家庭页面。

这是auth.php文件中的片段,我在其中声明了防护“超级” 

'guards' => [
    'web' => [
        'driver' => 'session',
        'provider' => 'users',
    ],

    'api' => [
        'driver' => 'token',
        'provider' => 'users',
    ],
    'super' => [
        'driver' => 'session',
        'provider' => 'supers',
    ],

    'api-super' => [
        'driver' => 'token',
        'provider' => 'supers',
    ],
],

'providers' => [
    'users' => [
        'driver' => 'eloquent',
        'model' => App\User::class,
    ],
    'supers' => [
        'driver' => 'eloquent',
        'model' => App\Superuser::class,
    ],

    // 'users' => [
    //     'driver' => 'database',
    //     'table' => 'users',
    // ],
 ],

 'passwords' => [
    'users' => [
        'provider' => 'users',
        'table' => 'password_resets',
        'expire' => 60,
    ],
    'supers' => [
        'provider' => 'supers',
        'table' => 'password_resets',
        'expire' => 60,
    ],
],

这是经过修改的重定向(如果经过身份验证的函数),我在其中声明了“超级”后卫

public function handle($request, Closure $next, $guard = null)
{
    switch ($guard){
        case 'super':
            if (Auth::guard($guard)->check()) {
                return redirect()->route('caja.home');
            }
            break;

        default:
            if (Auth::guard($guard)->check()) {
                return redirect()->route('home');
            }
            break;
    }

    return $next($request);
}

我相信这是整个事情的罪魁祸首。 Handler.php:

<?php

namespace App\Exceptions;

use Exception;
use Illuminate\Foundation\Exceptions\Handler as ExceptionHandler;
use Request;
use Response;
use Illuminate\Auth\AuthenticationException;

class Handler extends ExceptionHandler
{
/**
 * A list of the exception types that are not reported.
 *
 * @var array
 */
protected $dontReport = [
    //
];

/**
 * A list of the inputs that are never flashed for validation exceptions.
 *
 * @var array
 */
protected $dontFlash = [
    'password',
    'password_confirmation',
];

/**
 * Report or log an exception.
 *
 * This is a great spot to send exceptions to Sentry, Bugsnag, etc.
 *
 * @param  \Exception  $exception
 * @return void
 */
public function report(Exception $exception)
{
    parent::report($exception);
}

/**
 * Render an exception into an HTTP response.
 *
 * @param  \Illuminate\Http\Request  $request
 * @param  \Exception  $exception
 * @return \Illuminate\Http\Response
 */
public function render($request, Exception $exception)
{
    // if ($exception instanceof \Illuminate\Auth\AuthenticationException){
    //     return redirect('/')->with('flash','Por favor Inicia Sesión');
    // }
    return parent::render($request, $exception);
}

protected function unauthenticated($request, AuthenticationException $exception)
{
//        return $request->expectsJson()
//            ? response()->json(['message' => 'Unauthenticated.'], 401)
//            : redirect()->guest(route('login'));

    if ($request->expectsJson()) {
        return response()->json(['error' => 'Unauthenticated.'], 401);
    }

    $guard = array_get($exception->guards(), 0);
    switch ($guard) {
        case 'super':
            $login = 'caja.sucursal';
            break;

        default:
            $login = '/';
            break;
    }
    return redirect()->guest(route($login))->with('flash','Por favor Inicia Sesión');
}
}

我不知道它会有多大用处,但这是我为超级用户制作的ForgetPasswordController和ResetPasswordController的片段。

namespace App\Http\Controllers\Super\AuthSuper;

use Illuminate\Http\Request;
use App\Http\Controllers\Controller;
use Illuminate\Foundation\Auth\SendsPasswordResetEmails;
use Illuminate\Support\Facades\Password;

class ForgotPasswordController extends Controller
{


use SendsPasswordResetEmails;

/**
 * Create a new controller instance.
 *
 * @return void
 */
 public function __construct()
{
    $this->middleware('guest:super');
}

public function broker()
{
    return Password::broker('supers');
}


/**
 * Display the form to request a password reset link.
 *
 * @return \Illuminate\Http\Response
 */
public function showLinkRequestForm()
{
    return view('authSuper.passwords.email');
}

/**
 * Send a reset link to the given user.
 *
 * @param  \Illuminate\Http\Request  $request
 * @return \Illuminate\Http\RedirectResponse
 */
public function sendResetLinkEmail(Request $request)
{
    $this->validateEmail($request);

    // We will send the password reset link to this user. Once we have attempted
    // to send the link, we will examine the response then see the message we
    // need to show to the user. Finally, we'll send out a proper response.
    $response = $this->broker()->sendResetLink(
        $request->only('email')
    );

    return $response == Password::RESET_LINK_SENT
        ? $this->sendResetLinkResponse($response)
        : $this->sendResetLinkFailedResponse($request, $response);
}


}

-

namespace App\Http\Controllers\Super\AuthSuper;

use Illuminate\Http\Request;
use App\Http\Controllers\Controller;
use Illuminate\Foundation\Auth\ResetsPasswords;
use Illuminate\Support\Facades\Password;
use Illuminate\Support\Facades\Auth;

class ResetPasswordController extends Controller
{

use ResetsPasswords;

/**
 * Where to redirect users after resetting their password.
 *
 * @var string
 */
protected $redirectTo = '/sucursal';

/**
 * Create a new controller instance.
 *
 * @return void
 */
public function __construct()
{
    $this->middleware('guest:super');
}

public function guard()
{
    return Auth::guard('super');
}

public function broker()
{
    return Password::broker('supers');
}

/**
 * Display the password reset view for the given token.
 *
 * If no token is present, display the link request form.
 *
 * @param  \Illuminate\Http\Request  $request
 * @param  string|null  $token
 * @return \Illuminate\Contracts\View\Factory|\Illuminate\View\View
 */
public function showResetForm(Request $request, $token = null)
{
    return view('authSuper.passwords.reset')->with(
        ['token' => $token, 'email' => $request->email]
    );
}
}

要关闭,下面是应访问控制器的登录功能的视图片段:

<form role="form" action="{{ route('caja.login')}}" method="POST">
                                {{ csrf_field() }}
                                <div class="form-group {{ $errors->has('rut') ? 'has-error':''}}">
                                    <label class="sr-only" for="r-form-1-name">RUT</label>
                                    <input type="text" name="rut" placeholder="Rut..." class="r-form-1-name form-control" id="r-form-1-name" value="{{ old('rut')}}">
                                    {!! $errors->first('rut','<span class="help-block">:message</span>') !!}
                                </div>
                                <div class="form-group {{ $errors->has('password') ? 'has-error':''}}">
                                    <label class="sr-only" for="r-form-1-email">CONTRASEÑA</label>
                                    <input type="password" name="password" placeholder="Contraseña..." class="r-form-1-email form-control" id="r-form-1-email">
                                    {!! $errors->first('password','<span class="help-block">:message</span>') !!}
                                </div>

                                <p class="terms">
                                    * Olvidaste la Contraseña? 
                                    <!--<a href="#" class="launch-modal" 
   data-modal-id="modal-terms">Presiona aquí</a>-->
                                    <a href="{{ 
  route('caja.password.resetter') }}">Presiona aquí</a>
                                </p>
                                <center>
                                    <a class="btn" href=" 
   {{route('caja.home')}}">ENTRAR</a>
                                </center>

                            </form>

以及分配给超级用户应该访问的子站点的路由(包括登录页面的路由,例如:

 Route::prefix('sucursal')->group(function(){
Route::get('/', 'Super\AuthSuper\LoginController@showIndex')->name('caja.sucursal');
Route::get('/home','Super\CajaController@home')->name('caja.home');
Route::post('/login', 'Super\AuthSuper\LoginController@login')->name('caja.login');
Route::post('/logout', 'Super\AuthSuper\LoginController@logout')->name('caja.logout');
Route::get('/password/reset', 'Super\AuthSuper\ForgotPasswordController@showLinkRequestForm')->name('caja.password.resetter');
Route::post('/password/email', 'Super\AuthSuper\ForgotPasswordController@sendResetLinkEmail')->name('caja.password.email');
 Route::get('/password/reset/{token}', 'Super\AuthSuper\ResetPasswordController@showResetForm')->name('caja.password.reset');
 Route::post('/password/request', 'Super\AuthSuper\ResetPasswordController@reset')->name('caja.password.request');
 Route::post('buscar-rut', 'Super\CajaController@buscarRut');
 });

我知道很多事情,但是我已经做了很多事情,只是再次完全重做了所有事情(我仍然会做,而不是撒谎),但是我的所有搜索都被证明是徒劳的。我敢肯定,即使就在我眼前,我肯定也缺少一些小东西,但是它一直在掩盖我。

0 个答案:

没有答案
相关问题
最新问题