Laravel 广播身份验证工作或用于 web 防护或自定义防护

Question

在项目中，我有两个身份验证守卫，web（默认情况下是用户）和我的自定义（教师）。 我注意到，老师不能在广播中授权。 在Broadcast::routes(['middleware' => ['web', 'auth:teacher']])中添加中间件后，教师授权成功，但用户重定向到登录页面。 所以我有以下问题：

1. 有Broadcast::routes(); 代码，广播工作正常只对用户守卫，对于教师它返回403 forbidden错误。

2. 有Broadcast::routes(['middleware' => ['web', 'auth:teacher']]); 代码，广播仅适用于教师警卫，用户重定向到身份验证，登录，然后是用户页面。

config/auth.php

<?php

return [

    /*
    |--------------------------------------------------------------------------
    | Authentication Defaults
    |--------------------------------------------------------------------------
    |
    | This option controls the default authentication "guard" and password
    | reset options for your application. You may change these defaults
    | as required, but they're a perfect start for most applications.
    |
    */

    'defaults' => [
        'guard' => 'web',
        'passwords' => 'users',
    ],

    /*
    |--------------------------------------------------------------------------
    | Authentication Guards
    |--------------------------------------------------------------------------
    |
    | Next, you may define every authentication guard for your application.
    | Of course, a great default configuration has been defined for you
    | here which uses session storage and the Eloquent user provider.
    |
    | All authentication drivers have a user provider. This defines how the
    | users are actually retrieved out of your database or other storage
    | mechanisms used by this application to persist your user's data.
    |
    | Supported: "session", "token"
    |
    */

    'guards' => [
        'web' => [
            'driver' => 'session',
            'provider' => 'users',
        ],
        'teacher' => [
            'driver' => 'session',
            'provider' => 'teacher',
        ],

        'api' => [
            'driver' => 'token',
            'provider' => 'users',
            'hash' => false,
        ],
    ],

    /*
    |--------------------------------------------------------------------------
    | User Providers
    |--------------------------------------------------------------------------
    |
    | All authentication drivers have a user provider. This defines how the
    | users are actually retrieved out of your database or other storage
    | mechanisms used by this application to persist your user's data.
    |
    | If you have multiple user tables or models you may configure multiple
    | sources which represent each model / table. These sources may then
    | be assigned to any extra authentication guards you have defined.
    |
    | Supported: "database", "eloquent"
    |
    */

    'providers' => [
        'users' => [
            'driver' => 'eloquent',
            'model' => App\User::class,
        ],
        'teacher' => [
            'driver' => 'eloquent',
            'model' => App\Teacher::class,
        ],

        // 'users' => [
        //     'driver' => 'database',
        //     'table' => 'users',
        // ],
    ],

    /*
    |--------------------------------------------------------------------------
    | Resetting Passwords
    |--------------------------------------------------------------------------
    |
    | You may specify multiple password reset configurations if you have more
    | than one user table or model in the application and you want to have
    | separate password reset settings based on the specific user types.
    |
    | The expire time is the number of minutes that the reset token should be
    | considered valid. This security feature keeps tokens short-lived so
    | they have less time to be guessed. You may change this as needed.
    |
    */

    'passwords' => [
        'users' => [
            'provider' => 'users',
            'table' => 'password_resets',
            'expire' => 60,
            'throttle' => 60,
        ],
    ],

    /*
    |--------------------------------------------------------------------------
    | Password Confirmation Timeout
    |--------------------------------------------------------------------------
    |
    | Here you may define the amount of seconds before a password confirmation
    | times out and the user is prompted to re-enter their password via the
    | confirmation screen. By default, the timeout lasts for three hours.
    |
    */

    'password_timeout' => 10800,

];

app\Providers\BroadcastServiceProvider.php

<?php

namespace App\Providers;

use Illuminate\Support\Facades\Broadcast;
use Illuminate\Support\ServiceProvider;

class BroadcastServiceProvider extends ServiceProvider
{
    /**
     * Bootstrap any application services.
     *
     * @return void
     */
    public function boot()
    {   
        Broadcast::routes(['middleware' => ['web', 'auth:teacher']]);

        require base_path('routes/channels.php');
    }
}

Answer 1

这来晚了，但是，如果你还没有Broadcast::routes(['middleware' => ['auth:web', 'auth:teacher']]);你应该试试这个

Broadcast::routes()适用于学生，因为使用了身份验证中间件的默认“auth:web”保护，并且当您为教师添加时，您指定了错误的“web”，而不是“auth:web”。 尝试使用Broadcast::routes(['middleware' => ['auth:web', 'auth:teacher']]); 或Broadcast::routes(['middleware' => ['auth:web,teacher']]);