php 在 Laravel 中使用 auth 保护所有管理员/路由
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/15823161/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Protecting all admin/ routes with auth in Laravel
提问by Yev
I am brand new to laravel and am setting up admin panel authorization on my first application. The way I have my files setup currently setup is:
我是 laravel 的新手,正在我的第一个应用程序中设置管理面板授权。我目前设置文件的方式是:
controllers/
admin/
dashboard.php
settings.php
non-admin-controller1.php
non-admin-controller1.php
views/
admin/
dashboard.blade.php
login.blade.php
template.blade.php
non-admin-view1.php
non-admin-view1.php
non-admin-view1.php
...and these are my routes
...这些是我的路线
Route::get('admin/login', function()
{
return View::make('admin.login');
});
Route::get('admin/logout', function()
{
return Auth::logout();
return Redirect::to('admin/login');
});
Route::post('admin/login', function()
{
$userdata = array('username' => Input::get('username'),
'password' => Input::get('password'));
if (Auth::attempt($userdata))
{
return Redirect::to('admin');
}
else
{
return Redirect::to('admin/login')->with('login_errors',true);
}
});
Route::controller('admin.dashboard');
Route::get('admin', array('before' => 'auth', function() {
return Redirect::to_action('admin@dashboard');
}));
Route::filter('auth', function()
{
if (Auth::guest()) return Redirect::to('admin/login');
});
When I go to /admin I am redirected to admin/login and asked to login which is exactly how I need it to work. Upon logging in I am redirected to admin/dashboard and it all looks good there too. I am having 2 problems however.
当我转到 /admin 时,我被重定向到 admin/login 并要求登录,这正是我需要它工作的方式。登录后,我被重定向到管理员/仪表板,那里看起来也不错。但是,我有两个问题。
When I go to admin/logout I am logged out but greeted with a blank page (it's not redirecting to admin/login)
When logged out, if I go to admin/dashboard I am greeted with the error
当我转到管理员/注销时,我已注销但看到一个空白页面(它没有重定向到管理员/登录)
注销后,如果我转到管理/仪表板,我会收到错误消息
Error rendering view: [admin.dashboard]
Trying to get property of non-object
错误呈现视图:[admin.dashboard]
试图获取非对象的属性
What am I doing wrong here? What am I doing right? Would it make more sense to create a separate bundle for admin? Thanks!
我在这里做错了什么?我做对了什么?为管理员创建一个单独的包是否更有意义?谢谢!
采纳答案by Yev
So I was able to solve my problem a slightly different way. I created an (base) Admin_Controller in the root of the controllers folder, with a constructor calling the auth filter before execution:
所以我能够以稍微不同的方式解决我的问题。我在控制器文件夹的根目录中创建了一个(基本的)Admin_Controller,在执行之前有一个构造函数调用 auth 过滤器:
class Admin_Controller extends Base_Controller {
public function __construct()
{
$this->filter('before', 'auth');
}
}
and then made all my admin related controllers in /controllers/admin extend Admin_Controller and call the parent constructor:
然后让 /controllers/admin 中所有与管理相关的控制器扩展 Admin_Controller 并调用父构造函数:
class Admin_Dashboard_Controller extends Admin_Controller {
public function __construct()
{
parent::__construct();
}
public function action_index()
{
return View::make('admin.dashboard');
}
}
This might not be the most eloquent solution, but it does the job!
这可能不是最有说服力的解决方案,但它确实可以!
回答by Darren Monahan
In your admin/loginroute you have an unnecessary return before the Auth::logout()call, nuke that and it should fix it up.
在您的admin/login路线中,您在Auth::logout()通话前有一个不必要的返回,核对它,它应该修复它。
Another issue here is that only your one 'admin' route is getting filtered. You could wrap all of your admin routes with a Route::group()and apply the 'auth' before filter or you could use Route::filter('pattern: admin/*', 'auth')too.
这里的另一个问题是只有您的一个“管理员”路线被过滤了。您可以使用 a 包装所有管理路由Route::group()并在过滤器之前应用“auth”,或者您也可以使用Route::filter('pattern: admin/*', 'auth')。
Check out:
查看:
http://laravel.com/docs/routing#filters
http://laravel.com/docs/routing#filters
For the second issue, is your Admin Dashboard controller class named Admin_Dashboard_Controllerand if so, do you have an action_index() or get_index() function in there returning a view?
对于第二个问题,您的 Admin Dashboard 控制器类Admin_Dashboard_Controller是否已命名,如果是,是否有 action_index() 或 get_index() 函数返回视图?
Check out:
查看:
http://laravel.com/docs/controllers#nested-controllers
http://laravel.com/docs/controllers#nested-controllers
(I'm assuming you're using L3 here btw.)
(顺便说一句,我假设您在这里使用 L3。)
回答by camelCase
For future readers, a very clean way to handle this is using Laravel's Route Groups:
对于未来的读者,处理这个问题的一个非常干净的方法是使用 Laravel 的Route Groups:
Route groups allow you to share route attributes, such as middleware or namespaces, across a large number of routes without needing to define those attributes on each individual route.
路由组允许您跨大量路由共享路由属性,例如中间件或命名空间,而无需在每个单独的路由上定义这些属性。
Route::group(['middleware' => 'auth'], function () {
Route::get('/', function () {
// Uses Auth Middleware
});
Route::get('user/profile', function () {
// Uses Auth Middleware
});
});
They can be used not only for authentication, but also Namespaces, Sub-Domains, and more.
它们可不仅用于认证,而且Namespaces,Sub-Domains等。
