我需要添加toomanylogin尝试使用我的login进行的功能。现在它不起作用。 Iam使用Laravel Framework 5.1.45(LTS)。下面提到了我使用的代码。我的控制器功能是
<?php
use App\Libraries\SessionHelper;
use App\Libraries\ConfigUtils;
use App\Libraries\GeneralLib;
use App\Models\OrgSettings;
use App\Http\Controllers\Controller;
use Illuminate\Foundation\Auth\ThrottlesLogins;
use Illuminate\Foundation\Auth\AuthenticatesUsers;
use Illuminate\Foundation\Auth\AuthenticatesAndRegistersUsers;
class LoginController extends Controller {
use AuthenticatesAndRegistersUsers, ThrottlesLogins;
public function doLogin() {
$email = Input::get('email');
$pass = Input::get('password');
$candidate_login_user = User::getUserByEmail($email);
$data = User::authenticate($email, $pass);
if (empty($data)) {
User::logFailedAuthentication($email, $candidate_login_user->organization);
Session::flash('error', "Incorrect email or password.");
return Redirect::to('/login');
}
}
我的查看页面如下
<form action="login" method="post">
<div class="body bg-gray">
<div class="alert alert-danger">
<strong >Whoops!</strong> There were some problems with your input.<br><br>
<ul>
@foreach ($errors->all() as $error)
<li>{{ $error }}</li>
@endforeach
</ul>
</div>
@endif
<?php
Session::forget('error');
Session::forget('success');
?>
<div class="form-group">
<input type="email" name="email" class="form-control"
placeholder="email"/>
</div>
<div class="form-group">
<input type="password" name="password"
class="form-control" placeholder="password"/>
</div>
由于您正在执行自己的登录操作,仅将特征添加到LoginController
以实现限制是不够的。
[您需要从hasTooManyLoginAttempts
操作中检查doLogin
方法,并在必要时自行触发锁定事件。
public function doLogin(\Illuminate\Http\Request $request) {
if ($this->hasTooManyLoginAttempts($request)) {
$this->fireLockoutEvent($request);
return $this->sendLockoutResponse($request);
}
$email = Input::get('email');
$pass = Input::get('password');
$candidate_login_user = User::getUserByEmail($email);
$data = User::authenticate($email, $pass);
if (empty($data)) {
User::logFailedAuthentication($email, $candidate_login_user->organization);
Session::flash('error', "Incorrect email or password.");
$this->incrementLoginAttempts($request);
return Redirect::to('/login');
}
}
总的来说,我认为只使用内置的Auth控制器来处理您的登录(或者至少将它们用作起点)而不是重新实现自己的登录会更好。