[英]How to restrict Laravel login based on role?
我正在寻找一种更好,更有效的方法来限制用户基于其给定角色基于其登录应用程序。 例如,只有具有Administrator
角色的Users
才能登录到应用程序仪表板。
这是我的实现
谢谢
用户表播种机
<?php
use App\User;
use Illuminate\Database\Seeder;
class UsersTableSeeder extends Seeder
{
/**
* Run the database seeds.
*
* @return void
*/
public function run()
{
$user = new User();
$user->name = "admin";
$user->email = "";
$user->mobile = "";
$user->is_admin = true;
$user->password = bcrypt("");
$user->active = false;
$user->save();
}
}
登录方式
public function login(Request $request)
{
// Check validation
$validator = $this->validate($request, [
'email' => 'required | email',
'password' => 'required | string | min:8',
]);
if ($this->authenticate($request)) {
return redirect()->route('home');
}
return redirect('/')->withErrors($validator, 'login');
}
验证方法
public function authenticate($request)
{
return \Auth::guard()->attempt([
'email' => $request->email,
'password' => $request->password,
],
$request->filled('remember')
);
}
在您的登录控制器中重写此方法以限制登录
protected function credentials(Request $request)
{
return array_merge($request->only($this->username(), 'password'), ['is_admin' => 1]);
}
/**
* Get the failed login response instance.
*
* @param \Illuminate\Http\Request $request
* @return \Illuminate\Http\RedirectResponse
*/
protected function sendFailedLoginResponse(Request $request)
{
$errors = [$this->username() => trans('auth.failed')];
// Load user from database
$user = User::where($this->username(), $request->{$this->username()})->first();
// Check if user was successfully loaded, that the password matches
// and is_admin not 1. If so, override the default error message.
if ($user && \Hash::check($request->password, $user->password) && $user->is_admin != 1) {
$errors = [$this->username() => "You don't have access to login this system"];
}
if ($request->expectsJson()) {
return response()->json($errors, 422);
}
return redirect()->back()
->withInput($request->only($this->username(), 'remember'))
->withErrors($errors);
}
确保在顶部使用它。
use Illuminate\Http\Request;
use App\User;
我认为处理这种情况的最佳方法是创建自己的登录功能,并在此功能中进行如下检查:
// If the email is registered with a certain role then only allow them further to the login process otherwise return with a proper message
$user = User::where(['email' => $your_email]);
if( $user->role == 'admin' || $user->role == 'agent' ){
// Login mechanism
}
else{
// return redirect with a proper message
}
对于所有其他路由,请创建一个自定义middleware
以进行检查,然后将其传递到路由middleware
数组中。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.