laravel 添加后台登陆守护器
后台不能在一个浏览器登陆,下面简单配置下即可解决这个问题。
设置路由如下:
<?php
/**
* 后台路由,从Illuminate\Routing\Router控制器的auth()方法中复制过来的
*/
Route::namespace('Admin')->group(function () {
// Authentication Routes...
Route::get('login', 'Auth\LoginController@showLoginForm')->name('admin.login');
Route::post('login', 'Auth\LoginController@login');
Route::post('logout', 'Auth\LoginController@logout')->name('admin.logout');
// Registration Routes...
Route::get('register', 'Auth\RegisterController@showRegistrationForm')->name('admin.register');
Route::post('register', 'Auth\RegisterController@register');
// Password Reset Routes...
Route::get('password/reset', 'Auth\ForgotPasswordController@showLinkRequestForm')->name('admin.password.request');
Route::post('password/email', 'Auth\ForgotPasswordController@sendResetLinkEmail')->name('admin.password.email');
Route::get('password/reset/{token}', 'Auth\ResetPasswordController@showResetForm')->name('admin.password.reset');
Route::post('password/reset', 'Auth\ResetPasswordController@reset');
Route::middleware(["auth:admin"])->group(function () {
Route::get('/', 'AdminController@index')->name('admin');
});
});
<?php
/**
* 前台路由,从Illuminate\Routing\Router控制器的auth()方法中复制过来的
*/
Route::get('/', function () {
return view('welcome');
});
// Authentication Routes...
Route::get('login', 'Auth\LoginController@showLoginForm')->name('login');
Route::post('login', 'Auth\LoginController@login');
Route::post('logout', 'Auth\LoginController@logout')->name('logout');
// Registration Routes...
Route::get('register', 'Auth\RegisterController@showRegistrationForm')->name('register');
Route::post('register', 'Auth\RegisterController@register');
// Password Reset Routes...
Route::get('password/reset', 'Auth\ForgotPasswordController@showLinkRequestForm')->name('password.request');
Route::post('password/email', 'Auth\ForgotPasswordController@sendResetLinkEmail')->name('password.email');
Route::get('password/reset/{token}', 'Auth\ResetPasswordController@showResetForm')->name('password.reset');
Route::post('password/reset', 'Auth\ResetPasswordController@reset');
Route::middleware(["auth:web"])->group(function () {
Route::get('/home', 'HomeController@index')->name('home');
});
设置 config/auth.php:
<?php
return [
/*
|--------------------------------------------------------------------------
| Authentication Defaults
|--------------------------------------------------------------------------
|
| This option controls the default authentication "guard" and password
| reset options for your application. You may change these defaults
| as required, but they're a perfect start for most applications.
|
*/
'defaults' => [
'guard' => 'web',
'passwords' => 'users',
],
/*
|--------------------------------------------------------------------------
| Authentication Guards
|--------------------------------------------------------------------------
|
| Next, you may define every authentication guard for your application.
| Of course, a great default configuration has been defined for you
| here which uses session storage and the Eloquent user provider.
|
| All authentication drivers have a user provider. This defines how the
| users are actually retrieved out of your database or other storage
| mechanisms used by this application to persist your user's data.
|
| Supported: "session", "token"
|
*/
'guards' => [
'web' => [
'driver' => 'session',
'provider' => 'users',
],
'admin' => [
'driver' => 'session',
'provider' => 'admins',
],
'api' => [
'driver' => 'token',
'provider' => 'users',
],
],
/*
|--------------------------------------------------------------------------
| User Providers
|--------------------------------------------------------------------------
|
| All authentication drivers have a user provider. This defines how the
| users are actually retrieved out of your database or other storage
| mechanisms used by this application to persist your user's data.
|
| If you have multiple user tables or models you may configure multiple
| sources which represent each model / table. These sources may then
| be assigned to any extra authentication guards you have defined.
|
| Supported: "database", "eloquent"
|
*/
'providers' => [
'users' => [
'driver' => 'eloquent',
'model' => App\User::class,
],
'admins' => [
'driver' => 'eloquent',
'model' => \App\Models\Admin::class,
],
// 'users' => [
// 'driver' => 'database',
// 'table' => 'users',
// ],
],
/*
|--------------------------------------------------------------------------
| Resetting Passwords
|--------------------------------------------------------------------------
|
| You may specify multiple password reset configurations if you have more
| than one user table or model in the application and you want to have
| separate password reset settings based on the specific user types.
|
| The expire time is the number of minutes that the reset token should be
| considered valid. This security feature keeps tokens short-lived so
| they have less time to be guessed. You may change this as needed.
|
*/
'passwords' => [
'users' => [
'provider' => 'users',
'table' => 'password_resets',
'expire' => 60,
],
],
];
为后台所有路由设置前缀 App\Providers\RouteServiceProvider:
<?php
namespace App\Providers;
use Illuminate\Support\Facades\Route;
use Illuminate\Foundation\Support\Providers\RouteServiceProvider as ServiceProvider;
class RouteServiceProvider extends ServiceProvider
{
/**
* This namespace is applied to your controller routes.
*
* In addition, it is set as the URL generator's root namespace.
*
* @var string
*/
protected $namespace = 'App\Http\Controllers';
/**
* Define your route model bindings, pattern filters, etc.
*
* @return void
*/
public function boot()
{
//
parent::boot();
}
/**
* Define the routes for the application.
*
* @return void
*/
public function map()
{
$this->mapApiRoutes();
$this->mapWebRoutes();
// 为后台路由添加前缀
$this->mapAdminRoutes();
//
}
/**
* Define the "web" routes for the application.
*
* These routes all receive session state, CSRF protection, etc.
*
* @return void
*/
protected function mapWebRoutes()
{
Route::middleware('web')
->namespace($this->namespace)
->group(base_path('routes/web.php'));
}
/**
* Define the "api" routes for the application.
*
* These routes are typically stateless.
*
* @return void
*/
protected function mapApiRoutes()
{
Route::prefix('api')
->middleware('api')
->namespace($this->namespace)
->group(base_path('routes/api.php'));
}
/**
* 加入后台路由
*/
protected function mapAdminRoutes()
{
Route::prefix('admin')
->middleware('web')
->namespace($this->namespace)
->group(base_path('routes/admin.php'));
}
}
后台 App\Http\Controllers\Admin\Auth\LoginController 如下:
<?php
namespace App\Http\Controllers\Admin\Auth;
use App\Http\Controllers\Controller;
use Illuminate\Foundation\Auth\AuthenticatesUsers;
use Illuminate\Support\Facades\Auth;
class LoginController extends Controller
{
/*
|--------------------------------------------------------------------------
| Login Controller
|--------------------------------------------------------------------------
|
| This controller handles authenticating users for the application and
| redirecting them to your home screen. The controller uses a trait
| to conveniently provide its functionality to your applications.
|
*/
use AuthenticatesUsers;
/**
* Where to redirect users after login.
*
* @var string
*/
protected $redirectTo = '/admin';
/**
* Create a new controller instance.
*
* @return void
*/
public function __construct()
{
$this->middleware('guest:admin')->except('logout');
}
public function showLoginForm()
{
return view('admin.auth.login');
}
/**
* Get the guard to be used during authentication.
*
* @return \Illuminate\Contracts\Auth\StatefulGuard
*/
protected function guard()
{
return Auth::guard('admin');
}
}
前台 App\Http\Controllers\Auth\LoginController 如下:
<?php
namespace App\Http\Controllers\Auth;
use App\Http\Controllers\Controller;
use Illuminate\Foundation\Auth\AuthenticatesUsers;
class LoginController extends Controller
{
/*
|--------------------------------------------------------------------------
| Login Controller
|--------------------------------------------------------------------------
|
| This controller handles authenticating users for the application and
| redirecting them to your home screen. The controller uses a trait
| to conveniently provide its functionality to your applications.
|
*/
use AuthenticatesUsers;
/**
* Where to redirect users after login.
*
* @var string
*/
protected $redirectTo = '/home';
/**
* Create a new controller instance.
*
* @return void
*/
public function __construct()
{
$this->middleware('guest:web')->except('logout');
}
}
App\Http\Middleware\RedirectIfAuthenticated 中间件修改 (防止二次登录,与LoginController中的$this->middleware('guest:web')->except('logout') 这里相呼应,除了退出登录,只要访问类似登录,注册,找回密码的路由时候,都检查一遍用户是否登录,登陆了直接跳到登录页,未登录走auth中间件):
<?php
namespace App\Http\Middleware;
use Closure;
use Illuminate\Support\Facades\Auth;
class RedirectIfAuthenticated
{
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @param string|null $guard
* @return mixed
*/
public function handle($request, Closure $next, $guard = null)
{
if ($guard == 'web' && Auth::guard($guard)->check()) {
return redirect('/home');
}
if ($guard == 'admin' && Auth::guard($guard)->check()) {
return redirect('/admin');
}
return $next($request);
}
}
效果:
原文地址:https://laravel-china.org/articles/21683laravel 添加后台登陆守护器的更多相关文章
- 为wordpress后台登陆添加算术验证码
对于新建站(个人博客-柠檬https://ninmong.com)的站长来说提高后台的安全性,是一件非常重要的事,添加验证可以起到很好的效果,废话少说,贴代码 //后台登陆数学验证码 function ...
- JAVAEE——struts2_04:自定义拦截器、struts2标签、登陆功能和校验登陆拦截器的实现
一.自定义拦截器 1.架构 2.拦截器创建 //拦截器:第一种创建方式 //拦截器生命周期:随项目的启动而创建,随项目关闭而销毁 public class MyInterceptor implemen ...
- Dedecms织梦后台登陆验证码不显示几种解决方法
Dedecms织梦后台登陆验证码不显示几种解决方法,服务器所造成的验证码不显示问题看这里: 方法一:查看服务器的php版本是否与程序版本兼容(织梦程序PHP版本查看方法:打开www.96net.com ...
- 【Java EE 学习 70 上】【数据采集系统第二天】【数据加密处理】【登陆验证】【登陆拦截器】【新建调查】【查询调查】
一.数据加密处理 这里使用MD5加密处理,使用java中自带加密工具类MessageDigest. 该类有一个方法digest,该方法输入参数是一个字符串返回值是一个长度为16的字节数组.最关键的是需 ...
- DEDE首页会员部分,后台登陆,会员登录相关页面
首页会员涉及部分 \templets\default\style\page.css \member\ajax_loginsta.php 会员登录页面涉及部分 \member\templets\inde ...
- phpcms v9后台登陆验证码无法显示,怎么取消验证码
phpcms v9后台登陆验证码无法显示论坛里关于这个问题貌似一直没有解决,查看源代码后发现,关键一点是获取验证码的图片与全局变量SITE_URL相关,也就是网站的目录, 所以只要修改cache/co ...
- ecstore 后台登陆跳转到 api失败,中心请求网店API失败
解决过程没有具体参与,官方解决后回复的邮件,可以参考一下: 后台登陆错误图: 商派解决方法邮件: 特别注意:这个错误提示有时候也跟ecstore的nginx服务器伪静态有关,具体参考: htt ...
- 向SharePoint页面添加后台代码
转:http://www.cnblogs.com/chenzehe/archive/2009/12/25/1631863.html 在本文中,我将跟大家一起讨论,为MOSS的页面添加服务器端代码的另一 ...
- dede后台登陆后一片空白的解决办法汇总
dede后台登陆后一片空白的第一种解决办法: 找到:include/common.inc.php文件,打开,查找程序代码://error_reporting(E_ALL);error_reportin ...
随机推荐
- 删除表A的记录时,Oracle 报错:“ORA-02292:违反完整约束条件(XXX.FKXXX)- 已找到子记录
1.找到以”FKXXX“为外键的表A的子表,直接运行select a.constraint_name, a.table_name, b.constraint_name from user_constr ...
- 机器学习四 SVM
目录 引言 SVM 线性可分SVM 线性不可分SVM Hinge Loss 非线性SVM 核函数 总结 参考文献 引言 在深度神经网终(Deep Neural Network, DNN) 大热之前, ...
- 【洛谷P3723】礼物
题目大意:给定两个序列 A.B,现可以将 A 序列的每一个元素的值增加或减少 C,求 \(\sum\limits_{i=0}^{n-1}(a_i-b_{i+k})^2\) 的最小值是多少. 题解:先不 ...
- 「prufer」
prufer数列,可以用来解一些关于无根树计数的问题. prufer数列是一种无根树的编码表示,对于一棵n个节点带编号的无根树,对应唯一一串长度为n-1的prufer编码. (1)无根树转化为pruf ...
- Redis数据类型之列表操作
redis 目录: 1.自动分配(redis) - 批量导入 2.微信自动绑定 3.django的ORM做不了的操作,怎么自定义操作数据库 extra ’ 4.报表 公司每个月销售的业绩 5.权限 = ...
- springboot 在idea中实现热部署
SpringBoot的web项目,在每一次修改了java文件或者是resource的时候,都必须去重启一下项目,这样的话浪费了很多的时间,实现了热部署,在每一次作了修改之后,都会自动的重启 第一步:引 ...
- 【leetcode】1227. Airplane Seat Assignment Probability
题目如下: n passengers board an airplane with exactly n seats. The first passenger has lost the ticket a ...
- SpringBoot的项目构建
手动构建SpringBoot项目 一.手动构建一个Maven,选择...webapp或者选择快速骨架生成,然后命名并生成项目: 二. 在pom.xml中,进行三处配置: 设置父模块,子模块就可以继承 ...
- 洛谷 P2330 [SCOI2005] 繁忙的都市 x
题目描述 城市C是一个非常繁忙的大都市,城市中的道路十分的拥挤,于是市长决定对其中的道路进行改造.城市C的道路是这样分布的:城市中有n个交叉路口,有些交叉路口之间有道路相连,两个交叉路口之间最多有一条 ...
- pycharm如何添加固定代码块
1. file -- settings -- 搜索框输入live,找到 Live Templates 2. 选择你要添加到哪个语言中去,打开python组,并点击右上角 “+”,选择 1.Live T ...