Laravel 5使用登录路由到HTTP强制HTTPS问题 [英] Laravel 5 force HTTPS issue with login routing to HTTP
问题描述
Laravel版本:Laravel 5.4.30
Laravel Version: Laravel 5.4.30
我遇到一个问题,我的生产代码托管在通过HTTPS服务的负载均衡器后面的AWS Elastic Beanstalk上.当使用内置的auth特性和make:auth控制器来验证用户登录时,在提交登录表单后,会将用户重定向到:
I am having an issue whereby my production code is hosted on AWS Elastic Beanstalk behind a load balancer served via HTTPS. When using the built in auth trait and make:auth controllers to validate user login, upon login form submission the user is being redirected to:
http://application-url rather than https://application-url/dashboard
在LoginController中,它应该在登录后路由到/dashboard
In the LoginController it should route after login to the /dashboard
/**
* Where to redirect users after login.
*
* @var string
*/
protected $redirectTo = '/dashboard';
在登录控制器上,当我查看刀片服务器登录模板的源代码时,我可以看到表单提交了正确的URL, https://application-url/login .
On the login controller when I view the source of the blade login template I can see the form submits to the correct URL, https://application-url/login.
我正在使用以下命令在AppServiceProvider.php文件中强制使用HTTPS:
I am using the following to force HTTPS in the AppServiceProvider.php file:
if (!\App::environment('local')) {
\URL::forceScheme('https');
}
一旦用户已通过身份验证"并且浏览器无法解析http版本,则单击后退按钮后,他们将被发送到正确的/dashboard路由.
Once the user has 'authenticated' and the browser cannot resolve the http version, upon clicking the back button on they are sent to the correct /dashboard route.
提交登录表单时,我是否还有其他位置?
Is there another location upon login form submission that I am missing?
推荐答案
以防万一还是有人碰到这个问题,文档说:
Just in case someone still bumps into this, the Documentation says:
在终止TLS/SSL证书的负载平衡器后面运行应用程序时,您可能会注意到您的应用程序有时不生成HTTPS链接.通常,这是因为正在从端口80上的负载平衡器转发应用程序的流量,并且不知道它应该生成安全链接.
When running your applications behind a load balancer that terminates TLS / SSL certificates, you may notice your application sometimes does not generate HTTPS links. Typically this is because your application is being forwarded traffic from your load balancer on port 80 and does not know it should generate secure links.
这基本上是由于请求以未知方式将实例传递给您的实例所致.
It is basically caused by a request passing an unknown layer in it's way to your instance.
修改App \ Http \ Middleware中包含的 TrustProxies 中间件:
Modify the TrustProxies middleware included in App\Http\Middleware:
// The trusted proxies (array)
protected $proxies = '*';
//The current proxy header mappings (also array)
protected $headers = Request::HEADER_X_FORWARDED_AWS_ELB;
这篇关于Laravel 5使用登录路由到HTTP强制HTTPS问题的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
