Laravel 7身份验证尝试 [英] Laravel 7 authentication attempt

问题描述

从Laravel 7.x文档中，我正在尝试为我的应用程序创建手动身份验证.该文档显示如下:

From Laravel 7.x documentation, I'm trying to create a manual authentication for my application. The documentation shows as following:

<?php

namespace App\Http\Controllers;

use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;

class LoginController extends Controller
{
    public function authenticate(Request $request)
    {
        $credentials = $request->only('email', 'password');

        if (Auth::attempt($credentials)) {
            // Authentication passed...
            return redirect()->intended('dashboard');
        }
    }
}

我有自己的用户表:

sys_users
==========
user_acc character varying(20) NOT NULL, -- Primary Key
full_name character varying(300) NOT NULL,
is_suspended boolean DEFAULT FALSE,
CONSTRAINT PK_SysUsers PRIMARY KEY (user_acc),

要登录，用户需要输入以下数据:

To login, the user need to enter the following data:

• 用户名
• 密码
• 访问模块

我尝试对控制器进行一些自定义(尚未完成):

I tried to customize the controller a bit (not completed yet):

class LoginController extends Controller
{
    public function authenticate(Request $request)
    {
        $request->validate([
            'username' => 'required',
            'password' => 'required',
        ]);
        
        $credentials = $request->only('username', 'password', 'module');

        if (Auth::attempt($credentials)) {
            return redirect()->route($request->module);
        }
    }
}

我想在上面的自定义代码中添加以下内容:(i)通过查询 sys_users 表来检查表中是否存在用户名，(ii)使用POP3检查密码(I已经准备好 phpmailer 库和代码)，并且(iii)通过查询我准备的另一个表来检查用户是否有权访问那些模块.

What I want to add to the customized code above is: (i) checking if the username is exist in the table by querying the sys_users table, (ii) checking the password using POP3 (I already prepared the phpmailer library and the code), and (iii) checking if the user has access to those module by querying another table that I had prepared.

问题是:

1. 我不知道在哪里放置所有这些代码.如果可能的话，我想将它们放在 Auth 类的 attempt 方法中，但是我似乎找不到所谓的方法.该文档非常缺乏，没有提供详细的解释.
2. IF 以某种方式无法修改 Auth 类中的 attempt 方法，我应该如何进行身份验证过程?

1. I don't know WHERE to put all of that code. If possible, I wanted to put them inside the Auth class' attempt method, but I can't seem to find the supposed method. The documentation is very lacking and did not provide a detailed explanation.
2. IF somehow it is impossible to modify the attempt method in Auth class, how should I proceed with the authentication process?

推荐答案

您要做的是实现自己的

What you are looking to do is implement your own user provider to verify your users credentials using an external POP3 email system.

我不认为您需要自定义Guard，因为我假设您仍希望使用默认 SessionGuard 的 StatefulGuard ，它将检查并存储有关以下内容的信息:会话中的身份验证状态.

I don't believe you need to customize your Guard, as I am assuming you still would like the StatefulGuard of the default SessionGuard which will check and store information about the state of authentication in the session.

除了您如何验证提供的凭据之外，我认为您可能还需要其他所有默认行为.

I think you likely want all other default behavior, aside from how you are validating the credentials provided.

也许可以在 ./app/Providers/文件夹中创建:

Perhaps in the ./app/Providers/ folder you can create:

PopThreeUserProvider.php

PopThreeUserProvider.php

namespace App\Providers;

use Illuminate\Auth\EloquentUserProvider;
use Illuminate\Contracts\Auth\Authenticatable as UserContract;

class PopThreeUserProvider extends EloquentUserProvider
{
    /**
     * Validate a user against the given credentials.
     *
     * @param  \Illuminate\Contracts\Auth\Authenticatable  $user
     * @param  array  $credentials
     * @return bool
     */
    public function validateCredentials(UserContract $user, array $credentials)
    {
        // Implement your pop3 authentication here, I have left the default code
        // for the Eloquent provider below
        $plain = $credentials['password'];

        return $this->hasher->check($plain, $user->getAuthPassword());
    }
}

现在在您的 ./app/Providers/AuthServiceProvider.php

class AuthServiceProvider extends ServiceProvider
{
    ...

    /**
     * Register any application authentication / authorization services.
     *
     * @return void
     */
    public function boot()
    {
        ...

        Auth::provider('pop3', function ($app, array $config) {
            return new PopThreeUserProvider($app->make('hash'), $config['model']);
        });

        ...
    }

    ...
}

现在在您的 config/auth.php 中:

    ...

    'providers' => [
        'users' => [
            'driver' => 'pop3',
        ],
    ],

    ...

当然，所有这些都假设您拥有:

Of course this all assumes you have:

class User extends Authenticatable
{
    protected $table = 'sys_users';
    protected $primaryKey = 'user_acc';
    protected $incrementing = false;
    ...

这篇关于Laravel 7身份验证尝试的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！