尝试使用 Doctrine 而不是 Eloquent 让 Laravel 进行多重身份验证。我已经尝试了很多事情,但总是陷入困境。我目前定义了两个守卫、两个模型、两个登录控制器等。如果我启用其中之一,它们就会起作用。如果我同时尝试两者,则似乎只有默认防护起作用。当我尝试访问其他守卫时,我被重定向到错误的登录页面。
如果我转到 /login - 按预期工作
如果我转到 /home (未登录) - 按预期重定向到 /login
如果我去 /register- 按预期工作
如果我转到 /admin/login - 按预期工作
如果我转到 /admin/register - 按预期工作
如果我转到 /admin (未登录) - 失败 - 应该重定向到 /admin/login 但反而重定向到 /login
我确信我错过了一些简单的事情。一切都是单独运作的。它只是获取 /admin 路由来使用正确的中间件......我想......也许?
我的路线文件:
Auth::routes();
// staff authentication routes
Route::group( [ 'middleware' => [ 'web' ] ], function() {
Route::get( 'admin/login', 'Auth\StaffLoginController@showLoginForm' );
Route::post( 'admin/login', [ 'as' => 'staff.login', 'uses' => 'Auth\StaffLoginController@login' ] );
Route::get( 'admin/register', 'Auth\StaffRegisterController@showRegistrationForm' );
Route::post( 'admin/register', [ 'as' => 'staff.register', 'uses' => 'Auth\StaffRegisterController@register' ] );
Route::group( [ 'middleware' => [ 'staff' ] ], function() {
Route::get( '/admin', 'AdminController@index' )->name( 'admin' );
});
});
Route::get('/home', 'HomeController@index')->name('home');
我尝试过各种路线定义,但这是最新的迭代。之前的迭代也没有成功。
我的授权文件:
'defaults' => [
'guard' => 'web',
'passwords' => 'users',
],
'guards' => [
'web' => [
'driver' => 'session',
'provider' => 'users',
],
'api' => [
'driver' => 'token',
'provider' => 'users',
],
'staff' => [
'driver' => 'session',
'provider' => 'adminusers',
]
],
'providers' => [
'users' => [
'driver' => 'doctrine',
'model' => App\Users\Customer::class,
],
'adminusers' => [
'driver' => 'doctrine',
'model' => App\Users\Staff::class,
]
],
'passwords' => [
'users' => [
'provider' => 'users',
'table' => 'password_resets',
'expire' => 60,
],
'adminusers' => [
'provider' => 'adminusers',
'table' => 'password_resets',
'expire' => 30,
],
],
我的 LoginController (与开箱即用的基本相同):
class LoginController extends Controller {
use AuthenticatesUsers;
protected $redirectTo = '/home';
public function __construct() {
$this->middleware('guest')->except('logout');
}
}
我的员工登录控制器:
<?php
class StaffLoginController extends Controller {
use AuthenticatesUsers;
protected $redirectTo = '/admin';
protected $guard = 'staff';
public function __construct() {
$this->middleware( 'guest' )->except( 'logout' );
}
public function showLoginForm() {
return view( 'auth.staff.login' );
}
public function login( Request $request ) {
$this->validate( $request, [
'email' => 'required|email',
'password' => 'required',
]);
if( auth()->guard( 'staff' )->attempt( [
'email' => $request->input( 'email' ),
'password' => $request->input( 'password' ),
])) {
return view( 'staff' );
} else {
return view( 'auth.staff.login' )->withErrors( [ 'email' => 'Authentication failed' ] );
}
}
protected function guard() {
return \Auth::guard( 'staff' );
}
}
我的管理员控制器:
class AdminController extends Controller {
public function __construct() {
$this->middleware( 'auth:staff' );
}
public function index() {
return view( 'staff' );
}
}
我的 RedirectIfStaffUnauthenticated 中间件(在 Http\Kernel.php routeMiddleware 中注册为 'staff' => \SNJ\Http\Middleware\RedirectIfStaffUnauthenticated::class, ):
class RedirectIfStaffUnauthenticated {
public function handle( $request, Closure $next, $guard = 'staff' ) {
if ( !Auth::guard( $guard )->check() ) {
return view( 'auth.staff.login' );
}
return $next( $request );
}
}
UPDATE:
将 web.php 中的路由更改为如下(从 admin/login 和 admin/register 路由中删除了中间件:
Auth::routes();
// staff authentication routes
Route::get( 'admin/login', 'Auth\StaffLoginController@showLoginForm' );
Route::post( 'admin/login', [ 'as' => 'staff.login', 'uses' => 'Auth\StaffLoginController@login' ] );
Route::get( 'admin/register', 'Auth\StaffRegisterController@showRegistrationForm' );
Route::post( 'admin/register', [ 'as' => 'staff.register', 'uses' => 'Auth\StaffRegisterController@register' ] );
Route::group( [ 'middleware' => [ 'staff' ] ], function() {
Route::get( '/admin', 'AdminController@index' )->name( 'admin' );
});
Route::get('/home', 'HomeController@index')->name('home');
不用找了。还是不行。
尝试更改路由(将所有管理路由放入“staff”中间件中:
授权::路线();
// staff authentication routes
Route::group( [ 'middleware' => [ 'staff' ] ], function() {
Route::get( 'admin/login', 'Auth\StaffLoginController@showLoginForm' );
Route::post( 'admin/login', [ 'as' => 'staff.login', 'uses' => 'Auth\StaffLoginController@login' ] );
Route::get( 'admin/register', 'Auth\StaffRegisterController@showRegistrationForm' );
Route::post( 'admin/register', [ 'as' => 'staff.register', 'uses' => 'Auth\StaffRegisterController@register' ] );
Route::get( '/admin', 'AdminController@index' )->name( 'admin' );
});
Route::get('/home', 'HomeController@index')->name('home');
彼此彼此。还是不行。