stackoom
  简体   繁体   中英

How do I validate User role on Laravel 5.8s Built in Authentication?

 原文  2019-06-16 06:42:39       laravel/ login/ laravel-5.8/ laravel-authentication

Question

I've a User Role column on my User's table.

  • stands for Super Admin,
  • stands for other users

I've checked a lot of Laravel Tutorials and none of them has helped me about solving this issue.

I've found ways like replacing the whole Laravel's Login Controller and replacing Authenticate Users trait with ours own. I want to solve my problem with minimal code change. Is it possible?

How do I implement it with minimal code changes in this Trait method? 

public function login(Request $request)
{
    $this->validateLogin($request);


    if (method_exists($this, 'hasTooManyLoginAttempts') &&
        $this->hasTooManyLoginAttempts($request)) {
        $this->fireLockoutEvent($request);

        return $this->sendLockoutResponse($request);
    }

    if ($this->attemptLogin($request)) {
        return $this->sendLoginResponse($request);
    }


    $this->incrementLoginAttempts($request);

    return $this->sendFailedLoginResponse($request);
}

2 answers

solution1
 1  2019-06-16 11:20:56

You could do something as supersimple as adding a isSuperAdmin function to the User model. After logging in you just call this function on the user whenever you need to check.

In model User.php 

  public function isSuperAdmin()
  {
      return $this->user_role == 1;
  }

Then you could also make a middleware that's using this function. 

php artisan make:middleware SuperAdmin

In the handle function of this middleware ( app/http/middleware/SuperAdmin.php ): 

public function handle($request, Closure $next)
{
    if (Auth::check() && Auth::user()->isSuperAdmin()) {
        return $next($request);
    }
    return redirect('some-route-for-unauthorized-users');

}

Then in your routes (probably web.php), you can use this middleware to protect routes: 

Route::group(['middleware' => ['auth', 'superadmin']], function () {
    ... put protected routes here ...
});

solution2
 0  2019-06-16 06:58:12

Solution 

        /**
         * Create a new controller instance.
         *
         * @return void
         */
        public function __construct() {
            $this->middleware('guest')->except('logout');
        }

        protected function credentials(Request $request)
        {
            $credentials = $request->only($this->username(), 'password');
            $credentials['role'] = '1';
            return $credentials;
        }

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question How to update this role in laravel 5.8 How do I check User Role before Logging in A user with Spatie's Laravel-Permission? Laravel 6: how do I send user_id with role_id(s) to controller, in order to sync user_role pivot table? User Authentication if Admin or User laravel 5.8 How do I test Laravel's built in verify email notification? Validate files in Laravel 5.8 How do I correctly translate the activation email in Laravel 5.8? How do I get a separator with a variable inside the URL in Laravel 5.8 How to assign role to user in laravel's Seeder How do I access file mimeType in Laravel 5.8?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM