laravel 添加后台登陆守护器
后台不能在一个浏览器登陆,下面简单配置下即可解决这个问题。
设置路由如下:
<?php
/**
* 后台路由,从Illuminate\Routing\Router控制器的auth()方法中复制过来的
*/
Route::namespace('Admin')->group(function () {
// Authentication Routes...
Route::get('login', 'Auth\LoginController@showLoginForm')->name('admin.login');
Route::post('login', 'Auth\LoginController@login');
Route::post('logout', 'Auth\LoginController@logout')->name('admin.logout');
// Registration Routes...
Route::get('register', 'Auth\RegisterController@showRegistrationForm')->name('admin.register');
Route::post('register', 'Auth\RegisterController@register');
// Password Reset Routes...
Route::get('password/reset', 'Auth\ForgotPasswordController@showLinkRequestForm')->name('admin.password.request');
Route::post('password/email', 'Auth\ForgotPasswordController@sendResetLinkEmail')->name('admin.password.email');
Route::get('password/reset/{token}', 'Auth\ResetPasswordController@showResetForm')->name('admin.password.reset');
Route::post('password/reset', 'Auth\ResetPasswordController@reset');
Route::middleware(["auth:admin"])->group(function () {
Route::get('/', 'AdminController@index')->name('admin');
});
});
<?php
/**
* 前台路由,从Illuminate\Routing\Router控制器的auth()方法中复制过来的
*/
Route::get('/', function () {
return view('welcome');
});
// Authentication Routes...
Route::get('login', 'Auth\LoginController@showLoginForm')->name('login');
Route::post('login', 'Auth\LoginController@login');
Route::post('logout', 'Auth\LoginController@logout')->name('logout');
// Registration Routes...
Route::get('register', 'Auth\RegisterController@showRegistrationForm')->name('register');
Route::post('register', 'Auth\RegisterController@register');
// Password Reset Routes...
Route::get('password/reset', 'Auth\ForgotPasswordController@showLinkRequestForm')->name('password.request');
Route::post('password/email', 'Auth\ForgotPasswordController@sendResetLinkEmail')->name('password.email');
Route::get('password/reset/{token}', 'Auth\ResetPasswordController@showResetForm')->name('password.reset');
Route::post('password/reset', 'Auth\ResetPasswordController@reset');
Route::middleware(["auth:web"])->group(function () {
Route::get('/home', 'HomeController@index')->name('home');
});
设置 config/auth.php:
<?php
return [
/*
|--------------------------------------------------------------------------
| Authentication Defaults
|--------------------------------------------------------------------------
|
| This option controls the default authentication "guard" and password
| reset options for your application. You may change these defaults
| as required, but they're a perfect start for most applications.
|
*/
'defaults' => [
'guard' => 'web',
'passwords' => 'users',
],
/*
|--------------------------------------------------------------------------
| Authentication Guards
|--------------------------------------------------------------------------
|
| Next, you may define every authentication guard for your application.
| Of course, a great default configuration has been defined for you
| here which uses session storage and the Eloquent user provider.
|
| All authentication drivers have a user provider. This defines how the
| users are actually retrieved out of your database or other storage
| mechanisms used by this application to persist your user's data.
|
| Supported: "session", "token"
|
*/
'guards' => [
'web' => [
'driver' => 'session',
'provider' => 'users',
],
'admin' => [
'driver' => 'session',
'provider' => 'admins',
],
'api' => [
'driver' => 'token',
'provider' => 'users',
],
],
/*
|--------------------------------------------------------------------------
| User Providers
|--------------------------------------------------------------------------
|
| All authentication drivers have a user provider. This defines how the
| users are actually retrieved out of your database or other storage
| mechanisms used by this application to persist your user's data.
|
| If you have multiple user tables or models you may configure multiple
| sources which represent each model / table. These sources may then
| be assigned to any extra authentication guards you have defined.
|
| Supported: "database", "eloquent"
|
*/
'providers' => [
'users' => [
'driver' => 'eloquent',
'model' => App\User::class,
],
'admins' => [
'driver' => 'eloquent',
'model' => \App\Models\Admin::class,
],
// 'users' => [
// 'driver' => 'database',
// 'table' => 'users',
// ],
],
/*
|--------------------------------------------------------------------------
| Resetting Passwords
|--------------------------------------------------------------------------
|
| You may specify multiple password reset configurations if you have more
| than one user table or model in the application and you want to have
| separate password reset settings based on the specific user types.
|
| The expire time is the number of minutes that the reset token should be
| considered valid. This security feature keeps tokens short-lived so
| they have less time to be guessed. You may change this as needed.
|
*/
'passwords' => [
'users' => [
'provider' => 'users',
'table' => 'password_resets',
'expire' => 60,
],
],
];
为后台所有路由设置前缀 App\Providers\RouteServiceProvider:
<?php
namespace App\Providers;
use Illuminate\Support\Facades\Route;
use Illuminate\Foundation\Support\Providers\RouteServiceProvider as ServiceProvider;
class RouteServiceProvider extends ServiceProvider
{
/**
* This namespace is applied to your controller routes.
*
* In addition, it is set as the URL generator's root namespace.
*
* @var string
*/
protected $namespace = 'App\Http\Controllers';
/**
* Define your route model bindings, pattern filters, etc.
*
* @return void
*/
public function boot()
{
//
parent::boot();
}
/**
* Define the routes for the application.
*
* @return void
*/
public function map()
{
$this->mapApiRoutes();
$this->mapWebRoutes();
// 为后台路由添加前缀
$this->mapAdminRoutes();
//
}
/**
* Define the "web" routes for the application.
*
* These routes all receive session state, CSRF protection, etc.
*
* @return void
*/
protected function mapWebRoutes()
{
Route::middleware('web')
->namespace($this->namespace)
->group(base_path('routes/web.php'));
}
/**
* Define the "api" routes for the application.
*
* These routes are typically stateless.
*
* @return void
*/
protected function mapApiRoutes()
{
Route::prefix('api')
->middleware('api')
->namespace($this->namespace)
->group(base_path('routes/api.php'));
}
/**
* 加入后台路由
*/
protected function mapAdminRoutes()
{
Route::prefix('admin')
->middleware('web')
->namespace($this->namespace)
->group(base_path('routes/admin.php'));
}
}
后台 App\Http\Controllers\Admin\Auth\LoginController 如下:
<?php
namespace App\Http\Controllers\Admin\Auth;
use App\Http\Controllers\Controller;
use Illuminate\Foundation\Auth\AuthenticatesUsers;
use Illuminate\Support\Facades\Auth;
class LoginController extends Controller
{
/*
|--------------------------------------------------------------------------
| Login Controller
|--------------------------------------------------------------------------
|
| This controller handles authenticating users for the application and
| redirecting them to your home screen. The controller uses a trait
| to conveniently provide its functionality to your applications.
|
*/
use AuthenticatesUsers;
/**
* Where to redirect users after login.
*
* @var string
*/
protected $redirectTo = '/admin';
/**
* Create a new controller instance.
*
* @return void
*/
public function __construct()
{
$this->middleware('guest:admin')->except('logout');
}
public function showLoginForm()
{
return view('admin.auth.login');
}
/**
* Get the guard to be used during authentication.
*
* @return \Illuminate\Contracts\Auth\StatefulGuard
*/
protected function guard()
{
return Auth::guard('admin');
}
}
前台 App\Http\Controllers\Auth\LoginController 如下:
<?php
namespace App\Http\Controllers\Auth;
use App\Http\Controllers\Controller;
use Illuminate\Foundation\Auth\AuthenticatesUsers;
class LoginController extends Controller
{
/*
|--------------------------------------------------------------------------
| Login Controller
|--------------------------------------------------------------------------
|
| This controller handles authenticating users for the application and
| redirecting them to your home screen. The controller uses a trait
| to conveniently provide its functionality to your applications.
|
*/
use AuthenticatesUsers;
/**
* Where to redirect users after login.
*
* @var string
*/
protected $redirectTo = '/home';
/**
* Create a new controller instance.
*
* @return void
*/
public function __construct()
{
$this->middleware('guest:web')->except('logout');
}
}
App\Http\Middleware\RedirectIfAuthenticated 中间件修改 (防止二次登录,与LoginController中的$this->middleware('guest:web')->except('logout') 这里相呼应,除了退出登录,只要访问类似登录,注册,找回密码的路由时候,都检查一遍用户是否登录,登陆了直接跳到登录页,未登录走auth中间件):
<?php
namespace App\Http\Middleware;
use Closure;
use Illuminate\Support\Facades\Auth;
class RedirectIfAuthenticated
{
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @param string|null $guard
* @return mixed
*/
public function handle($request, Closure $next, $guard = null)
{
if ($guard == 'web' && Auth::guard($guard)->check()) {
return redirect('/home');
}
if ($guard == 'admin' && Auth::guard($guard)->check()) {
return redirect('/admin');
}
return $next($request);
}
}
效果:
原文地址:https://laravel-china.org/articles/21683laravel 添加后台登陆守护器的更多相关文章
- 为wordpress后台登陆添加算术验证码
对于新建站(个人博客-柠檬https://ninmong.com)的站长来说提高后台的安全性,是一件非常重要的事,添加验证可以起到很好的效果,废话少说,贴代码 //后台登陆数学验证码 function ...
- JAVAEE——struts2_04:自定义拦截器、struts2标签、登陆功能和校验登陆拦截器的实现
一.自定义拦截器 1.架构 2.拦截器创建 //拦截器:第一种创建方式 //拦截器生命周期:随项目的启动而创建,随项目关闭而销毁 public class MyInterceptor implemen ...
- Dedecms织梦后台登陆验证码不显示几种解决方法
Dedecms织梦后台登陆验证码不显示几种解决方法,服务器所造成的验证码不显示问题看这里: 方法一:查看服务器的php版本是否与程序版本兼容(织梦程序PHP版本查看方法:打开www.96net.com ...
- 【Java EE 学习 70 上】【数据采集系统第二天】【数据加密处理】【登陆验证】【登陆拦截器】【新建调查】【查询调查】
一.数据加密处理 这里使用MD5加密处理,使用java中自带加密工具类MessageDigest. 该类有一个方法digest,该方法输入参数是一个字符串返回值是一个长度为16的字节数组.最关键的是需 ...
- DEDE首页会员部分,后台登陆,会员登录相关页面
首页会员涉及部分 \templets\default\style\page.css \member\ajax_loginsta.php 会员登录页面涉及部分 \member\templets\inde ...
- phpcms v9后台登陆验证码无法显示,怎么取消验证码
phpcms v9后台登陆验证码无法显示论坛里关于这个问题貌似一直没有解决,查看源代码后发现,关键一点是获取验证码的图片与全局变量SITE_URL相关,也就是网站的目录, 所以只要修改cache/co ...
- ecstore 后台登陆跳转到 api失败,中心请求网店API失败
解决过程没有具体参与,官方解决后回复的邮件,可以参考一下: 后台登陆错误图: 商派解决方法邮件: 特别注意:这个错误提示有时候也跟ecstore的nginx服务器伪静态有关,具体参考: htt ...
- 向SharePoint页面添加后台代码
转:http://www.cnblogs.com/chenzehe/archive/2009/12/25/1631863.html 在本文中,我将跟大家一起讨论,为MOSS的页面添加服务器端代码的另一 ...
- dede后台登陆后一片空白的解决办法汇总
dede后台登陆后一片空白的第一种解决办法: 找到:include/common.inc.php文件,打开,查找程序代码://error_reporting(E_ALL);error_reportin ...
随机推荐
- Qualcomm_Mobile_OpenCL.pdf 翻译-8-kernel性能优化
这章将会说明一些kernel优化的小技巧. 8.1 kernel合并或者拆分 一个复杂的应用程序可能包含很多步骤.对于OpenCL的移植性和优化,可能会问需要开发有多少个kernel.这个问题很难回答 ...
- 017-zabbix_proxy分布式监控部署
一.proxy分布式监控介绍 来源于zabbix官网: https://www.zabbix.com/documentation/3.4/zh/manual/distributed_monitorin ...
- Spring Framework Part4 self-summeries-a simplified MVC framework
1.关于Spring Framework xml的头部 <?xml version="1.0" encoding="UTF-8"?> <bea ...
- Zookeeper客户端使用(使用原生zookeeper)
Zookeeper客户端使用 一.使用原生zookeeper 在pom.xml中加入依赖 <dependency> <groupId>org.apache.zookeeper& ...
- vs开发之工程属性
1.建立工程 最好使用自己创建工程 然后把代码移过去 2.不要使用别人建立的工程直接导入(差异比较大的话),后面32位 64位 配置属性 可能造成冲突 3.冲突了 还需要重新做 上面 1
- Spring mvc数据转换 格式化 校验(转载)
原文地址:http://www.cnblogs.com/linyueshan/p/5908490.html 数据绑定流程 1. Spring MVC 主框架将 ServletRequest 对象及目标 ...
- 微服务中的rpc 请求写法
1.采用restmplate 的postForObject RestTemplate template = new RestTemplate(); HttpEntity<List<Map& ...
- 如何使用hook(非注入dll)
#include <Windows.h> #include <iostream> using namespace std; HHOOK mouseHook; LRESULT _ ...
- 【30分钟学完】canvas动画|游戏基础(extra1):颜色那些事
前言 本篇主要讲解关于计算机颜色系统的概念,后续结合一些canvas的应用.因为是"你不知道也没关系"的边缘知识,所以作为本系列教程的扩展,没有兴趣的同学可以跳过. 开始我们万紫千 ...
- SpringBoot+Rocketmq
@PostConstruct:用于在依赖关系注入完成之后需要执行的方法上,以执行任何初始化.此方法必须在将类放入服务之前调用. @PreDestroy:在开发中我们如果要在关闭spring容器后释放一 ...