Laravel 重定向如果经过身份验证的中间件
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/46196723/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Laravel Redirect If Authenticated middleware
提问by Gammer
I have three type of users for the application, Each one have its own dashboard. I need a check that adminor any other user cannot see another user dashboard.
我有三种类型的应用程序用户,每一种都有自己的dashboard. 我需要检查管理员或任何其他用户无法看到其他用户仪表板。
There is a middleware RedirectIfAuthenticated:
有一个中间件RedirectIfAuthenticated:
public function handle($request, Closure $next, $guard = null){
if (Auth::guard($guard)->check() && auth()->user()->type == 'admin'){
return redirect('/admin');
}
if (Auth::guard($guard)->check() && auth()->user()->type == 'author'){
return redirect('/author');
}
if (Auth::guard($guard)->check() && auth()->user()->type == 'client'){
return redirect('/client');
}
}
Its under guestmiddleware.
它位于guest中间件之下。
The above code seems good to me but when i tests it, The browser says Too many redirects.
上面的代码对我来说似乎不错,但是当我测试它时,浏览器说Too many redirects.
What am i doing wrong, What will be the best way to handle it.
我做错了什么,处理它的最佳方法是什么。
回答by apokryfos
You may have misunderstood the purpose of that middleware. The purpose of RedirectIfAuthenticatedis to redirect a user to their default authenticated page. It is not meant to block unauthenticated/unauthorised users from accessing specific areas.
您可能误解了该中间件的用途。的目的RedirectIfAuthenticated是将用户重定向到他们的默认身份验证页面。它并不意味着阻止未经身份验证/未经授权的用户访问特定区域。
What you need to do is redirect if not authorised. Since this is a simple case you can just have a middleware:
如果未经授权,您需要做的是重定向。由于这是一个简单的案例,您可以只拥有一个中间件:
class RequireRole {
public function handle($request, Closure $next, $role) {
abort_unless(auth()->check() && auth()->user()->type == $role, 403, "You don't have permissions to access this area");
return $next($request);
}
}
Then register this middleware in your Kernel.php
然后在您的 Kernel.php
protected $routeMiddleware = [
//Other middleware
"requirerole" => RequireRole::class
];
Then you can use it in your routes e.g.
然后你可以在你的路线中使用它,例如
Route::get('/admin', function () { /* action */ })->middleware("requirerole:admin");
However if you find yourself in need of more complex rules then take a look at Authorization
但是,如果您发现自己需要更复杂的规则,请查看授权
回答by Emmanuel David
As pointed in the accepted answer, the purpose of the middleware is to redirect a user if he is authenticated.
正如接受的答案中所指出的,中间件的目的是在用户通过身份验证时重定向用户。
Now if you check App\Http\Kernel.phpyou will see that the middleware is attached to guestroute middleware variable.
现在,如果您检查,App\Http\Kernel.php您将看到中间件附加到guest路由中间件变量。
So any route you assign the middleware of guest will not be accessible to an authenticated user.
因此,经过身份验证的用户将无法访问您分配给来宾中间件的任何路由。
To solve your problem create another middle as pointed in the accepted answer.
要解决您的问题,请按照已接受的答案创建另一个中间值。
What you need to do is redirect if not authorised. Since this is a simple case you can just have a middleware:
public function handle($request, Closure $next, $role) { abort_unless(auth()->check() && auth()->user()->type == $role, 403, "You don't > have permissions to access this area"); return $next($request); } }Then register this middleware in your Kernel.php
//Other middleware "requirerole" => RequireRole::class ];Then you can use it in your routes e.g.
Route::get('/admin', function () { /* action */ })->middleware("requirerole:admin");
如果未经授权,您需要做的是重定向。由于这是一个简单的案例,您可以只拥有一个中间件:
public function handle($request, Closure $next, $role) { abort_unless(auth()->check() && auth()->user()->type == $role, 403, "You don't > have permissions to access this area"); return $next($request); } }然后在你的 Kernel.php 中注册这个中间件
//Other middleware "requirerole" => RequireRole::class ];然后你可以在你的路线中使用它,例如
Route::get('/admin', function () { /* action */ })->middleware("requirerole:admin");
In reality, you may not need to modify default files that come with laravel unless it is inevitable.
实际上,除非不可避免,否则您可能不需要修改 laravel 自带的默认文件。
回答by Rupali Pemare
Need to modify the code a bit
需要稍微修改一下代码
public function handle($request, Closure $next, $guard = null){
if (Auth::guard($guard)->check() && auth()->user()->type == 'admin'){
return redirect('/admin');
}
if (Auth::guard($guard)->check() && auth()->user()->type == 'author'){
return redirect('/author');
}
if (Auth::guard($guard)->check() && auth()->user()->type == 'client'){
return redirect('/client');
}
return $next($request);
}
回答by Mark Walet
You have to add an extra check for every if statement to see if you are not already on the route where it's going to redirect to
您必须为每个 if 语句添加额外的检查,以查看您是否还没有在要重定向到的路由上
Maybe something like:
也许是这样的:
&& $request->is('admin')
回答by aaron0207
Just split your checks and keep the original return:
只需拆分您的支票并保留原始回报:
public function handle($request, Closure $next, $guard = null){
if (Auth::guard($guard)->check()){
if(Auth::user()->type == 'admin'){
return redirect('/admin');
}
if(Auth::user()->type == 'author'){
return redirect('/author');
}
if(Auth::user()->type == 'client'){
return redirect('/client');
}
}
return $next($request);
}
