laravel 5.2如何使用laravel多重驗證Guard對於同一控制
我有以下
Admin Clients Employee
多個權威性加爾給我有
ItemController
->index.blade.php
->create.blade.php
->edit.blade.php
ItemKitController
->index.blade.php
->create.blade.php
->edit.blade.php
我想用客戶和員工保護訪問上述相同的控制器和視圖。
是他們任何可能的方式。
您可以使用中間件,如:
Route::group([ 'middleware' => ['Admin', 'Clients', 'Employee'] ], function(){
Route::get('/Admin', '[email protected]');
Route::get('/Clients', '[email protected]');
Route::get('/Employee', '[email protected]');
});
舉例來說,我有一個管理的中間件來檢查,如果用戶ID爲1
<?php
namespace App\Http\Middleware;
use Closure;
use Auth;
use Log;
class AuthAdmin
{
private $admins; // Admin ids
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
$this->admins = config('custom.admins'); // get configs
$user = Auth::user();
if($user->id != 1)){
// not admin, redirect home
return redirect('/');
}
// is admin, let request continue
return $next($request);
}
}
然後,你必須將它添加到Kernel.php「 $ routeMiddleware「:
protected $routeMiddleware = [
'auth' => \App\Http\Middleware\Authenticate::class,
'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
'can' => \Illuminate\Foundation\Http\Middleware\Authorize::class,
'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class,
'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class,
// Custom Middleware
// Auth Admin
'auth_admin' => \App\Http\Middleware\AuthAdmin::class,
];
然後在我的路線:
Route::group([ 'middleware' => ['auth_admin'] ], function(){
// nobody can come to these routes but admins
Route::get('/admin/index', '[email protected]');
});
我要爲同一個控制器不同的身份驗證後衛多個AUTH後衛(「AUTH:客戶端」,「身份驗證:員工」) –
我認爲你正試圖使用警衛來實施策略。你的用例應該使用一個策略。 –
不,我沒有實施政策 –
警衛是爲了認證,而政策是爲了授權。換句話說,您可以使用警衛來使用JWT for API,並使用網絡的正常認證。但是,根據您的示例對於不同的訪問權限,這是授權,可以由策略完成。 –