在 Laravel 5 中使用多个身份验证守卫时重定向循环
Redirect loop when using multiple auth guards in Laravel 5
我正在尝试设置两个身份验证保护程序:internal(用于普通浏览器请求)和 api(用于 AJAX 请求)。 api 是默认的守卫,但我现在专注于让 internal-守卫工作。
这是我的 config/auth.php:
<?php
return [
'defaults' => [
'guard' => 'api',
'passwords' => 'clients',
],
'guards' => [
'internal' => [
'driver' => 'session',
'provider' => 'users',
],
'api' => [
'driver' => 'token',
'provider' => 'clients',
],
],
'providers' => [
'users' => [
'driver' => 'eloquent',
'model' => App\User::class,
],
'clients' => [
'driver' => 'eloquent',
'model' => App\Client::class,
],
],
'passwords' => [
'users' => [
'provider' => 'users',
'email' => 'auth.emails.password',
'table' => 'password_resets',
'expire' => 60,
],
],
];
这是我的 routes.php:
<?php
Route::group([
'domain' => 'internal.example.com',
'middleware' => ['web', 'auth:internal']
], function () {
Route::get('/', function () {
return view('welcome');
});
Route::get('/home', 'HomeController@index');
});
Route::group([
'domain' => 'internal.example.com',
'middleware' => [ 'web']
], function () {
Route::match(['get', 'post'], '/login', 'InternalAuth\InternalAuthController@login');
Route::get('/logout', 'InternalAuth\InternalAuthController@logout');
});
这是 InternalAuthController:
<?php
namespace App\Http\Controllers\InternalAuth;
use App\User;
use Validator;
use App\Http\Controllers\Controller;
use Illuminate\Foundation\Auth\ThrottlesLogins;
use Illuminate\Foundation\Auth\AuthenticatesAndRegistersUsers;
class InternalAuthController extends Controller
{
/*
|--------------------------------------------------------------------------
| Registration & Login Controller
|--------------------------------------------------------------------------
|
| This controller handles the registration of new users, as well as the
| authentication of existing users. By default, this controller uses
| a simple trait to add these behaviors. Why don't you explore it?
|
*/
use AuthenticatesAndRegistersUsers, ThrottlesLogins;
/**
* Where to redirect users after login / registration.
*
* @var string
*/
protected $redirectTo = '/';
protected $guard = 'internal';
/**
* Create a new authentication controller instance.
*
* @return void
*/
public function __construct()
{
$this->middleware('guest', ['except' => 'logout']);
}
/**
* Get a validator for an incoming registration request.
*
* @param array $data
* @return \Illuminate\Contracts\Validation\Validator
*/
protected function validator(array $data)
{
return Validator::make($data, [
'name' => 'required|max:255',
'email' => 'required|email|max:255|unique:users',
'password' => 'required|confirmed|min:6',
]);
}
/**
* Create a new user instance after a valid registration.
*
* @param array $data
* @return User
*/
protected function create(array $data)
{
return User::create([
'name' => $data['name'],
'email' => $data['email'],
'password' => bcrypt($data['password']),
]);
}
}
我觉得不错。但是当我在浏览器中转到 /、/home 或 /login 时,我最终进入了重定向循环。
我遗漏了一些东西...有什么想法吗?
/login 指向 InternalAuth\InternalAuthController@login。 login() 是 Illuminate\Foundation\Auth\AuthenticatesAndRegistersUsers 的一个方法(used by InternalAuth),但它不负责返回视图或响应 post 请求。这是 getLogin 和 postLogin 的工作。
所以,我需要在 routes.php 中更改此设置:
Route::match(['get', 'post'], '/login', 'InternalAuth\InternalAuthController@login');
为此:
Route::get('/login', 'InternalAuth\InternalAuthController@getLogin');
Route::post('/login', 'InternalAuth\InternalAuthController@postLogin');
我正在尝试设置两个身份验证保护程序:internal(用于普通浏览器请求)和 api(用于 AJAX 请求)。 api 是默认的守卫,但我现在专注于让 internal-守卫工作。
这是我的 config/auth.php:
<?php
return [
'defaults' => [
'guard' => 'api',
'passwords' => 'clients',
],
'guards' => [
'internal' => [
'driver' => 'session',
'provider' => 'users',
],
'api' => [
'driver' => 'token',
'provider' => 'clients',
],
],
'providers' => [
'users' => [
'driver' => 'eloquent',
'model' => App\User::class,
],
'clients' => [
'driver' => 'eloquent',
'model' => App\Client::class,
],
],
'passwords' => [
'users' => [
'provider' => 'users',
'email' => 'auth.emails.password',
'table' => 'password_resets',
'expire' => 60,
],
],
];
这是我的 routes.php:
<?php
Route::group([
'domain' => 'internal.example.com',
'middleware' => ['web', 'auth:internal']
], function () {
Route::get('/', function () {
return view('welcome');
});
Route::get('/home', 'HomeController@index');
});
Route::group([
'domain' => 'internal.example.com',
'middleware' => [ 'web']
], function () {
Route::match(['get', 'post'], '/login', 'InternalAuth\InternalAuthController@login');
Route::get('/logout', 'InternalAuth\InternalAuthController@logout');
});
这是 InternalAuthController:
<?php
namespace App\Http\Controllers\InternalAuth;
use App\User;
use Validator;
use App\Http\Controllers\Controller;
use Illuminate\Foundation\Auth\ThrottlesLogins;
use Illuminate\Foundation\Auth\AuthenticatesAndRegistersUsers;
class InternalAuthController extends Controller
{
/*
|--------------------------------------------------------------------------
| Registration & Login Controller
|--------------------------------------------------------------------------
|
| This controller handles the registration of new users, as well as the
| authentication of existing users. By default, this controller uses
| a simple trait to add these behaviors. Why don't you explore it?
|
*/
use AuthenticatesAndRegistersUsers, ThrottlesLogins;
/**
* Where to redirect users after login / registration.
*
* @var string
*/
protected $redirectTo = '/';
protected $guard = 'internal';
/**
* Create a new authentication controller instance.
*
* @return void
*/
public function __construct()
{
$this->middleware('guest', ['except' => 'logout']);
}
/**
* Get a validator for an incoming registration request.
*
* @param array $data
* @return \Illuminate\Contracts\Validation\Validator
*/
protected function validator(array $data)
{
return Validator::make($data, [
'name' => 'required|max:255',
'email' => 'required|email|max:255|unique:users',
'password' => 'required|confirmed|min:6',
]);
}
/**
* Create a new user instance after a valid registration.
*
* @param array $data
* @return User
*/
protected function create(array $data)
{
return User::create([
'name' => $data['name'],
'email' => $data['email'],
'password' => bcrypt($data['password']),
]);
}
}
我觉得不错。但是当我在浏览器中转到 /、/home 或 /login 时,我最终进入了重定向循环。 我遗漏了一些东西...有什么想法吗?
/login 指向 InternalAuth\InternalAuthController@login。 login() 是 Illuminate\Foundation\Auth\AuthenticatesAndRegistersUsers 的一个方法(used by InternalAuth),但它不负责返回视图或响应 post 请求。这是 getLogin 和 postLogin 的工作。
所以,我需要在 routes.php 中更改此设置:
Route::match(['get', 'post'], '/login', 'InternalAuth\InternalAuthController@login');
为此:
Route::get('/login', 'InternalAuth\InternalAuthController@getLogin');
Route::post('/login', 'InternalAuth\InternalAuthController@postLogin');