Laravel 5.3中的路由保护问题 [英] Issue with Route Protection in Laravel 5.3
问题描述
我已经在Laravel中创建了一个登录/注册页面,它可以正常工作,但是我想通过仅允许经过身份验证的用户访问url来保护路由.
I have made a login/signup page in Laravel and it works fine but I want to protect routes by allowing authenticated users alone to access the url.
这是我的web.php:
This is my web.php :
Route::get('/', [
'uses' => 'UserController@getLogin',
'as' => 'login'
]);
Route::get('/signup', [
'uses' => 'UserController@getSignup',
'as' => 'signup'
]);
Route::get('/logout', [
'uses' => 'UserController@getLogout',
'as' => 'logout'
]);
Route::group(['prefix' => 'app'], function(){
Route::post('/newuser', [
'uses' => 'UserController@postSubmitSignup',
'as' => 'submitsignup'
]);
Route::post('/submitsignup', [
'uses' => 'UserController@postSubmitLogin',
'as' => 'submitlogin'
]);
Route::get('/home', [
'uses' => 'UserController@getDashboard',
'as' => 'dashboard'
])->middleware('auth');
// I also tried 'middleware' => 'auth', ends in same thing
});
在我的UserController.php中:
In my UserController.php :
public function getSignup(){
$organizations = Organizations::all()->where('deleted', '0')->all();
return view('pages.signup', ['organizations' => $organizations]);
}
public function getLogin(){
return view('pages.login');
}
public function getDashboard(){
return view('pages.dashboard');
}
public function getLogout(){
Auth::logout();
return redirect()->route('login');
}
public function postSubmitSignup(Request $request){
$newuser = new User();
$newuser->firstname = $request['firstname'];
$newuser->lastname = $request['lastname'];
$newuser->username = $request['username'];
$newuser->email = $request['email'];
$newuser->password = bcrypt($request['password']);
$newuser->passwordhint = $request['passwordhint'];
$newuser->organization = $request['organization'];
$newuser->location = $request['location'];
$newuser->phone = $request['phone'];
$newuser->signupnote = $request['remarks'];
$newuser->save();
return redirect()->route('login');
}
public function postSubmitLogin(Request $request){
if(Auth::attempt(["username" => $request['username'], "password" => $request['password']])){
return redirect()->route('dashboard');
}
session()->flash('invalid', 'Bad Credentials');
return redirect()->back()->withInput();
}
当我尝试使用有效的凭据登录时,收到以下错误消息,并且URL似乎为http://website.com/login
,但登录页面位于http://website.com/
:
And when I try to login with valid credentials, I get the following error message and the url seems to be http://website.com/login
but the login page is located at http://website.com/
:
Sorry, the page you are looking for could not be found.
1/1 NotFoundHttpException in RouteCollection.php line 161:
in RouteCollection.php line 161
at RouteCollection->match(object(Request)) in Router.php line 780
at Router->findRoute(object(Request)) in Router.php line 610
at Router->dispatchToRoute(object(Request)) in Router.php line 596
at Router->dispatch(object(Request)) in Kernel.php line 267
at Kernel->Illuminate\Foundation\Http\{closure}(object(Request)) in Pipeline.php line 53
当我尝试直接访问仪表板URL时,出现相同的错误.我应该如何正确地进行操作,如果有人可以解释为什么会发生这种情况,那将是很好的选择.
When I try to access the dashboard url directly, I get the same error. How should I do it properly and would be great if someone can explain why this happens.
推荐答案
您需要将您的路线分组如下
You need to group your routes like below
Route::group(['middleware' => 'auth'], function(){
Route::get('/logout', [
'uses' => 'UserController@getLogout',
'as' => 'logout'
]);
// and your other routes which you wanna protect
}
现在,注销路由和您将在其中添加的其他路由将仅由经过身份验证的用户访问,即登录用户.
Now the logout route and other routes which you will add in there will be only accessible to the authenticated users, in simple words user who is logged in.
这篇关于Laravel 5.3中的路由保护问题的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!