是否可以实现基于字符串的身份验证

时间:2019-10-08 06:35:20

标签: laravel security authentication

让我们说我有一个非常基本的身份验证过程,在此只需输入正确的安全密钥即可。没有诸如用户表之类的东西。我要检查的是,是否输入的字符串与我的安全密钥匹配。使用laravel auth可以实现吗?如果是,怎么办?

1 个答案:

答案 0 :(得分:1)

如果您不想使用任何持久性数据(例如数据库),则可以使用会话。覆盖LoginController中的登录方法,并在那里进行检查。

public function login(Request $request)
{
    if($request->input('security_key') === 'my_secret_string') {
        $request->session()->put('isAuthenticated', true);
        return redirect()->intended('success');
    }

    return back()->withErrors('Invalid secret key');
}

然后创建一个中间件来检查用户是否已通过身份验证。我们称之为check_auth:

public function handle($request, Closure $next)
{
    if(!empty(session('isAuthenticated')) && session('isAuthenticated') === true) {
        return $next($request);
    }

    return redirect('/login');
}

并在您的路由中添加中间件:

Route::group(['middleware' => ['web', 'check_auth']], function () {
    //your routes here
});

不要忘记将新的中间件添加到kernel.php文件中:

protected $routeMiddleware = [
        'auth' => \App\Http\Middleware\Authenticate::class,
        'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
        'bindings' => \Illuminate\Routing\Middleware\SubstituteBindings::class,
        'cache.headers' => \Illuminate\Http\Middleware\SetCacheHeaders::class,
        'can' => \Illuminate\Auth\Middleware\Authorize::class,
        'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class,
        'signed' => \Illuminate\Routing\Middleware\ValidateSignature::class,
        'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class,
        'verified' => \Illuminate\Auth\Middleware\EnsureEmailIsVerified::class,
        'check_auth' => 'App\Http\Middleware\check_auth' //add this
    ];
相关问题
最新问题