[英]Laravel authenticate users when their school is active
我们正在为学校制作一个 laravel 项目。 我们有一个学校数据库,里面有教师、员工等用户。 我的问题是如何防止来自特定学校的特定用户登录他们的学校状态标记为 = 0
或在我们的数据库中为非活动状态?
学校表+--------------+------------------+------+-----+---------+----------------+ | Field | Type | Null | Key | Default | Extra | +--------------+------------------+------+-----+---------+----------------+ | id | int(10) unsigned | NO | PRI | NULL | auto_increment | | name | varchar(191) | NO | UNI | NULL | | | description | text | NO | | NULL | | | logo | varchar(191) | YES | | NULL | | | status | int(11) | NO | | 1 | | | updated_by | varchar(191) | YES | | NULL | | | created_at | timestamp | YES | | NULL | | | updated_at | timestamp | YES | | NULL | | +--------------+------------------+------+-----+---------+----------------+
+--------------+------------------+------+-----+---------+----------------+ | Field | Type | Null | Key | Default | Extra | +--------------+------------------+------+-----+---------+----------------+ | id | int(10) unsigned | NO | PRI | NULL | auto_increment | | name | varchar(191) | NO | UNI | NULL | | | description | text | NO | | NULL | | | logo | varchar(191) | YES | | NULL | | | status | int(11) | NO | | 1 | | | updated_by | varchar(191) | YES | | NULL | | | created_at | timestamp | YES | | NULL | | | updated_at | timestamp | YES | | NULL | | +--------------+------------------+------+-----+---------+----------------+
用户表+-------------------+------------------+------+-----+---------+----------------+ | Field | Type | Null | Key | Default | Extra | +-------------------+------------------+------+-----+---------+----------------+ | id | int(10) unsigned | NO | PRI | NULL | auto_increment | | name | varchar(191) | NO | | NULL | | | email | varchar(191) | NO | UNI | NULL | | | password | varchar(191) | NO | | NULL | | | role | int(11) | NO | | 0 | | | school_id | int(11) | NO | | NULL | | | gender | int(11) | NO | | 1 | | | birthdate | date | YES | | NULL | | | address | varchar(191) | NO | | | | | phone | varchar(191) | YES | | NULL | | | remember_token | varchar(100) | YES | | NULL | | +-------------------+------------------+------+-----+---------+----------------+
+-------------------+------------------+------+-----+---------+----------------+ | Field | Type | Null | Key | Default | Extra | +-------------------+------------------+------+-----+---------+----------------+ | id | int(10) unsigned | NO | PRI | NULL | auto_increment | | name | varchar(191) | NO | | NULL | | | email | varchar(191) | NO | UNI | NULL | | | password | varchar(191) | NO | | NULL | | | role | int(11) | NO | | 0 | | | school_id | int(11) | NO | | NULL | | | gender | int(11) | NO | | 1 | | | birthdate | date | YES | | NULL | | | address | varchar(191) | NO | | | | | phone | varchar(191) | YES | | NULL | | | remember_token | varchar(100) | YES | | NULL | | +-------------------+------------------+------+-----+---------+----------------+
登录控制器.php
class LoginController extends Controller
{
use AuthenticatesUsers;
/**
* Where to redirect users after login.
*
* @var string
*/
// protected $redirectTo = '/admin';
/**
* Create a new controller instance.
*
* @return void
*/
public function __construct()
{
// $this->middleware('guest')->except('logout');
}
}```
用户 model
public function schools()
{
return $this->belongsTo('App\School', 'school_id');
}
学校model
public function users(){
return $this->hasMany(User::class);
}
我的 LoginController 仅使用AuthenticateUsers
function,我不知道如何覆盖它或为我制作新的 function。 提前致谢。
我建议为登录路由创建一个中间件,该中间件将为他的学校处理用户的状态值。 如果它无效,您应该处理它,例如,您向用户抛出异常,学校处于非活动状态。
更多关于它的信息: https://laravel.com/docs/master/middleware
更新:
<?php
namespace App\Http\Middleware;
use Closure;
use Illuminate\Contracts\Auth\Guard;
class Authenticate
{
/**
* The Guard implementation.
*
* @var Guard
*/
protected $auth;
/**
* Create a new filter instance.
*
* @param \Illuminate\Contracts\Auth\Guard $auth
*/
public function __construct(Guard $auth)
{
$this->auth = $auth;
}
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
if ($this->auth->schools()->status == 0) {
return response('School is inactive!', 401);
}
return $next($request);
}
}
并将新创建的中间件添加到App\Http Kernel.php class。
将以下行添加到变量$routeMiddleWare :
'auth' => \TIM\Http\Middleware\Authenticate::class,
现在要做的最后一件事是将'auth'键添加到Route group 。
Route::group([
'middleware' => ['auth'],
], function () {
// your routes
}
您可以覆盖attemptLogin
以检查此字段。
protected function attemptLogin(Request $request)
{
//
// Query the school status here and return false if status === 0.
//
return $this->guard()->attempt(
$this->credentials($request), $request->filled('remember')
);
}
在LoginController
中,您可以覆盖已authenticated
的方法,当用户成功登录时,此 function 会触发。
public function authenticated(Request $request, $user)
{
if ($user->schools()->status === 0) {
Auth::logout($user);
abort(403, 'Your school is not active.');
}
}
authenticated
方法而不是其他方法的原因是,此时您知道用户已正确登录,因此与attemptLogin
相反,它是处理它的正确位置。使用连接查询。 只需在 users 表中添加 school_id 。 例如
self::where('users.school_id', $id)->where('schools.status',0)
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.