登录控制器中覆盖的已通过身份验证的方法不起作用 [英] overridden authenticated method in Login Controller doesn't work

问题描述

我正在尝试在登录控制器中覆盖已通过身份验证的方法，但是不知何故它不起作用.我只是尝试简单地dd();但这仍然行不通.

I'm trying to override the authenticated method in the Login Controller but somehow it isn't working. I just tried to simply dd(); but still it doesn't work.

下面是我的功能代码:

public function authenticated(Request $request, $user)
{
    dd("hi");
}

我实际上希望做的事情如下，但是为了简单起见，我有dd();在功能中.

What I actually wish to do is as below, but just for simplicity sake, I have dd(); in the function.

public function authenticated(Request $request, $user)
{
    if (!$user->verified) {
        auth()->logout();
        return back()->with('warning', 'You need to confirm your account. We have sent you an activation code, please check your email.');
    }
    return redirect()->intended($this->redirectPath());
}

整个控制器:

<?php
namespace App\Http\Controllers\Auth;
use App\Http\Controllers\Controller;
use Illuminate\Foundation\Auth\AuthenticatesUsers;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\DB;
use Illuminate\Support\Facades\Auth;
use App\Mail\WelcomeMail;
use Illuminate\Support\Facades\Mail;

class LoginController extends Controller
{
/*
|--------------------------------------------------------------------------
| Login Controller
|--------------------------------------------------------------------------
|
| This controller handles authenticating users for the application and
| redirecting them to your home screen. The controller uses a trait
| to conveniently provide its functionality to your applications.
|
*/

use AuthenticatesUsers;

/**
 * Where to redirect users after login.
 *
 * @var string
 */

protected $redirectTo = '/home';

/**
 * Create a new controller instance.
 *
 * @return void
 */
public function __construct()
{
    $this->middleware('guest')->except('logout');
}

public function login(Request $request)
{
    if (Auth::attempt(['email' => $request->email, 'password' => $request->password, 'isActive' => '1']))
    {
        return view('homepage');
    }
    else
    {
        return $this->sendFailedLoginResponse($request, 'auth.failed_status');
    }
}


protected function authenticated(Request $request, $user)
{
    dd("HI");
  // auth()->logout();
  return back()->with('warning', 'You need to confirm your account. We have sent you an activation code, please check your email.');

// if(!$user->verified)
// {
//   auth()->logout();
//   // Auth::logout();
//   // \Auth::guard('web')->logout();
//   // added logout here
//   return back()->with('warning', 'You need to confirm your account. We have sent you an activation code, please check your email.');
// }
// return redirect()->intended($this->redirectPath());
 }
}

请忽略控制器中已通过身份验证的功能中多余的注释代码.

Kindly ignore the extra commented code in the authenticated function in the controller.

推荐答案

那是因为您要覆盖登录功能，因此永远不会调用经过身份验证的功能.

That's because you are overwriting the login function, hence the authenticated function is never called.

如果您看一下特征:

public function login(Request $request)
{
    $this->validateLogin($request);

    // If the class is using the ThrottlesLogins trait, we can automatically throttle
    // the login attempts for this application. We'll key this by the username and
    // the IP address of the client making these requests into this application.
    if ($this->hasTooManyLoginAttempts($request)) {
        $this->fireLockoutEvent($request);

        return $this->sendLockoutResponse($request);
    }

    if ($this->attemptLogin($request)) {
        return $this->sendLoginResponse($request);
    }

    // If the login attempt was unsuccessful we will increment the number of attempts
    // to login and redirect the user back to the login form. Of course, when this
    // user surpasses their maximum number of attempts they will get locked out.
    $this->incrementLoginAttempts($request);

    return $this->sendFailedLoginResponse($request);
}

如您所见，函数sendLoginResponse是调用authenticated函数的函数.

As you can see, the function sendLoginResponse is the one that is calling the authenticated function.

protected function sendLoginResponse(Request $request)
{
    $request->session()->regenerate();

    $this->clearLoginAttempts($request);

    return $this->authenticated($request, $this->guard()->user())
            ?: redirect()->intended($this->redirectPath());
}

因此，在您的情况下，应该重新生成会话并清除尝试:

Therefore, in your case, it should be something like this, to regenerate the session and clear the attempts:

return $this->sendLoginResponse($request);

或者如果您想直接跳到已认证功能:

Or if you want to skip directly to the authenticated function:

return $this->authenticated($request, auth()->user());

您的函数应如下所示:

public function login(Request $request)
{
    if (Auth::attempt(['email' => $request->email, 'password' => $request->password, 'isActive' => '1']))
    {
        // Updated this line
        return $this->sendLoginResponse($request);

        // OR this one
        // return $this->authenticated($request, auth()->user());
    }
    else
    {
        return $this->sendFailedLoginResponse($request, 'auth.failed_status');
    }
}

这篇关于登录控制器中覆盖的已通过身份验证的方法不起作用的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！