堆栈内存溢出
  简体   繁体   English

Laravel 基于用户角色的登录重定向问题:重定向太多次

[英]Laravel login redirect issue based on role of user: redirect too many times

 原文  2020-07-02 17:24:40       php/ laravel/ routes/ middleware

问题描述

I am trying to make code in Laravel using middleware which will redirect user depending on user's role.我正在尝试使用中间件在 Laravel 中编写代码,该中间件将根据用户的角色重定向用户。 The issue is I get error: redirected too many times whether user is simple user or admin.问题是我收到错误:无论用户是简单用户还是管理员,都重定向了太多次。 I am so far performing check whether user is admin by providing string in middleware, i am not accessing db yet.到目前为止,我正在通过在中间件中提供字符串来检查用户是否是管理员,我还没有访问数据库。 Any help is greatly appreciated.任何帮助是极大的赞赏。

Here is my code below:下面是我的代码:

mid.php (Middleware) mid.php (中间件)

class mid
{
    /**
     * Handle an incoming request.
     *
     * @param  \Illuminate\Http\Request  $request
     * @param  \Closure  $next
     * @return mixed
     */
    public function handle($request, Closure $next)
    {
        if($request->session()->has('user')){
            $user = $request->session()->get('user');
            if($user == "pujan@pujanovic.com"){
                return redirect()->route('adminview');      
            }else{
                return redirect()->route('userview');      
            }
        }else{
            return redirect()->route('login')->with('poruka','Niste administrator!');
        }
        
        return $next($request);
    }
}

Web.php Web.php

<?php

/*
|--------------------------------------------------------------------------
| Web Routes
|--------------------------------------------------------------------------
|
| Here is where you can register web routes for your application. These
| routes are loaded by the RouteServiceProvider within a group which
| contains the "web" middleware group. Now create something great!
|
*/

Route::get("/","HomeController@index")->name('index');
Route::get("/login","HomeController@loginview")->name('login');
Route::get("/admin","HomeController@adminview")->name('adminview')->middleware('mid');


Route::post("/login","LoginController@login");

Route::get("/user","HomeController@userview")->name('userview')->middleware('mid');

LoginController.php登录控制器.php

<?php

namespace App\Http\Controllers;
use Session;
use Illuminate\Support\Facades\Validator;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\DB;
use Illuminate\Support\Facades\URL;
use App\Models\UserModel;

class LoginController extends Controller
{
    //
    
    public function login(Request $request){
        $email=$request->input('email');
        $password=$request->input('password');

        $this->validate($request,[
        'email'=>'required',
        'password'=>'required'
        ]);
        
        $pass=md5($password);
        $data=DB::SELECT("SELECT * FROM users where email=? and password=?",[$email,$password]);
        
        if (count($data)){
            session()->put('user',$email);
            $value=session('user');
        
        return redirect()->route('userview');
        }else{
            return redirect()->route('login')->with('success','wrong data');
            
        }
        
    }
}

1 个解决方案

解决方案1
 0  2020-07-02 18:14:27

Your middleware will redirect a user who isn't "pujan@pujanovic.com" to the userview route.您的中间件会将不是"pujan@pujanovic.com"的用户重定向到userview路由。 You have this middleware assigned to the userview route.您已将此中间件分配给userview路由。

So if there is a user in the session and they are not "pujan@pujanovic.com" they will get into an endless loop being redirected to the same route, then the middleware will redirect them to the same route again, in a loop.因此,如果 session 中有一个用户并且他们不是"pujan@pujanovic.com" ,他们将进入一个无限循环,被重定向到相同的路由,然后中间件将在循环中再次将他们重定向到相同的路由。

This is also an issue for when you have this assigned to the adminview .当您将其分配给adminview时,这也是一个问题。 If you are the "admin" and you try to hit that route, you will also end up in an endless loop.如果您是“管理员”并且您尝试访问该路线,那么您将陷入无限循环。

In short you are telling it to redirect endlessly.简而言之,您是在告诉它无休止地重定向。

This middleware will never let anyone get to the destination route.这个中间件永远不会让任何人到达目标路由。 It can only redirect to somewhere else.它只能重定向到其他地方。

Update:更新:

Here is a rough idea of what you could do for an Admin check middleware这是您可以为管理员检查中间件做什么的粗略想法

Admin Middleware:管理中间件:

public function handle($request, $next)
{
    // an auth middleware could handle this itself
    if (! ($email = $request->session()->get('user'))) {
        // not logged in at all
        return redirect()->route('login');
    } 

    if ($email != 'admin@email.com') {
        // not the admin user
        // redirect them away
        return redirect()->route(...);
    }

    // let the request pass through as we have determined they are the admin
    return $next($request);
}

This middleware would get assigned to a route that you only want the admin to be able to access.该中间件将被分配给您只希望管理员能够访问的路由。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 在 laravel 中重定向太多次 - redirect too many times in laravel Laravel 9 根据角色将登录重定向到不同的视图 - Laravel 9 redirect login to different views based on role Laravel 5.3重定向到https重定向了您太多次 - Laravel 5.3 redirect to https redirected you too many times 基于用户角色的登录始终重定向到同一页面 - User-role based login always redirect to the same page Laravel Quickadmin-用户角色重定向 - Laravel Quickadmin - User Role Redirect Oauth登录不起作用-重定向次数过多(ERR_TOO_MANY_REDIRECTS) - Oauth Login is not working - Redirect too many times (ERR_TOO_MANY_REDIRECTS) Laravel 4登录页面重定向问题 - Laravel 4 redirect issue with login page PHP与基于MYSQL DB角色的登录重定向 - PHP with MYSQL DB Role based login redirect Yii 1.1登录重定向取决于用户角色(基于角色的访问控制) - Yii 1.1 Login redirect depending on user role (Role based access control) codeigniter登录重定向太多到家庭控制器 - codeigniter login redirect too many to home controller
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM