如何在 laravel 中为多种类型的管理员使用中间件?
How to use middleware for multiple type of admins in laravel?
我在 laravel 中使用中间件。我有两个中间件,一个是管理员,第二个是专员
现在在两个中间件中,有些路由可以访问这两个中间件,有些则不能。现在发生的事情是我不希望在专员中间件中访问管理中间件的个人路由。
我在这里尝试过:-
//Admin Middleware Route
Route::group(["middleware" => ['admin']], function () {
Route::match(['get', 'post'], '/admin/users', 'AdminController@users');
});
//Commissioner Middleware Route
Route::group(["middleware" => ['commissioner']], function () {
//we can put later on these routes
});
// common middleware routes between commissioner and admin
Route::group(["middleware" => ['admin','commissioner']], function () {
Route::match(['get', 'post'], '/admin/dashboard', 'AdminController@dashboard');
Route::match(['get', 'post'], '/admin/profile', 'AdminController@profile');
});
现在,当我通过 commissioner 登录时访问 AdminController@users 路由时,它是可以访问的,但我不希望在 commissioner 登录时访问该路由。但是 AdminController@dashboard 和 AdminController@profile 应该可以在两个中间件中访问
When admin login then type is : master
when commsioner login then type is : commissioner
// Commissioner Middleware
class Commissioner
{
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
if(empty(Session::has('adminSession'))){
return redirect()->action('AdminController@login')->with('flash_message_error', 'Please Login');
}
return $next($request);
}
}
// admin Middleware
class Admin
{
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
if(empty(Session::has('adminSession'))){
return redirect()->action('AdminController@login')->with('flash_message_error', 'Please Login');
}
return $next($request);
}
}
请帮助我,我正在使用 laravel 5.2。提前致谢 :)
如果我对你的问题的理解正确,你有一个管理员 table,其中包含两种不同类型的管理员:管理员和专员。
这两种类型的管理员都是通过调用 AdminController@login 方法登录的。您想使用中间件来检查管理员的类型以保护您的路由。
以下是我的建议:
- 创建三个不同的中间件:
- AdminAuth 中间件(在 Http/Kernel.php 中命名为 "admin")用于 master 和 commissioner 的身份验证检查。
- Master中间件(在Http/Kernel.php中给它起一个名字,如"master")检查master类型admin.
- Commissioner 中间件(在 Http/Kernel.php 中命名为 "commissioner")检查 commissioner 类型 admin.
中间件:
class AdminAuth
{
public function handle($request, Closure $next)
{
if(!Session::has('adminSession')){
return redirect()->action('AdminController@login')->with('flash_message_error', 'Please Login');
}
return $next($request);
}
}
class Master
{
public function handle($request, Closure $next)
{
$admin = ... // Your code to retrived authenticated admin instance.
if($admin->type !== 'master') { // I assume you have a type field.
// return error here to indicate user is not a master
}
return $next($request);
}
}
class Commissioner
{
public function handle($request, Closure $next)
{
$admin = ... // Your code to retrived authenticated admin instance.
if($admin->type !== 'commissioner') { // I assume you have a type field.
// return error here to indicate user is not a commissioner
}
return $next($request);
}
}
- 像下面这样更新您的路线:
路线:
//Admin Middleware Route can only be accessed by master admin
Route::group(["middleware" => ['admin', 'master']], function () {
Route::match(['get', 'post'], '/admin/users', 'AdminController@users');
});
//Commissioner Middleware Route
Route::group(["middleware" => ['admin', 'commissioner']], function () {
//we can put later on these routes
});
// common middleware routes between commissioner and admin
Route::group(["middleware" => ['admin']], function () {
Route::match(['get', 'post'], '/admin/dashboard', 'AdminController@dashboard');
Route::match(['get', 'post'], '/admin/profile', 'AdminController@profile');
});
BTW,中间件是"AND"关系。假设您在路线中有以下声明:
"middleware" => ['admin', 'commissioner']
这意味着只有通过'admin'和'commissioner'检查才能访问该路由。
我在 laravel 中使用中间件。我有两个中间件,一个是管理员,第二个是专员
现在在两个中间件中,有些路由可以访问这两个中间件,有些则不能。现在发生的事情是我不希望在专员中间件中访问管理中间件的个人路由。 我在这里尝试过:-
//Admin Middleware Route
Route::group(["middleware" => ['admin']], function () {
Route::match(['get', 'post'], '/admin/users', 'AdminController@users');
});
//Commissioner Middleware Route
Route::group(["middleware" => ['commissioner']], function () {
//we can put later on these routes
});
// common middleware routes between commissioner and admin
Route::group(["middleware" => ['admin','commissioner']], function () {
Route::match(['get', 'post'], '/admin/dashboard', 'AdminController@dashboard');
Route::match(['get', 'post'], '/admin/profile', 'AdminController@profile');
});
现在,当我通过 commissioner 登录时访问 AdminController@users 路由时,它是可以访问的,但我不希望在 commissioner 登录时访问该路由。但是 AdminController@dashboard 和 AdminController@profile 应该可以在两个中间件中访问
When admin login then type is : master
when commsioner login then type is : commissioner
// Commissioner Middleware
class Commissioner
{
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
if(empty(Session::has('adminSession'))){
return redirect()->action('AdminController@login')->with('flash_message_error', 'Please Login');
}
return $next($request);
}
}
// admin Middleware
class Admin
{
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
if(empty(Session::has('adminSession'))){
return redirect()->action('AdminController@login')->with('flash_message_error', 'Please Login');
}
return $next($request);
}
}
请帮助我,我正在使用 laravel 5.2。提前致谢 :)
如果我对你的问题的理解正确,你有一个管理员 table,其中包含两种不同类型的管理员:管理员和专员。 这两种类型的管理员都是通过调用 AdminController@login 方法登录的。您想使用中间件来检查管理员的类型以保护您的路由。
以下是我的建议:
- 创建三个不同的中间件:
- AdminAuth 中间件(在 Http/Kernel.php 中命名为 "admin")用于 master 和 commissioner 的身份验证检查。
- Master中间件(在Http/Kernel.php中给它起一个名字,如"master")检查master类型admin.
- Commissioner 中间件(在 Http/Kernel.php 中命名为 "commissioner")检查 commissioner 类型 admin.
中间件:
class AdminAuth
{
public function handle($request, Closure $next)
{
if(!Session::has('adminSession')){
return redirect()->action('AdminController@login')->with('flash_message_error', 'Please Login');
}
return $next($request);
}
}
class Master
{
public function handle($request, Closure $next)
{
$admin = ... // Your code to retrived authenticated admin instance.
if($admin->type !== 'master') { // I assume you have a type field.
// return error here to indicate user is not a master
}
return $next($request);
}
}
class Commissioner
{
public function handle($request, Closure $next)
{
$admin = ... // Your code to retrived authenticated admin instance.
if($admin->type !== 'commissioner') { // I assume you have a type field.
// return error here to indicate user is not a commissioner
}
return $next($request);
}
}
- 像下面这样更新您的路线:
路线:
//Admin Middleware Route can only be accessed by master admin
Route::group(["middleware" => ['admin', 'master']], function () {
Route::match(['get', 'post'], '/admin/users', 'AdminController@users');
});
//Commissioner Middleware Route
Route::group(["middleware" => ['admin', 'commissioner']], function () {
//we can put later on these routes
});
// common middleware routes between commissioner and admin
Route::group(["middleware" => ['admin']], function () {
Route::match(['get', 'post'], '/admin/dashboard', 'AdminController@dashboard');
Route::match(['get', 'post'], '/admin/profile', 'AdminController@profile');
});
BTW,中间件是"AND"关系。假设您在路线中有以下声明:
"middleware" => ['admin', 'commissioner']
这意味着只有通过'admin'和'commissioner'检查才能访问该路由。