i want to create a second authentication in laravel 5.4 for an administration page.
First of all let me describe my problem: I have a functionable user login (default laravel auth) via 'web'-guard. Now i want to create a second authentication for the admin panel. I have another table which is storing the name, a token (which is something like a password) and an authority level.
The second/separate table is a dependency given by the system the page is developed for so i can't change that.
I have the login page for the administration panel but when i try to authenticate i get redirected back to the login everytime.
I already googled the whole thing and came across some good examples:
https://jamesmcfadden.co.uk/custom-authentication-in-laravel-with-guards-and-user-service-providers
But i wasn't able to figure it out.
Here's what i did already:
Added a second guard named ' admin ' in config/auth.php
'guards' => [ 'web' => [ 'driver' => 'session', 'provider' => 'users', ], 'admin' => [ 'driver' => 'session', 'provider' => 'admin', ] ], 'providers' => [ 'users' => [ 'driver' => 'eloquent', 'model' => App\\User::class, ], 'admin' => [ 'driver' => 'eloquent', 'model' => App\\Admin::class, ] ],
Added the needed model
namespace App; use Illuminate\\Notifications\\Notifiable; use Illuminate\\Foundation\\Auth\\User as Authenticatable; class Admin extends Authenticatable { use Notifiable; protected $fillable = [ 'mID', 'mAccount', 'mName', 'mServerIP', 'mAuthority', 'mToken' ]; protected $hidden = [ 'mContactIP', 'mToken' ]; protected $table = 'administration'; protected $connection = 'common'; public $timestamps = false; public function getAuthIdentifierName() { return 'mAccount'; } }
Added necessary routes in routes/web.php
Route::group(['prefix' => 'admin'], function () { Route::get('/login','Auth\\ElevationController@showLoginForm')->middleware('web'); Route::post('/login','Auth\\ElevationController@elevate'); Route::get('/logout','Auth\\ElevationController@demote'); Route::get('/', function (){return redirect('admin/dashboard');}); Route::get('/dashboard', 'AdminController@index'); });
Added a new middleware under app/Http/Middleware named ' RedirectIfElevated ' via the command ' php artisan make:middleware '
public function handle($request, Closure $next, $guard = 'admin') { if (!Auth::guard($guard)->check()) { if(!Auth::guard('web')->check()) { return redirect('/'); } return redirect('/admin/login'); } return $next($request); }
and in Kernel.php
protected $routeMiddleware = [ . . . 'admin' => \\WarShape\\Http\\Middleware\\RedirectIfElevated::class, ];
finally i created my Controller : https://pastebin.com/s6iJgFAB
and created the view
@extends('layouts.app') @section('content') <div class="container"> <div class="row"> <div class="col-md-8 col-md-offset-2"> <div class="panel panel-default"> <div class="panel-heading">Elevation</div> <div class="panel-body"> <form class="form-horizontal" role="form" method="POST" action="{{ url('/admin/login') }}"> {{ csrf_field() }} <div class="form-group{{ $errors->has('password') ? ' has-error' : '' }}"> <label for="mToken" class="col-md-4 control-label">Token</label> <div class="col-md-6"> <input id="mToken" type="password" class="form-control" name="mToken" required> @if ($errors->has('password')) <span class="help-block"> <strong>{{ $errors->first('password') }}</strong> </span> @endif </div> </div> <div class="form-group{{ $errors->has('g-recaptcha-response') ? ' has-error' : '' }}"> <label for="recaptcha" class="col-md-4 control-label">Solve Captcha <br> & Elevate!</label> <div class="col-md-6"> {!! app('captcha')->display($attributes = [], $lang = app()->getLocale()) !!} @if ($errors->has('g-recaptcha-response')) <span class="help-block"> <strong>{{ $errors->first('g-recaptcha-response') }}</strong> </span> @endif </div> </div> <input type="hidden" name="mAccount" value="{{ Auth::guard('web')->user()->login }}"> <div class="form-group"> <div class="col-md-8 col-md-offset-4"> <button type="submit" class="btn btn-primary"> Elevate </button> </div> </div> </form> </div> </div> </div> </div> </div> @endsection
So the question i need an answer to is:
I hope you can help me with this & thanks for your help!
很抱歉,如果我没有回答您的问题,但是您不能在用户表中添加一个简单的列,例如is_admin
并仅授权is_admin = 1
用户使用中间件访问管理面板,而不是两次登录?
I fixed that with the following custom login method:
public function elevate(Request $request)
{
// login
$this->validateLogin($request);
$admin = Admin::where('mAccount', '=', Auth::guard('web')->user()->login)
->where('mToken', '=', $request->input('mToken'))->first();
if($admin){
Auth::guard('admin')->login($admin);
return redirect('/admin/dashboard');
}
else{
throw new \ErrorException('Elevation failed!');
}
}
protected function validateLogin(Request $request)
{
$this->validate($request, [
'mToken' => 'required|string|min:8',
'g-recaptcha-response' => 'required|captcha'
]);
}
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.