堆栈内存溢出
  简体   繁体   English

如何在 Laravel 中执行自定义身份验证

[英]How to perform custom auth validation in Laravel

 原文  2020-01-07 08:26:08       php/ laravel

问题描述

I have created a laravel application by using custom auth.我使用自定义身份验证创建了一个 Laravel 应用程序。 By whych, user can login using mobile number alone.为什么,用户可以单独使用手机号码登录。 And once they enter mobile number and submit they will recieve one time password on mobile as sms.一旦他们输入手机号码并提交,他们将在手机上收到一次性密码作为短信。 And on the next screen they should enter the one time password and login in. And i have successfully implemented this funcitons.在下一个屏幕上,他们应该输入一次性密码并登录。我已经成功地实现了这个功能。

But my problem is when i validate one time password, if its correct it log's in and if its wrong i get a error stating The GET method is not supported for this route.但我的问题是,当我验证一次密码时,如果正确,则登录,如果错误,我会收到一条错误消息,指出此路由不支持 GET 方法。 Supported methods: POST.支持的方法:POST。 , I dont know which causes this error, as all the routes are in POST only. ,我不知道是什么导致了这个错误,因为所有的路由都只在 POST 中。

Please guide me to achive this, if the one time password is wrong the page should redirect to same page stating the error showing "One time password is not matched".请指导我实现这一点,如果一次性密码错误,页面应重定向到同一页面,并显示“一次性密码不匹配”的错误。

My Route:我的路线:

Auth::routes(['login' => false]);

Route::get('/home', 'HomeController@index')->name('home');

Route::post('/otp', 'AuthController@showOtpForm')->name('otp');

Route::post('/loginsuccess', 'AuthController@loginsuccess')->name('loginsuccess');

And form tag on Login.blade.php is as follows Login.blade.php 上的表单标签如下

<form class="login-form" action="{{ route('otp') }}" method="post">

And form tag and hidden value from login page on otp.blade.php is as follows otp.blade.php登录页面的表单标签和隐藏值如下

<form class="login-form" method="POST" action="{{ route('loginsuccess') }}">

<input type="hidden" value="{{ $phone }}" name="phone">

And my Auth Controller is as follows,我的身份验证控制器如下,

 public function showOtpForm(Request $request)
    {
        try
        {
            $newotp =  mt_rand(100000, 999999);

            $user = User::where('phone', $request->phone)->firstOrFail();
            $user->otp = $newotp;
            $user->save();

            return view('auth.otp')->with('phone', $request->phone);
        }
        catch(ModelNotFoundException $e)
        {
            //dd(get_class_methods($e)); // lists all available methods for exception object
            echo "No user found, please register or try again later.";
        }

    }


    public function loginsuccess(Request $request)
    {
        try
        {
            $user = User::where('phone', $request->phone)->firstOrFail();
                if($user->otp === $request->otp)
                {
                    Auth::login($user);
                    return redirect()->route('home');
                }else{
                    return redirect()->back();
                }
        }
        catch(ModelNotFoundException $e)
        {
            dd($e);
        }
    }

Please help me to validate, if one time password is correct means it should go to route ('home') and if one time password is wrong then it should be redirect to same page on which users types one time password but with error.请帮我验证,如果一次密码正确意味着它应该去路由('home'),如果一次密码错误,那么它应该被重定向到用户输入一次密码但有错误的同一页面。

1 个解决方案

解决方案1
 0 已采纳  2020-01-07 08:34:40

The problem is the following statement:问题在于以下语句:

return redirect()->back();

This redirects the user back on your otp route.这会将用户重定向回您的otp路由。 You defined that the route is only accessible by using a POST request.您定义了只能使用POST请求访问该路由。 The problem is that the redirection uses a GET request.问题是重定向使用了GET请求。

So either you think about redirecting the user to the login route like return redirect()->route('login');因此,要么您考虑将用户重定向到login路由,例如return redirect()->route('login'); so that he has to enter his mobile number again (would eventually be a little bit more secure) or you change your otp route from GET to POST like this:这样他就必须再次输入他的手机号码(最终会更安全一点),或者您将otp路由从GET更改为POST如下所示:

Route::get('/otp', 'AuthController@showOtpForm')->name('otp');

If you change POST to GET you must also change the method in your form on the login view.如果您将POST更改为GET您还必须更改登录视图上表单中的方法。

BTW: You can not pass login => false as parameter for Auth::routes() .顺便说一句:您不能将login => false作为Auth::routes()参数传递。 Possible parameters are:可能的参数是:

Auth::routes([
  'register' => false, // Registration Routes...
  'reset' => false, // Password Reset Routes...
  'verify' => false, // Email Verification Routes...
]);

You need to override the login route and just redirect it to home or somewhere else.您需要覆盖登录路由并将其重定向到家或其他地方。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 如何在Laravel中执行多重身份验证? - How to perform multi auth in laravel? 如何在Laravel中执行此自定义输入表单验证(如果用户名\\电子邮件尚未存在于DB中)? - How can I perform this custom input form validation (if the username\e-mail yet exists in the DB) in Laravel? laravel 5.8 Auth / RegisterController自定义重定向验证失败 - laravel 5.8 Auth/RegisterController custom redirect on validation failure 如何在Laravel 4上执行自定义auth :: attempt消息 - How to do custom auth::attempt message on laravel 4 如何在laravel 5.3中进行自定义身份验证 - How to make custom auth in laravel 5.3 如何在 Laravel 中为 Auth::user() 添加自定义值 - How to add custom value to Auth::user() in Laravel 如何在Laravel中进行自定义身份验证查询 - How to make a custom auth query in Laravel 如何为 Laravel Auth 创建自定义密码字段 - How to create a custom password field for Laravel Auth Laravel-4:如何将自定义字段添加到AUTH模块 - Laravel - 4: How to add custom fields to AUTH module Laravel 5如何在Controller中执行验证以检查数据收集中的特定数据 - Laravel 5 How to perform validation in Controller to check for specific data in data collection
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM