如何在Laravel中批准多重身份验证

时间:2019-06-01 08:33:37

标签: laravel eloquent laravel-5.7

他正在使用Laravel多重身份验证,它工作正常,管理员重定向到管理页面,用户重定向到主页,但我希望如果用户未获得批准,则不应登录并看到错误“您可以在帐户获得批准后的24小时后登录”

我在管理员中间件中添加了此代码,但是它不起作用:

  if (auth()->check() && $request->user()->status == 0) {
        return redirect()->guest('login');
    }
    else{
     return redirect('login')->with('flash_message_error','You 
     can  login after approval');
    }

管理员中间件:

  public function handle($request, Closure $next)
  {
    if (auth()->check() && $request->user()->admin == 0) {
        return redirect()->guest('home');
    }


    return $next($request);
  }

路线:

  Route::group(['middleware' => ['web','auth']], function

    Route::get('/home', function(){
    if (Auth::user()->admin == 0) {
    return view('home');
     }else {
     $users['users'] = \App\User::all();
     return view('adminhome', $users);
        }
      });
   });

用户模型:

  protected $fillable = [
    'name', 'email', 'password', 'admin',
  ];

此ID数据库迁移:

    Schema::create('users', function (Blueprint $table) {
        $table->increments('id');
        $table->string('name');
        $table->string('email')->unique();
        $table->timestamp('email_verified_at')->nullable();
        $table->string('password');
        $table->boolean('admin')->default(0);
        $table->boolean('approved')->default(0);
        $table->rememberToken();
        $table->timestamps();
    });

我只希望当用户注册时,它应该等到数据库中的批准列手动变为1时

1 个答案:

答案 0 :(得分:0)

在您的Auth/LoginController中添加以下方法

namespace App\Http\Controllers\Auth;

use App\Http\Controllers\Controller;
use Illuminate\Http\Request;
use AuthenticatesUsers;

use Illuminate\Support\Facades\Hash;
use App\User;
class LoginController extends Controller
{

 protected function credentials(Request $request)
{
    $credentials = $request->only($this->username(), 'password');
    $credentials['status'] = 1;
    return $credentials;
}


 protected function sendFailedLoginResponse(Request $request)
{
    $errors = [$this->username() => trans('auth.failed')];
    // Load user from database

    $user = \App\User::where($this->username(), $request->{$this->username()})->first();

    // Check if user was successfully loaded, that the password matches
    // and status is not 1. If so, override the default error message.


    if ($user && \Hash::check($request->password, $user->password) && $user->status != 1) {

        $errors = [$this->username() => 'you can login after 24hr after your account will be approved'];
    }
    if ($request->expectsJson()) {
        return response()->json($errors, 422);
    }
    return redirect()->back()
        ->withInput($request->only($this->username(), 'remember'))
        ->withErrors($errors);
}





}
相关问题
最新问题