仅对经过身份验证的用户限制对laravel公用文件夹中目录的访问 [英] restrict access to directory in public folder of laravel for Authenticated users only

问题描述

假设我们在laravel的public文件夹中有一个Forms目录.

Suppose we have a Forms directory in public folder of laravel.

现在，我只希望经过身份验证的用户可以访问它，如果未经授权的用户想要打开该目录或其子目录之一(例如图像，视频等)，则会显示一条错误消息.

And Now I want to only Authenticated users can access to that and if an unauthorized user want opens that or one of it's sub directory (such as images, videos and etc) an error message shown.

我添加了这样的路由组，但无法正常运行:

I added a route group like this but does not work properly :

Route::group(['prefix' => 'Forms', 'middleware' => 'auth'], function () {
      // what Can I do here ?  
});

我该怎么办?

推荐答案

如果要向用户隐藏内容，我会说您需要使用本地磁盘而不是公用文件夹.看看这里 https://laravel.com/docs/5.3/filesystem

i would say you need to use local disk instead of public folder if you want to hide content from the user. take a look at here https://laravel.com/docs/5.3/filesystem

即使您仍想限制目录，也可以使用通配符路由

still if you want to restrict the directory you can use wildcard route

例如.

Route::get('/forms/{path?}', function () {
    if(!auth()->user()) {
        return 'unauthorized';
    }
    // if authenticated try to look for the file with requested path and return its content
    return File::get(public_path(ltrim($_SERVER['REQUEST_URI'],'/')));
})->where(['path' => '.*']);

这篇关于仅对经过身份验证的用户限制对laravel公用文件夹中目录的访问的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！