因为时间有限就不展示自己前台代码的书写,就是想巩固一下自己对Auth后台的理解
在RouteServriceProvider区分一下前后台路由代码` public function map()
{
$this->mapApiRoutes();
$this->homeRoutes(); $this->adminRoutes(); // } protected function homeRoutes() { Route::middleware('web') ->namespace($this->namespace.'Home') ->group(base_path('routes/home.php')); } protected function adminRoutes() { Route::middleware('web') ->namespace($this->namespace.'Admin') ->group(base_path('routes/admin.php')); } protected function mapApiRoutes() { Route::prefix('api') ->middleware('api') ->namespace($this->namespace) ->group(base_path('routes/api.php')); }`
然后在config auth下注册guard(‘admin’)
'guards' => [ 'web' => [ 'driver' => 'session', 'provider' => 'users', ], 'admin' => [ 'driver' => 'session', 'provider' => 'admins', ], 'api' => [ 'driver' => 'token', 'provider' => 'users', ], ], 'providers' => [ 'users' => [ 'driver' => 'eloquent', 'model' => AppUser::class, ], 'admins' => [ 'driver' => 'eloquent', 'model' => AppAdmin::class, ], // 'users' => [ // 'driver' => 'database', // 'table' => 'users', // ], ],
仿User创建Admin model层` use Notifiable;
protected $fillable = [ 'name', 'password', ]; protected $hidden = [ 'password', 'remember_token', ];`
迁移文件填充数据就不展示了
class LoginController extends Controller { use AuthenticatesUsers; protected $redirectTo = '/admin'; //我这里是更改了中间件判断当前用户是否认证通过,如果是admin的话跳转到/admin,就以注释的方式展示 // public function handle($request, Closure $next, $guard = null) //{ // if (Auth::guard($guard)->check()) { // return redirect($guard == 'admin' ? '/admin' : '/home'); // } // return $next($request); // } //} // // public function __construct() { $this->middleware('guest:admin')->except('logout'); } public function showLoginForm() { return view('admin.login'); } public function username() { return 'name'; } protected function guard() { return auth()->guard('admin'); } protected function validateLogin(Request $request) { $this->validate($request, [ $this->username() => 'required|string|max:6', 'password' => 'required|string|max:6', ],[ $this->username().'required'=>'账号必须填写', $this->username().'string'=>'账号必须填写字符串', $this->username().'max'=>'账号不大于6位', 'password.required'=>'密码必须填写', 'password.string'=>'密码必须填写字符串', 'password.max'=>'密码不大于6位', ]); } //重写提交登录失败信息 protected function sendFailedLoginResponse(Request $request) { $name = $request->name; $user=Admin::where('name',$name)->first(); if(empty($user)) { throw ValidationException::withMessages([ 'name'=>'没有此用户' ]); return false; } if (!Hash::check($request->password, $user->password)) { throw ValidationException::withMessages([ 'password'=>'密码错误' ]); return false; } } //用户通过身份认证 protected function sendLoginResponse(Request $request) { // 设置记住我的时间为60分钟 $rememberTokenExpireMinutes = 60; // 首先获取 记住我 这个 cookie 的名字, 这个名字一般是随机生成的, // 类似 remember_admin_59ba36addc2b2f9401580f014c7f58ea4e30989d $rememberTokenName = Auth::guard('admin')->getRecallerName(); // 再次设置一次这个 cookie 的过期时间 cookie::queue($rememberTokenName, cookie::get($rememberTokenName), $rememberTokenExpireMinutes); // 下面的代码是从 AuthenticatesUsers 中的 sendLoginResponse() 直接复制而来 $request->session()->regenerate(); $this->clearLoginAttempts($request); return $this->authenticated($request, $this->guard()->user()) ?: redirect()->intended($this->redirectPath()); } protected function authenticated(Request $request, $user) { info('测试日志'); // return response()->json(['msg'=>200]); } }
我们还要防止用户直接跳过登录访问别的页面
app下的Exceptions/Handler.php//前后端未登录的跳转 protected function unauthenticated($request, AuthenticationException $exception) { if (in_array('admin', $exception->guards())) { return $request->expectsJson() ? response()->json(['msg'=>'用户未登录'], 401) : redirect()->guest(url('admin/login')); } return $request->expectsJson() ? response()->json(['msg'=>'用户未登录'], 401) : redirect()->guest(route('login')); } }
ok然后在路由加个中间件