Laravel 用户基于角色登录到不同的主页
[英]Laravel user login based on roles to different home page
问题描述
The Scenario
情景
I have a simple application which has four main user roles.我有一个简单的应用程序,它有四个主要用户角色。
- Admin (AdminController and Admin middleware file) Admin(AdminController 和 Admin 中间件文件)
- Moderator (ModeratorController and Moderator middleware file)主持人(主持人控制器和主持人中间件文件)
- Agent (AgentController and Agent middleware file) Agent(AgentController 和 Agent 中间件文件)
- Supplier(SupplierController and Supplier middleware file)供应商(SupplierController 和供应商中间件文件)
Each role has a separate controller and middleware as above.每个角色都有一个单独的controller和上面的中间件。 Every controller has index method which directs the controller to the respected home view.每个 controller 都有索引方法,可将 controller 引导到受尊敬的主视图。
AdminController File管理控制器文件
class AdminController extends Controller
{
public function index()
{
return view('admin.home');
}
}
Note: same goes to other 3 controller files with respect to each role.注意:对于每个角色,其他 3 个 controller 文件也是如此。
Middleware\Admin.php file中间件\Admin.php 文件
use Auth;
class Admin
{
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
//return $next($request);
if(auth::check() && Auth::user()->role == 1){
return $next($request);
}
else {
return redirect()->route('login');
}
}
}
Note: same goes to other 3 middleware files with respect to each role.注意:对于每个角色,其他 3 个中间件文件也是如此。
Kernal.php内核.php
protected $routeMiddleware = [
...
'admin' => \App\Http\Middleware\Admin::class,
'moderator' => \App\Http\Middleware\Moderator::class,
'agent' => \App\Http\Middleware\Agent::class,
'supplier' => \App\Http\Middleware\Supplier::class,
];
routes\web.php路线\web.php
Route::get('/admin', 'AdminController@index')->middleware('admin');
Route::get('/moderator', 'ModeratorController@index')->middleware('moderator');
Route::get('/agent', 'AgentController@index')->middleware('agent');
Route::get('/supplier', 'SupplierController@index')->middleware('supplier');
\App\Http\Middleware\RedirectIfAuthenticated \App\Http\Middleware\RedirectIfAuthenticated
class RedirectIfAuthenticated
{
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @param string|null $guard
* @return mixed
*/
public function handle($request, Closure $next, $guard = null)
{
if ($guard == "admin" && Auth::guard($guard)->check()) {
return redirect('/admin');
}
if ($guard == "moderator" && Auth::guard($guard)->check()) {
return redirect('/moderator');
}
if ($guard == "agent" && Auth::guard($guard)->check()) {
return redirect('/agent');
}
if ($guard == "supplier" && Auth::guard($guard)->check()) {
return redirect('/supplier');
}
return $next($request);
}
}
Finally my LoginController最后我的登录控制器
use Auth;
class LoginController extends Controller
{
/*
|--------------------------------------------------------------------------
| Login Controller
|--------------------------------------------------------------------------
|
| This controller handles authenticating users for the application and
| redirecting them to your home screen. The controller uses a trait
| to conveniently provide its functionality to your applications.
|
*/
use AuthenticatesUsers;
/**
* Where to redirect users after login.
*
* @var string
*/
protected $redirectTo;
public function redirectTo()
{
switch(Auth::user()->role){
case 1:
$this->redirectTo = '/admin';
return $this->redirectTo;
break;
case 2:
$this->redirectTo = '/moderator';
return $this->redirectTo;
break;
case 3:
$this->redirectTo = '/agent';
return $this->redirectTo;
break;
case 4:
$this->redirectTo = '/supplier';
return $this->redirectTo;
break;
default:
$this->redirectTo = '/login';
return $this->redirectTo;
}
// return $next($request);
}
/**
* Create a new controller instance.
*
* @return void
*/
public function __construct()
{
//$this->middleware('guest')->except('logout');
}
}
QUESTIONS问题
Q1. Q1。 Is this the best way or rather most efficient way to achieve this?这是实现这一目标的最佳方式还是最有效的方式?
Q2. Q2。 Is this approach is secure enough to use in a real commercial application?这种方法是否足够安全,可以在真正的商业应用中使用?
Q3. Q3。 The routes work the way they are expected to work, For an instance if i go to localhost/login and type relevant credentials it goes to the relevant home page based on the user role.路由按照预期的方式工作,例如,如果我 go 到localhost/login并键入相关凭据,它将根据用户角色转到相关主页。 And when i'm in localhost/admin and try to type and go to url localhost/agent it simply goes to the login localhost/login without logout the user.当我在localhost/admin中并尝试输入 go 到 url localhost/agent时,它只需进入登录localhost/login而无需注销用户。
However if the user doesn't want to try another login or rather want to go back to his dashboard, the app can't recognize the logged user's correct home to go back when click on the "Dashboard".但是,如果用户不想尝试其他登录,或者想将 go 返回到他的仪表板,则当单击“仪表板”时,应用程序无法识别登录用户的 go 的正确主页。 When click, it redirects to the /home created by default Auth scaffolding which i have already removed from the app structure.单击时,它会重定向到我已经从应用程序结构中删除的默认Auth脚手架创建的 /home。 Same apply to other user roles eg; from localhost/agent to localhost/supplier, from localhost/moderator to localhost/admin, etc.同样适用于其他用户角色eg; from localhost/agent to localhost/supplier, from localhost/moderator to localhost/admin, etc. eg; from localhost/agent to localhost/supplier, from localhost/moderator to localhost/admin, etc.
What am i missing here?我在这里想念什么?
Please note that i started working with laravel few weeks back and still trying to figure the things out...请注意,几周前我开始使用 laravel 并且仍在尝试解决问题...
1 个解决方案
解决方案1
0 2021-02-09 08:54:19
The middleware of RedirectIfAuthenticated is responsible for redirecting users that are currently authenticated in the site. RedirectIfAuthenticated的中间件负责重定向当前在站点中通过身份验证的用户。
You should apply your logic in redirectTo method of App\Http\Controllers\Auth\LoginController if you're using laravel/ui如果你使用 laravel/ui,你应该在App\Http\Controllers\Auth\LoginController的redirectTo方法中应用你的逻辑
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.