如何通过多个用户来保护控制器? [英] how to guard a controller through multiple of user?

问题描述

这是项目要求.我有多个登录名，但某些用户无法访问几个模块.像超级管理员和分析师可以访问所有模块，但开发人员只能使用自己的控制器.

It is project requirement. where i have multiple logins but some user can not access few module. like super admin and analyst can access all module but developer can only use own controller.

所以在这种情况下，我该如何保护具有多个登录名的控制器.还请注意，我有单独的登录页面和进入数据库的表.

so in this case , how can i guard a controller with multiple logins. also note that i have separate login page and table into Database.

phonebookController可以由超级管理员和分析师访问，但不能由开发人员访问. 所以请告诉我该如何实施?

for Example phonebookController can be access by super admin and analyst but not by developers. so please tell me how can i implement this?

我将此用于::

if( Auth::guard('superAdmin')->check() )
 {   $author =Auth::guard('superAdmin')->User()->id ;  }
  else  if( Auth::guard('analysts')->check() )
 {   $author =Auth::guard('analysts')->User()->id;   }
 else
 {  $author =Auth::guard('supervisor')->User()->id    }

我想将其用于类的构造方法

i want to use this into constructor method of class

推荐答案

这是我对管理员和用户的访问控制的实现(在我的情况下为代理) 我的用户表(is_admin)中有一个boolean字段，对于普通用户来说是0，对于管理员来说是1.所以在我的用户模型中，我做到了

Here is my implementation for access control for admin and users(agents in my case) I have a boolean field in my user table(is_admin) which is 0 for normal users and 1 for admins. so in my User model I did this

    protected $casts = [
        'is_admin' => 'boolean',
    ];

  public function isAdmin()
    {
            return $this->is_admin;
    }

为您要使用的角色类型创建新的中间件

Create a new middleware for the type of roles u want using

php artisan make:middleware Admin

php artisan make:middleware Agent

中间件文件将在App \ Http \ Middleware \中创建 将此添加到Admin.php

The middleware files will be created in App\Http\Middleware\ add this to class inside Admin.php

public function handle($request, Closure $next)
{

    if ( Auth::check() && Auth::user()->isAdmin() )
    {
        return $next($request);
    }

    return redirect('/agent');

}

，并将其发送到Agent.php

    public function handle($request, Closure $next)
{

    if ( Auth::check() && !Auth::user()->isAdmin() )
    {
        return $next($request);
    }

    return redirect('/home');

}

此操作向laravel注册中间件后，将其添加到位于app\Http\Kernel.php

After this register your middleware with laravel to do this add this to protected $routeMiddleware in your Kernel.php which is located at app\Http\Kernel.php

'admin' => 'App\Http\Middleware\Admin',
'agent' => 'App\Http\Middleware\Agent',

请确保按照中间件文件中所述为重定向创建正确的路由. 之后，您几乎完成了.现在，要验证用户是管理员还是普通用户，请将其添加到控制器的构造方法中.

make sure to create proper routes for redirection as we've mentioned in our middleware files. after this you are almost done. Now to verify if a user is admin or normal user add this to the constructor method of your controller.

仅允许管理员用户执行的操作

Actions allowed only for admin users

    public function __construct()
{   

    $this->middleware('auth');
    $this->middleware('admin');
}

仅允许普通用户执行的操作

Action allowed only for normal users

公共函数__construct() {

public function __construct() {

$this->middleware('auth');
$this->middleware('agent');

}

这篇关于如何通过多个用户来保护控制器?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！