从外部脚本检查Laravel 5.7登录 [英] Check Laravel 5.7 login from external script

问题描述

我有一个Laravel应用，我需要检查用户是否已登录以及谁来自外部脚本.我正在使用以下代码行加载Laravel并尝试对其进行检查.

I have a Laravel app and I need to check if a user is logged and who from a external script. I'm using the following lines to load Laravel and try to check it.

require_once __DIR__.'/../../../vendor/autoload.php';

$app = require_once __DIR__.'/../../../bootstrap/app.php';

$app->make('Illuminate\Contracts\Http\Kernel')
    ->handle(Illuminate\Http\Request::capture());

/*if (Cookie::get(config('session.cookie')) != "") {
    $id = Cookie::get(config('session.cookie'));
    Session::driver()->setId($pericod);
    Session::driver()->start();
}*/

$isAuthorized = Auth::check();
if(!$isAuthorized){
    echo "NO AUTORIZADO";
    exit();
}

通过这行代码，我可以访问任何Laravel函数，并且可以检查是否对外部脚本发出了GET请求，但是当请求为POST时，它总是失败.我无法检查登录名，并且看到会话更改，因为无法获取现有会话.

With this lines I can access any Laravel function and I can check the login if I made GET request to the external scripts, but when the request is POST it always fails. I'm unable to check the login and I see that the session changes because can't get the existing session.

我进行了许多测试，我认为Laravel的某些功能运行不正常，例如路由或中间件.如果禁用cookie和会话的所有加密，则可以使它工作，但是我想使用此安全功能.

I have made many tests and I think that somethings of Laravel are not working fine, like routes or middlewares. I can made it work if I disable all encryption of the cookies and the session, but I want to use this security functions.

我正在使用更新的Laravel 5.7，并且我的代码在Laravel 5.4中工作

I'm using updated Laravel 5.7 and I had this code working in Laravel 5.4

谢谢您的帮助.

推荐答案

我发现了问题，

诀窍在于，该路由在laravel外部，因此laravel的路由解析器将当前路由标识为/. 它正在处理GET请求，因为在我的路由文件中，只有/路由作为get.如果我将/route设置为任何路由，则一切正常.

The trick is that the route is external to laravel so laravel's route resolver identifies the current route as /. It was working on GET requests because in my routes file I have the / route only as get. If I set the / route as any, everything works.

我没有看到问题，因为我没有终止Laravel的处决.如果我将登录的用户验证更改为此，则会显示错误:

I wasn't seeing the problem because I was not terminating Laravel's execution. If I change the logged user verification to this, it shows the error:

$isAuthorized = Auth::check();
if(!$isAuthorized){
    echo "NO AUTORIZADO";

    $response->send();
    $kernel->terminate($request, $response);

    exit();
}

这两行结束laravel执行并返回错误"405方法不允许".

This two lines ends laravel execution and returns the error "405 Method Not Allowed".

$response->send();
$kernel->terminate($request, $response);

谢谢您的帮助.

这篇关于从外部脚本检查Laravel 5.7登录的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！