[英]Laravel middlewares always return false
I created 4 middlewares: 1 for checking if user is one of the admins( role_id !='4') , 1 for super admin(role_id==1), 1 for normal admin(role_id==2) and 1 for editor admin(role_id ==3) 我创建了4种中间件:1用于检查用户是否是管理员之一(role_id!='4'),1用于超级管理员(role_id == 1),1用于普通管理员(role_id == 2),1用于编辑者admin (role_id == 3)
My user table has a role_id
column. 我的用户表有一个
role_id
列。
The middleware for the check user is one of the admins worked. 检查用户的中间件是工作的管理员之一。 But other middleware always return false.
但是其他中间件总是返回false。
My route 我的路线
Route::group(['middleware'=>'admin'],function(){
Route::get('/backlogout','backend\BackloginController@getLogout')->name('back-logout');
Route::get('/dashboard','BackendController@index')->name('backend');
Route::group(['prefix' => 'categories', 'middleware' => ['superadmin', 'ad','editor']], function () {
Route::get('/index', ['as' => 'back.categories.index', 'uses' => 'backend\CategoriesController@index']);
Route::any('/store', ['as' => 'back.categories.store', 'uses' => 'backend\CategoriesController@store']);
Route::any('/create', ['as' => 'back.categories.create', 'uses' => 'backend\CategoriesController@create']);
Route::any('/edit/{id}', ['as' => 'back.categories.edit', 'uses' => 'backend\CategoriesController@edit']);
Route::any('/update/{id}', ['as' => 'back.categories.update', 'uses' => 'backend\CategoriesController@update']);
Route::any('/destroy/{id}', ['as' => 'back.categories.destroy', 'uses' => 'backend\CategoriesController@destroy']);
});
Route::group(['prefix' => 'products','middleware' => ['superadmin','editor']], function () {
Route::get('/index', ['as' => 'back.products.index', 'uses' => 'backend\ProductsController@index']);
Route::any('/store', ['as' => 'back.products.store', 'uses' => 'backend\ProductsController@store']);
Route::any('/create', ['as' => 'back.products.create', 'uses' => 'backend\ProductsController@create']);
Route::any('/edit/{id}', ['as' => 'back.products.edit', 'uses' => 'backend\ProductsController@edit']);
Route::any('/update/{id}', ['as' => 'back.products.update', 'uses' => 'backend\ProductsController@update']);
Route::any('/imgview/{id}', ['as' => 'back.products.imgview', 'uses' => 'backend\ProductsController@imgview']);
Route::any('/updateimg/{id}', ['as' => 'back.products.updateimg', 'uses' => 'backend\ProductsController@updateImg']);
Route::any('/destroy/{id}', ['as' => 'back.products.destroy', 'uses' => 'backend\ProductsController@destroy']);
});
Route::group(['prefix' => 'users','middleware' => ['superadmin', 'ad']], function () {
Route::get('/index', ['as' => 'back.users.index', 'uses' => 'backend\UsersController@index']);
Route::any('/store', ['as' => 'back.users.store', 'uses' => 'backend\UsersController@store']);
Route::any('/create', ['as' => 'back.users.create', 'uses' => 'backend\UsersController@create']);
Route::any('/edit/{id}', ['as' => 'back.users.edit', 'uses' => 'backend\UsersController@edit']);
Route::any('/update/{id}', ['as' => 'back.users.update', 'uses' => 'backend\UsersController@update']);
Route::any('/destroy/{id}', ['as' => 'back.users.destroy', 'uses' => 'backend\UsersController@destroy']);
});
});
my kernel.php 我的kernel.php
protected $routeMiddleware = [
'auth' => \Illuminate\Auth\Middleware\Authenticate::class,
'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
'bindings' => \Illuminate\Routing\Middleware\SubstituteBindings::class,
'can' => \Illuminate\Auth\Middleware\Authorize::class,
'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class,
'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class,
'admin'=>\App\Http\Middleware\CheckAdmin::class,
'superadmin'=>\App\Http\Middleware\CheckSuperAdmin::class,
'ad'=>\App\Http\Middleware\CheckAd::class,
'editor'=>\App\Http\Middleware\CheckEditor::class,
];
my checkadmin (check if user is one of the admin) middlware this one worked 我的checkadmin(检查用户是否是管理员之一)中间件软件这一方法有效
class CheckAdmin
{
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
if(Auth::check() && Auth::user()->role_id !='4'){
return $next($request);
}
return redirect()->route('backend-login');
}
}
my checksuperadmin middleware 我的checksuperadmin中间件
class CheckSuperAdmin
{
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
if(Auth::check() && Auth::user()->role_id =='1'){
return $next($request);
}
Session::flash('notsuper','only super admin can access this page');
return redirect()->route('backend');
}
}
my checkad( check for normal admin) middlware 我的checkad(检查普通管理员)中间件
class CheckAd
{
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
if(Auth::check() && Auth::user()->role_id =='2'){
return $next($request);
}
Session::flash('notadmin','only admin can access this page');
return redirect()->route('backend');
}
}
my checkeditor middleware 我的Checkitor中间件
class CheckEditor
{
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
if(Auth::check() && Auth::user()->role_id =='3'){
return $next($request);
}
Session::flash('noteditor','only editor can access this page');
return redirect()->route('backend');
}
}
i don't know why but all the checksuperadmin, checkadm, checkeditor always return false 我不知道为什么,但是所有checksuperadmin,checkadm,checkitor总是返回false
Remove the middleware from first group. 从第一组中删除中间件。
Route::group(['prefix' => 'categories', 'middleware' => ['superadmin', 'ad','editor']], function () {
Route::get('/index', ['as' => 'back.categories.index', 'uses' => 'backend\CategoriesController@index']);
Route::any('/store', ['as' => 'back.categories.store', 'uses' => 'backend\CategoriesController@store']);
Route::any('/create', ['as' => 'back.categories.create', 'uses' => 'backend\CategoriesController@create']);
Route::any('/edit/{id}', ['as' => 'back.categories.edit', 'uses' => 'backend\CategoriesController@edit']);
Route::any('/update/{id}', ['as' => 'back.categories.update', 'uses' => 'backend\CategoriesController@update']);
Route::any('/destroy/{id}', ['as' => 'back.categories.destroy', 'uses' => 'backend\CategoriesController@destroy']);
});
Route::group(['prefix' => 'products','middleware' => ['superadmin','editor']], function () {
Route::get('/index', ['as' => 'back.products.index', 'uses' => 'backend\ProductsController@index']);
Route::any('/store', ['as' => 'back.products.store', 'uses' => 'backend\ProductsController@store']);
Route::any('/create', ['as' => 'back.products.create', 'uses' => 'backend\ProductsController@create']);
Route::any('/edit/{id}', ['as' => 'back.products.edit', 'uses' => 'backend\ProductsController@edit']);
Route::any('/update/{id}', ['as' => 'back.products.update', 'uses' => 'backend\ProductsController@update']);
Route::any('/imgview/{id}', ['as' => 'back.products.imgview', 'uses' => 'backend\ProductsController@imgview']);
Route::any('/updateimg/{id}', ['as' => 'back.products.updateimg', 'uses' => 'backend\ProductsController@updateImg']);
Route::any('/destroy/{id}', ['as' => 'back.products.destroy', 'uses' => 'backend\ProductsController@destroy']);
});
Route::group(['prefix' => 'users','middleware' => ['superadmin', 'ad']], function () {
Route::get('/index', ['as' => 'back.users.index', 'uses' => 'backend\UsersController@index']);
Route::any('/store', ['as' => 'back.users.store', 'uses' => 'backend\UsersController@store']);
Route::any('/create', ['as' => 'back.users.create', 'uses' => 'backend\UsersController@create']);
Route::any('/edit/{id}', ['as' => 'back.users.edit', 'uses' => 'backend\UsersController@edit']);
Route::any('/update/{id}', ['as' => 'back.users.update', 'uses' => 'backend\UsersController@update']);
Route::any('/destroy/{id}', ['as' => 'back.users.destroy', 'uses' => 'backend\UsersController@destroy']);
});
You are applying a multiple midllewares to all your route groups. 您正在将多个中间件应用于所有路由组。 In this case Laravel grants you access only if user satisfy ALL of them.
在这种情况下,Laravel仅在用户满足所有条件时才授予您访问权限。 Try to do something like this:
尝试做这样的事情:
class CheckEditor {
public function handle($request, Closure $next)
{
if(Auth::check() && Auth::user()->role_id <='3')
//do something
}
}
class CheckAd {
public function handle($request, Closure $next)
{
if(Auth::check() && Auth::user()->role_id <='2')
//do something
}
}
And at your route groups use single middleware: For "Editor" ang higher access level: 并且在您的路由组中使用单个中间件:对于“编辑器”和更高的访问级别:
Route::group(['middleware' => 'editor'], function () {
//place your routes here
});
... etc for another access levels. ...等等,以获得另一个访问级别。 Use
==
at role middleware only if you wish to grant access for ONLY this one 仅当您希望仅授予该角色访问权限时,才在角色中间件上使用
==
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.