[英]How can I restrict the user not to access login page after logged in with Laravel Guards?
我正在用 Laravel 构建一个项目。 我的代码一切正常,就在用户登录时,他可以访问仪表板,但问题是当我点击登录网址时,它会返回并再次显示登录表单页面,当我点击仪表板的网址时,它是向我展示仪表板。
正如我们所知,在我们登录后在 Facebook 中我们无法再次访问登录页面,但如果我们注销然后我们可以看到,所以我希望在我的项目中使用相同的功能。 下面是我所做的代码,
路线
Route::prefix('/admin')->namespace('Admin')->group(function(){
// All the Admin Routes
Route::match(['get','post'],'/','AdminController@login');
Route::group(['middleware' => 'admin'], function () {
Route::get('dashboard','AdminController@dashboard');
Route::get('logout','AdminController@logout');
});
});
控制器
public function login(Request $request){
if($request->isMethod('post')){
$data = $request->all();
// echo "<pre>";
// print_r($data);
// die;
$this->validate($request,[
'email'=>'required',
'password'=>'required',
],
);
if(Auth::guard('admin')->attempt(['email' => $data['email'], 'password' => $data['password']])){
return redirect('admin/dashboard');
}else{
// $request->session()->flash('error', 'Invalid email or password');
Session::flash('error','Invalid email or password');
return redirect()->back();
}
}
return view('admin.admin_login');
}
public function logout(){
Auth::guard('admin')->logout();
return redirect('/admin');
}
中间件
public function handle($request, Closure $next)
{
if(!Auth::guard('admin')->check()){
return redirect('/admin');
}
return $next($request);
}
内核.php
protected $routeMiddleware = [
'auth' => \App\Http\Middleware\Authenticate::class,
'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
'bindings' => \Illuminate\Routing\Middleware\SubstituteBindings::class,
'cache.headers' => \Illuminate\Http\Middleware\SetCacheHeaders::class,
'can' => \Illuminate\Auth\Middleware\Authorize::class,
'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class,
'password.confirm' => \Illuminate\Auth\Middleware\RequirePassword::class,
'signed' => \Illuminate\Routing\Middleware\ValidateSignature::class,
'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class,
'verified' => \Illuminate\Auth\Middleware\EnsureEmailIsVerified::class,
'admin' => \App\Http\Middleware\Admin::class,
];
将guest
中间件分配给您不希望经过身份验证的用户访问的任何路由。 你可以给它传递一个守卫名称:
'guest:admin'
您可以使用此路由方法
Route::get('/login', function () {
//
})->middleware('guest:admin');
或者像这样在控制器中使用
public function __construct()
{
$this->middleware('auth')->only(['edit']);
}
或者
public function __construct()
{
$this->middleware('guest:admin')->only('login');
}
我正在处理你的代码
class AdminController extends Controller
{
// Define Middleware here like this
public function __construct()
{
$this->middleware('guest:admin')->only('login');
}
public function login(Request $request){
if($request->isMethod('post')){
$data = $request->all();
// echo "<pre>";
// print_r($data);
// die;
$this->validate($request,[
'email'=>'required',
'password'=>'required',
],
);
if(Auth::guard('admin')->attempt(['email' => $data['email'], 'password' => $data['password']])){
return redirect('admin/dashboard');
}else{
// $request->session()->flash('error', 'Invalid email or password');
Session::flash('error','Invalid email or password');
return redirect()->back();
}
}
return view('admin.admin_login');
}
public function logout(){
Auth::guard('admin')->logout();
return redirect('/admin');
}
}
为访问登录页面创建特殊中间件并设置 cookie 或在会话或 cookie 存在时创建会话路由必须重定向到仪表板否则显示登录页面
检查redirectifauthenticated.php
并根据需要相应地设置路线
<?php
namespace App\Http\Middleware;
use Closure;
use Illuminate\Support\Facades\Auth;
class RedirectIfAuthenticated
{
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @param string|null $guard
* @return mixed
*/
public function handle($request, Closure $next, $guard = null)
{
switch ($guard) {
case 'admin':
if (Auth::guard($guard)->check()) {
return redirect()->route('admin.dashboard');
}
break;
case 'writer':
if (Auth::guard($guard)->check()) {
return redirect()->route('writer.dashboard');
}
break;
default:
if (Auth::guard($guard)->check()) {
return redirect('/home');
}
break;
}
return $next($request);
}
}
最好的方法。
//如果不存在则创建中间件
class RedirectIfAuthenticated
{
public function handle(Request $request, Closure $next, ...$guards)
{
$guards = empty($guards) ? [null] : $guards;
foreach ($guards as $guard) {
if (Auth::guard($guard)->check()) {
//redirect to where you want
return redirect(url('dashboard'));
}
}
return $next($request);
}
}
//然后在不希望登录用户访问的页面中使用中间件这样
Route::get('/register', [AuthController::class, 'register'])->name("register")
->middleware(RedirectIfAuthenticated::class);
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.