Laravel如何實現會話超時後鎖定屏幕

Question

我試過了很多從網上下載的方法，但都無法實現，希望有人能給我一種實現想法或方法的方法，謝謝你的幫助。

Answer 1

讓我舉個例子。在app\Http\Middleware文件夾中定義SessionTimeout中間件。

<?php 

namespace App\Http\Middleware; 

use Closure; 
use Auth; 
use Session; 

class SessionTimeout 
{ 


    /** 
    * Check the incoming request for session data, log out if session lifetime is exceeded. 
    * 
    * @param \Illuminate\Http\Request $request 
    * @param \Closure $next 
    * @return mixed 
    */ 

    public function handle($request, Closure $next) 
    { 

     //$isLoggedIn = $request->path() != '/logout'; 

     $bag = Session::getMetadataBag(); 

     $max = $this->getTimeOut(); 

     if (($bag && $max < (time() - $bag->getLastUsed()))) { 

      //$cookie = cookie('intend', $isLoggedIn ? url()->current() : 'auth/login'); 

      $email = Auth::user()->email; 

      $returnPath = url()->current(); 

      $request->session()->flush(); // remove all the session data 

      Auth::logout(); // logout user 

      return redirect('auth/login') 
        ->withInput(compact('email', 'returnPath')) 
        //->withCookie($cookie) 
        ->withErrors(['Please login']); 
      //you could also redirect to lock-screen, a completely different view 
      //and then pass the returnPath to controller method maybe via hidden filed 
      //to redirect to the last page/path the user was on 
      //after successful re-login from the lock-screen. 
     } 

     return $next($request); 


    } 

    /** 
    * Set a variable in .env file TIMEOUT (in seconds) to play around in the development machine. 
    */ 
    protected function getTimeOut() 
    { 
     return (env('TIMEOUT')) ?: (config('session.lifetime') * 60); 
    } 
} 

的到app\Http\Kernel.php

class Kernel extends HttpKernel { 
/** 
* The application's global HTTP middleware stack. 
* 
* @var array 
*/ 
protected $middleware = [ 
     'Illuminate\Foundation\Http\Middleware\CheckForMaintenanceMode', 
     'Illuminate\Cookie\Middleware\EncryptCookies', 
     'Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse', 
     'Illuminate\Session\Middleware\StartSession', 
     'Illuminate\View\Middleware\ShareErrorsFromSession', 
     'App\Http\Middleware\SessionTimeout' 
]; 
/** 
* The application's route middleware. 
* 
* @var array 
*/ 
protected $routeMiddleware = [ 
     'auth' => 'App\Http\Middleware\Authenticate', 
     'auth.basic' => 'Illuminate\Auth\Middleware\AuthenticateWithBasicAuth', 
     'guest' => 'App\Http\Middleware\RedirectIfAuthenticated' 
]; 

}

在登錄表單視圖通常在resources\views\auth\login.blade.php

@extend('app-layout') 
@section('content') 
    //code to display errors here 

    @if($email) //check if the request has $email returned by SessionTimeout middleware 
     //if so display lock screen like 
     //code to display the profile image 
     //code to display the user email (or whatever id is used) 
    @else 
     //display email input field for a new login 
     //code to input the email (whatever id is used) for a new login 
    @endif 
    //here the code common for lock screen as well as new login. 
    //code to display input password 
    //code for submit button and rest of the things like remember me field 
@stop 

添加SessionTimeout那麼你也可以使用諧音爲鎖屏以及基於的新登錄表單和顯示。

希望這會讓你開始。

Answer 2

假設你正在使用的會話驅動程序來處理身份驗證，您可以更改時間段空閒會話在

/app/config/session.php文件到期。

/* 
|-------------------------------------------------------------------------- 
| Session Lifetime 
|-------------------------------------------------------------------------- 
| 
| Here you may specify the number of minutes that you wish the session 
| to be allowed to remain idle before it expires. If you want them 
| to immediately expire on the browser closing, set that option. 
| 
*/ 

'lifetime' => 120, // minutes 

'expire_on_close' => false,