我正在尝试创建自定义防护,但是我成功了,但是当我尝试使用防护来登录时,>]
[$this->attemptLogin($request)
返回true
,但是紧随其后的Auth::check()
方法返回false
/** * Handle a login request to the application. * * @param \Illuminate\Http\Request $request * @return \Illuminate\Http\RedirectResponse|\Illuminate\Http\Response|\Illuminate\Http\JsonResponse * * @throws \Illuminate\Validation\ValidationException */ public function login(Request $request) { $this->validateLogin($request); // If the class is using the ThrottlesLogins trait, we can automatically throttle // the login attempts for this application. We'll key this by the username and // the IP address of the client making these requests into this application. if (method_exists($this, 'hasTooManyLoginAttempts') && $this->hasTooManyLoginAttempts($request)) { $this->fireLockoutEvent($request); return $this->sendLockoutResponse($request); } if ($this->attemptLogin($request)) { // Returns true dd(Auth::check()); // Returns false return $this->sendLoginResponse($request); } // If the login attempt was unsuccessful we will increment the number of attempts // to login and redirect the user back to the login form. Of course, when this // user surpasses their maximum number of attempts they will get locked out. $this->incrementLoginAttempts($request); return $this->sendFailedLoginResponse($request); }
使用的模型扩展了
Illuminate\Foundation\Auth\User
我也重写了getAuthPassword
方法,因为您使用的是access_code
登录>
我也定义了$guard
,并在auth.php
中使用session as the driver
对其做了一个gaurd
我已经读过类似的问题,但是他们建议PK应该称为id
,并且应该是auto_increment
。
我符合那些条件。
我还覆盖了LoginController中的guard
方法,它包含use AuthenticatesUsers;
行
我正在使用Laravel 6.5.1版
我也没有收到错误。
下面是整个类:
LoginController:
namespace App\Http\Controllers\Auth; use App\Http\Controllers\Controller; use Illuminate\Foundation\Auth\AuthenticatesUsers; use Illuminate\Http\Request; use Illuminate\Support\Facades\Auth; use Illuminate\Support\Facades\Hash; class LoginController extends Controller { /* |-------------------------------------------------------------------------- | Login Controller |-------------------------------------------------------------------------- | | This controller handles authenticating users for the application and | redirecting them to your home screen. The controller uses a trait | to conveniently provide its functionality to your applications. | */ use AuthenticatesUsers; /** * Where to redirect users after login. * * @var string */ protected $redirectTo = '/home'; /** * Create a new controller instance. * * @return void */ public function __construct() { $this->middleware('guest')->except('logout'); } /** * Get the guard to be used during authentication. * * @return \Illuminate\Contracts\Auth\StatefulGuard */ protected function guard() { return Auth::guard("contestant"); } }
型号:
namespace App; use Illuminate\Contracts\Auth\MustVerifyEmail; use Illuminate\Foundation\Auth\User as Authenticatable; use Illuminate\Notifications\Notifiable; class Contestants extends Authenticatable { use Notifiable; protected $guard = "contestant"; /** * The attributes that are mass assignable. * * @var array */ protected $fillable = [ 'first_name','last_name','present','email','phone_number', 'access_code' ]; /** * The attributes that should be hidden for arrays. * * @var array */ protected $hidden = [ 'access_code' ]; /** * Get the password for the user. * * @return string */ public function getAuthPassword() { return $this->access_code; } }
Auth.php:
<?php return [ /* |-------------------------------------------------------------------------- | Authentication Defaults |-------------------------------------------------------------------------- | | This option controls the default authentication "guard" and password | reset options for your application. You may change these defaults | as required, but they're a perfect start for most applications. | */ 'defaults' => [ 'guard' => 'web', 'passwords' => 'users', ], /* |-------------------------------------------------------------------------- | Authentication Guards |-------------------------------------------------------------------------- | | Next, you may define every authentication guard for your application. | Of course, a great default configuration has been defined for you | here which uses session storage and the Eloquent user provider. | | All authentication drivers have a user provider. This defines how the | users are actually retrieved out of your database or other storage | mechanisms used by this application to persist your user's data. | | Supported: "session", "token" | */ 'guards' => [ 'web' => [ 'driver' => 'session', 'provider' => 'users', ], 'contestant' => [ 'driver' => 'session', 'provider' => 'contestant', ], 'api' => [ 'driver' => 'token', 'provider' => 'users', 'hash' => false, ], ], /* |-------------------------------------------------------------------------- | User Providers |-------------------------------------------------------------------------- | | All authentication drivers have a user provider. This defines how the | users are actually retrieved out of your database or other storage | mechanisms used by this application to persist your user's data. | | If you have multiple user tables or models you may configure multiple | sources which represent each model / table. These sources may then | be assigned to any extra authentication guards you have defined. | | Supported: "database", "eloquent" | */ 'providers' => [ 'users' => [ 'driver' => 'eloquent', 'model' => App\User::class, ], 'contestant' => [ 'driver' => 'eloquent', 'model' => \App\Contestants::class, ], // 'users' => [ // 'driver' => 'database', // 'table' => 'users', // ], ], /* |-------------------------------------------------------------------------- | Resetting Passwords |-------------------------------------------------------------------------- | | You may specify multiple password reset configurations if you have more | than one user table or model in the application and you want to have | separate password reset settings based on the specific user types. | | The expire time is the number of minutes that the reset token should be | considered valid. This security feature keeps tokens short-lived so | they have less time to be guessed. You may change this as needed. | */ 'passwords' => [ 'users' => [ 'provider' => 'users', 'table' => 'password_resets', 'expire' => 60, 'throttle' => 60, ], ], /* |-------------------------------------------------------------------------- | Password Confirmation Timeout |-------------------------------------------------------------------------- | | Here you may define the amount of seconds before a password confirmation | times out and the user is prompted to re-enter their password via the | confirmation screen. By default, the timeout lasts for three hours. | */ 'password_timeout' => 10800, ];
如果您需要更多信息,请随时询问。
我正在尝试创建自定义防护,但我成功了,但是当我尝试使用防护进行登录时,$ this-> attemptLogin($ request)返回true,但是之后紧接着是Auth :: check()。 。
您的默认防护为web
。当您在不指定防护装置的情况下呼叫Auth::...
时,它将使用默认的防护装置。
在LoginController
中,您要定义要用作contestant
方法中的guard
保护的防护。您需要检查的不是网络警卫。您可以使用从该方法返回的防护来代替Auth::check()
: