我是Laravel的新手,我使用5.8版本试图创建一个购物网站,其中包含2种AUTH类型,一种用于cms,另一种用于用户。用户可以从我的网站上购买商品。为此,我需要将两种登录类型分开,一种是cms Admin登录,另一种是用户登录。我想知道我该怎么做。谁能帮我。对于客户资料,我使用web.php文件和我共享的用户路由组:
<?php
/*
|--------------------------------------------------------------------------
| Web Routes
|--------------------------------------------------------------------------
|
| Here is where you can register web routes for your application. These
| routes are loaded by the RouteServiceProvider within a group which
| contains the "web" middleware group. Now create something great!
|
*/
Route::get('/', [
'uses' => 'ProductController@getIndex',
'as' => 'product.index'
]);
Route::get('/add-to-cart/{id}', [
'uses' => 'ProductController@getAddToCart',
'as' => 'product.addToCart'
]);
Route::get('/shopping-cart', [
'uses' => 'ProductController@getCart',
'as' => 'product.shoppingCart'
]);
Route::get('/checkout', [
'uses' => 'ProductController@getCheckout',
'as' => 'checkout'
]);
Route::post('/checkout', [
'uses' => 'ProductController@postCheckout',
'as' => 'checkout'
]);
Route::group(['prefix' => 'user'], function (){
Route::group(['middleware' => 'guest'], function (){
Route::get('/signup', [
'uses' => 'UserController@getSignup',
'as' => 'user.signup',
]);
Route::post('/signup', [
'uses' => 'UserController@postSignup',
'as' => 'user.signup',
]);
Route::get('/signin', [
'uses' => 'UserController@getSignin',
'as' => 'user.signin',
]);
Route::post('/signin', [
'uses' => 'UserController@postSignin',
'as' => 'user.signin',
]);
});
Route::group(['middleware' => 'auth'], function (){
Route::get('/profile', [
'uses' => 'UserController@getProfile',
'as' => 'user.profile',
]);
Route::get('/logout', [
'uses' => 'UserController@getLogout',
'as' => 'user.logout',
]);
});
});
我需要另一个AUTH来让CMS管理员可以上传待售商品
您不必为不同类型的用户使用单独的login逻辑。您可以通过修改当前用户表来集中此逻辑。您需要做的就是为用户分配角色。例如,在用户表上创建role属性,您可以在其中具有两个不同的角色:
现在,当您拥有两个角色时,可以修改登录逻辑,以将用户重定向到他们所属的页面。 Laravel提供了开箱即用的功能。您需要做的就是修改Laravel内置的redirectIfAuthenticated中间件。因此,您将获得类似以下内容:
public function handle( $request, Closure $next, $guard = null ) {
if ( Auth::guard( $guard )->check() ) { //check if user is authenthicated
$user = Auth::user();
switch ( $user->role ) {
case 'admin':
return redirect( )->route('admin');
break;
case 'user':
return redirect()->route('user');
break;
default:
return redirect( '/' );
}
}
return $next( $request );
}
因此,在本示例中,我们将检查经过身份验证的用户的角色,以确定他应该重定向到哪个页面。这是一个如何为用户处理不同角色的基本示例,但它应该使您了解这些内容的工作原理并帮助您解决问题。您可以在official documentantion上阅读有关Laravel内置身份验证系统的更多信息,在其中可以找到更多处理逻辑功能的方法。希望这可以对您有所帮助,并引导您朝正确的方向发展。
例如在app\Models中创建一个管理模型,可以说Admin.php。转到您的config\auth.php文件,然后在“身份验证保护”下进行如下操作
/*
|--------------------------------------------------------------------------
| Authentication Guards
|--------------------------------------------------------------------------
|
| Next, you may define every authentication guard for your application.
| Of course, a great default configuration has been defined for you
| here which uses session storage and the Eloquent user provider.
|
| All authentication drivers have a user provider. This defines how the
| users are actually retrieved out of your database or other storage
| mechanisms used by this application to persist your user's data.
|
| Supported: "session", "token"
|
*/
'guards' => [
'web' => [
'driver' => 'session',
'provider' => 'users',
],
'admin' => [
'driver' => 'session',
'provider' => 'admins',
],
'api' => [
'driver' => 'token',
'provider' => 'users',
'hash' => false,
],
],
在提供程序下的同一文件中,执行以下操作
/*
|--------------------------------------------------------------------------
| User Providers
|--------------------------------------------------------------------------
|
| All authentication drivers have a user provider. This defines how the
| users are actually retrieved out of your database or other storage
| mechanisms used by this application to persist your user's data.
|
| If you have multiple user tables or models you may configure multiple
| sources which represent each model / table. These sources may then
| be assigned to any extra authentication guards you have defined.
|
| Supported: "database", "eloquent"
|
*/
'providers' => [
'users' => [
'driver' => 'eloquent',
'model' => App\User::class,
],
'admins' => [
'driver' => 'eloquent',
'model' => App\Models\Admin::class,
],
// 'users' => [
// 'driver' => 'database',
// 'table' => 'users',
// ],
],
第二步打开Authenticate.php文件夹下的app\Http\Middleware,使其看起来像这样
/**
* Determine if the user is logged in to any of the given guards.
*
* @param \Illuminate\Http\Request $request
* @param array $guards
* @return void
*
* @throws \Illuminate\Auth\AuthenticationException
*/
protected function authenticate($request, array $guards)
{
if (empty($guards)) {
$guards = [null];
}
foreach ($guards as $guard)
{
if ($this->auth->guard($guard)->check()) {
return $this->auth->shouldUse($guard);
}
}
$guard = $guards[0];
if ($guard == 'admin')
{
$request->path = 'url-to-admin-login-page';
}
else
{
$request->path = '';
}
throw new AuthenticationException(
'Unauthenticated.', $guards, $this->redirectTo($request)
);
}
/**
* Get the path the user should be redirected to when they are not authenticated.
*
* @param \Illuminate\Http\Request $request
* @return string
*/
protected function redirectTo($request)
{
if (! $request->expectsJson())
{
return route($request->path.'login');
//return route('login');
}
}
STEP THREE在RedirectIfAuthenticated.php文件夹中打开app\Http\Middleware并将其修改为
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @param string|null $guard
* @return mixed
*/
public function handle($request, Closure $next, $guard = null)
{
switch ($guard)
{
case 'admin' :
{
if (Auth::guard($guard)->check())
{
return redirect('url-to-admin-home');//the url to admin home
}
break;
}
default :
{
if (Auth::guard($guard)->check())
{
return redirect('/home');
}
break;
}
}
return $next($request);
}
STEP FOUR最后,在所有管理控制器类中,确保在其构造函数中添加了保护'auth:admin以保护它们。例如
<?php
命名空间App \ Http \ Controllers;
使用App \ Http \ Controllers \ Controller;使用App \ Models \ Admin;
Class AdminController扩展了Controller{/ *** AdminController构造函数。* /公共功能__construct(){$ this-> middleware('auth:admin');}
public function index()
{
return view('admin.home');
}
}
请注意:建议注释掉原始代码,而不是删除它。