防止用户未经授权访问网页

Question

How can I prevent the users to access my web pages via url browsing.如何防止用户通过 url 浏览访问我的网页。 I mean I need to check whether the user is logged in before accessing any web pages.我的意思是我需要在访问任何网页之前检查用户是否已登录。 The application should not allow to access the page to user just by url.应用程序不应允许用户仅通过 url 访问页面。

Shall I have to check in every controller for authentication or is there any other way?我必须检查每个控制器进行身份验证还是有其他方法？

Suppose I have a controller DistributorController .假设我有一个控制器DistributorController 。 Now the methods inside this controllers are,现在这个控制器里面的方法是，

<?php

namespace App\Http\Controllers;

use Illuminate\Http\Request;
use Session;
use App\Distributor;

class DistributorController extends Controller
{
    /**
     * Display a listing of the resource.
     *
     * @return \Illuminate\Http\Response
     */
    public function index()
    {
        //
    }

    function fetchData()
    {
        $distributors = Distributor::all()->toArray();
        return compact('distributors');
    }

    /**
     * Show the form for creating a new resource.
     *
     * @return \Illuminate\Http\Response
     */
    public function create()
    {
        return view('pages.distributors', $this->fetchData());
    }

    /**
     * Store a newly created resource in storage.
     *
     * @param  \Illuminate\Http\Request  $request
     * @return \Illuminate\Http\Response
     */
    public function store(Request $request)
    {
        try{
            // code block
        }
        catch (\Exception $e) {
            // code block
        }
    }

    /**
     * Display the specified resource.
     *
     * @param  int  $id
     * @return \Illuminate\Http\Response
     */
    public function show($id)
    {
        //
    }

    /**
     * Show the form for editing the specified resource.
     *
     * @param  int  $id
     * @return \Illuminate\Http\Response
     */
    public function edit($id)
    {
        //
    }

    /**
     * Update the specified resource in storage.
     *
     * @param  \Illuminate\Http\Request  $request
     * @param  int  $id
     * @return \Illuminate\Http\Response
     */
    public function update(Request $request, $id)
    {
        //
    }

    /**
     * Remove the specified resource from storage.
     *
     * @param  int  $id
     * @return \Illuminate\Http\Response
     */
    public function destroy($id)
    {
        //
    }
}

Answer 1

In your web.php file where you define the routes, you can group the routes and surround them using the Auth middleware.在您定义路由的web.php文件中，您可以对路由进行分组并使用 Auth 中间件将它们包围起来。 You can read more here你可以在这里阅读更多

Answer 2

I think you may check for the user session for example例如，我认为您可以检查用户会话

if (!$_SESSION['id']){              // if user session is not found
                     header("location:http://yoursite.index.php"); //redirect anywhere
       }
  else { 
           // Your code 'view page'  
       }

Hope my answer solves it :)希望我的回答能解决它:)

防止用户未经授权访问网页

问题描述

2 个解决方案

解决方案1
1 2018-10-27 15:43:29

解决方案2
0 2018-10-27 15:49:52

防止用户未经授权访问网页

问题描述

2 个解决方案

解决方案1 1 2018-10-27 15:43:29

解决方案2 0 2018-10-27 15:49:52

解决方案1
1 2018-10-27 15:43:29

解决方案2
0 2018-10-27 15:49:52