[英]Laravel 8: Authentication always redirects back to login
I recently shifted a 6-year-old Laravel project from 5.1 to 8.x.我最近将一个使用了 6 年的 Laravel 项目从 5.1 转移到了 8.x。 I've followed Upgrading old Laravel applications and now that I'm running Laravel 8, I can't log into the application anymore.
我已经关注了升级旧的 Laravel 应用程序,现在我正在运行 Laravel 8,我无法再登录应用程序了。 I've rewritten the authentication to match the Laravel Breeze starter kit, but my problem remains: After entering the user credentials, I'm always being redirected to the login page.
我已经重写了身份验证以匹配Laravel Breeze入门套件,但我的问题仍然存在:输入用户凭据后,我总是被重定向到登录页面。
I double checked if the user really is authenticated by entering wrong user credentials.我仔细检查了用户是否真的通过输入错误的用户凭据进行了身份验证。 When doing that, I correctly get an error message.
这样做时,我正确地收到一条错误消息。 I don't get an error message when entering the right user credentials.
输入正确的用户凭据时,我没有收到错误消息。
Everything but the login page is only accessible for authenticated users, so these are the relevant portions of my setup:除了登录页面之外的所有内容都只能供经过身份验证的用户访问,因此这些是我设置的相关部分:
// /routes/web.php
Route::get('/', function () {
return redirect('login');
});
Route::get('/edit-data', function () {
return view('dashboard.edit_data');
})->middleware(['auth'])->name('edit-data');
require __DIR__.'/auth.php';
// /routes/auth.php
Route::get('/login', [AuthenticatedSessionController::class, 'create'])
->middleware('guest')
->name('login');
Route::post('/login', [AuthenticatedSessionController::class, 'store'])
->middleware('guest');
Route::post('/logout', [AuthenticatedSessionController::class, 'destroy'])
->middleware('auth')
->name('logout');
// /app/Http/Controllers/Auth/AuthenticatedSessionController.php
public function create()
{
if (Auth::check() || Auth::viaRemember()) {
return redirect('edit-data');
} else {
return view('user.login');
}
}
public function store(LoginRequest $request)
{
$request->authenticate();
$request->session()->regenerate();
Session::put('language', LanguageInterface::DE);
return redirect()->intended(RouteServiceProvider::HOME);
}
public function destroy(Request $request)
{
Auth::guard('web')->logout();
$request->session()->invalidate();
$request->session()->regenerateToken();
return redirect('login');
}
// /app/Http/Requests/Auth/LoginRequest.php
public function authenticate()
{
$this->ensureIsNotRateLimited();
if (!Auth::attempt($this->only('login', 'password'), true)) {
RateLimiter::hit($this->throttleKey());
throw ValidationException::withMessages([
'login' => __('auth.failed'),
]);
}
RateLimiter::clear($this->throttleKey());
}
// /app/Http/Middleware/RedirectIfAuthenticated.php
public function handle(Request $request, Closure $next, ...$guards)
{
$guards = empty($guards) ? [null] : $guards;
foreach ($guards as $guard) {
if (Auth::guard($guard)->check()) {
return redirect(RouteServiceProvider::HOME);
}
}
return $next($request);
}
// /app/Providers/RouteServiceProvider.php
public const HOME = '/edit-data';
I also debugged the authentication process with Xdebug and noticed that the path
is correctly set to /edit-data
.我还使用 Xdebug 调试了身份验证过程,并注意到
path
已正确设置为/edit-data
。 But the outcome is always a refresh of (or redirection to) the login page.但结果总是刷新(或重定向到)登录页面。
Am I missing something?我错过了什么吗?
After a bit of research, I found the solution: The password hashes didn't match anymore.经过一番研究,我找到了解决方案:密码哈希不再匹配。 Luckily I had stored the users' credentials and was able to rehash the passwords using
php artisan tinker
:幸运的是,我已经存储了用户的凭据,并且能够使用
php artisan tinker
密码:
echo Hash::make('password');
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.