我正在执行多重身份验证,因为我有3个不同的用户组。我正在尝试以下步骤。
LoginController.php
<?php
namespace App\Http\Controllers\Auth;
use App\Http\Controllers\Controller;
use Illuminate\Foundation\Auth\AuthenticatesUsers;
use Illuminate\Http\Request;
use Auth;
class LoginController extends Controller
{
use AuthenticatesUsers;
protected $redirectTo = '/home';
public function __construct()
{
$this->middleware('guest')->except('logout');
$this->middleware('guest:admin')->except('logout');
$this->middleware('guest:manager')->except('logout');
$this->middleware('guest:vendor')->except('logout');
}
public function showAdminLoginForm()
{
return view('auth.login', ['url' => 'admin']);
}
public function adminLogin(Request $request)
{
$this->validate($request, [
'email' => 'required|email',
'password' => 'required|min:6'
]);
if (Auth::guard('admin')->attempt(['email' => $request->email, 'password' => $request->password], $request->get('remember'))) {
return redirect()->intended('/admin');
}
return back()->withInput($request->only('email', 'remember'));
}
public function showManagerLoginForm()
{
return view('auth.login', ['url' => 'manager']);
}
public function managerLogin(Request $request)
{
$this->validate($request, [
'email' => 'required|email',
'password' => 'required|min:6'
]);
if (Auth::guard('manager')->attempt(['email' => $request->email, 'password' => $request->password], $request->get('remember'))) {
return redirect()->intended('/manager');
}
return back()->withInput($request->only('email', 'remember'));
}
public function showVendorLoginForm()
{
return view('auth.login', ['url' => 'vendor']);
}
public function vendorLogin(Request $request)
{
$this->validate($request, [
'email' => 'required|email',
'password' => 'required|min:6'
]);
if (Auth::guard('vendor')->attempt(['email' => $request->email, 'password' => $request->password], $request->get('remember'))) {
return redirect()->intended('/vendor');
}
return back()->withInput($request->only('email', 'remember'));
}
}
AdminController.php
<?php
namespace App\Http\Controllers;
use Illuminate\Http\Request;
use Auth;
class AdminController extends Controller
{
public function __construct()
{
$this->middleware('guest:admin');
}
public function dashboard()
{
dd(auth()->user());
return view('admin');
}
}
ManagerController 和 VendorController 与 AdminController 相同。
Web.php
Route::view('/', 'welcome');
Auth::routes();
Route::prefix('admin')->group(function () {
Route::get('/login', 'Auth\LoginController@showAdminLoginForm');
Route::post('/login', 'Auth\LoginController@adminLogin');
Route::get('/register', 'Auth\RegisterController@showAdminRegisterForm');
Route::post('/register', 'Auth\RegisterController@createAdmin');
});
Route::prefix('manager')->group(function () {
Route::get('/login', 'Auth\LoginController@showManagerLoginForm');
Route::post('/login', 'Auth\LoginController@managerLogin');
Route::get('/register', 'Auth\RegisterController@showManagerRegisterForm');
Route::post('/register', 'Auth\RegisterController@createManager');
});
Route::prefix('vendor')->group(function () {
Route::get('/login', 'Auth\LoginController@showVendorLoginForm');
Route::post('/login', 'Auth\LoginController@vendorLogin');
Route::get('/register', 'Auth\RegisterController@showVendorRegisterForm');
Route::post('/register', 'Auth\RegisterController@createVendor');
});
Route::view('/home', 'home')->middleware('auth');
Route::get('/admin', 'AdminController@dashboard');
Route::get('/manager', 'ManagerController@dashboard');
Route::get('/vendor', 'VendorController@dashboard');
RedirectIfAuthenticated.php
<?php
namespace App\Http\Middleware;
use Closure;
use Illuminate\Support\Facades\Auth;
class RedirectIfAuthenticated
{
public function handle($request, Closure $next, $guard = null)
{
if ($guard == "admin" && Auth::guard($guard)->check()) {
return redirect('/admin');
}
if ($guard == "manager" && Auth::guard($guard)->check()) {
return redirect('/manager');
}
if ($guard == "vendor" && Auth::guard($guard)->check()) {
return redirect('/vendor');
}
if (Auth::guard($guard)->check()) {
return redirect('/home');
}
return $next($request);
}
}
config.auth.php
<?php
return [
'defaults' => [
'guard' => 'admin',
'passwords' => 'admins',
],
'guards' => [
'admin' => [
'driver' => 'session',
'provider' => 'admins',
],
'manager' => [
'driver' => 'session',
'provider' => 'managers',
],
'vendor' => [
'driver' => 'session',
'provider' => 'vendors',
],
'api' => [
'driver' => 'token',
'provider' => 'users',
'hash' => false,
],
],
'providers' => [
'admins' => [
'driver' => 'eloquent',
'model' => App\Admin::class,
],
'managers' => [
'driver' => 'eloquent',
'model' => App\Manager::class,
],
'vendors' => [
'driver' => 'eloquent',
'model' => App\Vendor::class,
],
],
'passwords' => [
'admins' => [
'provider' => 'admins',
'table' => 'password_resets',
'expire' => 60,
],
'managers' => [
'provider' => 'managers',
'table' => 'password_resets',
'expire' => 60,
],
'vendors' => [
'provider' => 'vendors',
'table' => 'password_resets',
'expire' => 60,
],
],
];
当我尝试通过在AdminController上执行dd()获得Auth :: user()时,由于多重身份验证,显示为null。虽然成功登录。我认为我没有为管理员使用适当的保护措施。但是同时我也不知道如何解决这个问题。请帮帮我。
答案 0 :(得分:0)
在多重身份验证中: 我们可以使用Auth :: user()直接访问经过身份验证的用户。默认情况下,它将返回身份验证guard ='users'。 对于其他身份验证,我们应该使用用户guard('guard_name')。 对于您的情况,应该使用Auth :: guard('admins')-> user()代替Auth :: user()。
答案 1 :(得分:0)
一切似乎都还不错。但是您错过了为路由添加网络中间件。
请这样编辑您的 web.php ,它会起作用。
Route::group(['middleware' => ['web']], function () {
// all your routes use Auth() besides login route should be encapsulated and go inside this.
});
这是因为Web中间件具有会话类,签入app.Http / kernel.php
\Illuminate\Session\Middleware\StartSession::class,