我是Laravel的新手,想建立一个小的管理区域来创建和编辑数据。我正在使用Laravel 5.1自带的身份验证,并遵循此文档http://laravel.com/docs/master/authentication。
我的所有后端路由前缀"admin"。现在,如果我登录,我将被重定向到正确的页面。但是,一旦我点击一个链接或重新加载页面,我就会被重定向到我的登录页面。
我想我只是在路线上出了问题…?
附加信息:
- Laravel框架5.1.17 (LTS)
- 我使用vagrant作为我的开发环境。这是一个定制的盒子。但我
- 没有认证中间件,我所有的路由都是可访问的正常工作。
routes.php
// Frontend
Route::get('/', ['as' => 'home', 'uses' => 'ContentController@index']);
Route::resource('comment', 'CommentController', ['only' => ['create','store']]);
// Authentication
Route::get('admin/login', array('as' => 'admin.login', 'uses' => 'Auth'AuthController@getLogin'));
Route::post('admin/login', array('as' => 'admin.login', 'uses' => 'Auth'AuthController@postLogin'));
Route::get('admin/logout', array('as' => 'admin.logout', 'uses' => 'Auth'AuthController@getLogout'));
// Backend Admin with Authentication
Route::group(array('prefix' => 'admin', 'middleware' => 'auth', 'namespace' => 'Admin'), function()
{
Route::post('content/sortlist', ['as' => 'admin.content.sortlist', 'uses' => 'ContentController@sortList']);
Route::resource('content', 'ContentController', ['except' => ['show']]);
Route::resource('comment', 'CommentController', ['only' => ['index','destroy']]);
});
php artisan route:list输出
+--------+----------+------------------------------+------------------------+-------------------------------------------------------+------------+
| Domain | Method | URI | Name | Action | Middleware |
+--------+----------+------------------------------+------------------------+-------------------------------------------------------+------------+
| | GET|HEAD | / | home | App'Http'Controllers'ContentController@index | |
| | GET|HEAD | admin/comment | admin.comment.index | App'Http'Controllers'Admin'CommentController@index | auth |
| | DELETE | admin/comment/{comment} | admin.comment.destroy | App'Http'Controllers'Admin'CommentController@destroy | auth |
| | POST | admin/content | admin.content.store | App'Http'Controllers'Admin'ContentController@store | auth |
| | GET|HEAD | admin/content | admin.content.index | App'Http'Controllers'Admin'ContentController@index | auth |
| | GET|HEAD | admin/content/create | admin.content.create | App'Http'Controllers'Admin'ContentController@create | auth |
| | POST | admin/content/sortlist | admin.content.sortlist | App'Http'Controllers'Admin'ContentController@sortList | auth |
| | PATCH | admin/content/{content} | | App'Http'Controllers'Admin'ContentController@update | auth |
| | DELETE | admin/content/{content} | admin.content.destroy | App'Http'Controllers'Admin'ContentController@destroy | auth |
| | PUT | admin/content/{content} | admin.content.update | App'Http'Controllers'Admin'ContentController@update | auth |
| | GET|HEAD | admin/content/{content}/edit | admin.content.edit | App'Http'Controllers'Admin'ContentController@edit | auth |
| | GET|HEAD | admin/login | admin.login | App'Http'Controllers'Auth'AuthController@getLogin | guest |
| | POST | admin/login | admin.login | App'Http'Controllers'Auth'AuthController@postLogin | guest |
| | GET|HEAD | admin/logout | admin.logout | App'Http'Controllers'Auth'AuthController@getLogout | |
| | POST | comment | comment.store | App'Http'Controllers'CommentController@store | |
| | GET|HEAD | comment/create | comment.create | App'Http'Controllers'CommentController@create | |
+--------+----------+------------------------------+------------------------+-------------------------------------------------------+------------+
应用程序/Http/控制器/认证/AuthController.php
<?php
namespace App'Http'Controllers'Auth;
use App'User;
use Validator;
use App'Http'Controllers'Controller;
use Illuminate'Foundation'Auth'ThrottlesLogins;
use Illuminate'Foundation'Auth'AuthenticatesAndRegistersUsers;
class AuthController extends Controller
{
/*
|--------------------------------------------------------------------------
| Registration & Login Controller
|--------------------------------------------------------------------------
|
| This controller handles the registration of new users, as well as the
| authentication of existing users. By default, this controller uses
| a simple trait to add these behaviors. Why don't you explore it?
|
*/
use AuthenticatesAndRegistersUsers, ThrottlesLogins;
protected $redirectPath = 'admin/content';
protected $loginPath = 'admin/login';
/**
* Create a new authentication controller instance.
*
* @return void
*/
public function __construct()
{
$this->middleware('guest', ['except' => 'getLogout']);
}
/**
* Get a validator for an incoming registration request.
*
* @param array $data
* @return 'Illuminate'Contracts'Validation'Validator
*/
protected function validator(array $data)
{
return Validator::make($data, [
'firstname' => 'required|max:255',
'lastname' => 'required|max:255',
'email' => 'required|email|max:255|unique:users',
'password' => 'required|confirmed|min:6',
]);
}
/**
* Create a new user instance after a valid registration.
*
* @param array $data
* @return User
*/
protected function create(array $data)
{
return User::create([
'firstname' => $data['firstname'],
'lastname' => $data['lastname'],
'email' => $data['email'],
'password' => bcrypt($data['password']),
]);
}
}
应用程序/Http/中间件/Authenticate.php
<?php
namespace App'Http'Middleware;
use Closure;
use Illuminate'Contracts'Auth'Guard;
class Authenticate
{
/**
* The Guard implementation.
*
* @var Guard
*/
protected $auth;
/**
* Create a new filter instance.
*
* @param Guard $auth
* @return void
*/
public function __construct(Guard $auth)
{
$this->auth = $auth;
}
/**
* Handle an incoming request.
*
* @param 'Illuminate'Http'Request $request
* @param 'Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
if ($this->auth->guest()) {
if ($request->ajax()) {
return response('Unauthorized.', 401);
} else {
return redirect()->guest('admin/login');
}
}
return $next($request);
}
}
应用程序/Http/中间件/RedirectIfAuthenticated.php
<?php
namespace App'Http'Middleware;
use Closure;
use Illuminate'Contracts'Auth'Guard;
class RedirectIfAuthenticated
{
/**
* The Guard implementation.
*
* @var Guard
*/
protected $auth;
/**
* Create a new filter instance.
*
* @param Guard $auth
* @return void
*/
public function __construct(Guard $auth)
{
$this->auth = $auth;
}
/**
* Handle an incoming request.
*
* @param 'Illuminate'Http'Request $request
* @param 'Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
if ($this->auth->check()) {
return redirect('admin/content');
}
return $next($request);
}
}
postLogin at vendor/laravel/framework/src/Illuminate/Foundation/Auth/AuthenticatesUsers.php
<?php
namespace Illuminate'Foundation'Auth;
use Illuminate'Http'Request;
use Illuminate'Support'Facades'Auth;
use Illuminate'Support'Facades'Lang;
trait AuthenticatesUsers
{
use RedirectsUsers;
/**
* Show the application login form.
*
* @return 'Illuminate'Http'Response
*/
public function getLogin()
{
if (view()->exists('auth.authenticate')) {
return view('auth.authenticate');
}
return view('auth.login');
}
/**
* Handle a login request to the application.
*
* @param 'Illuminate'Http'Request $request
* @return 'Illuminate'Http'Response
*/
public function postLogin(Request $request)
{
$this->validate($request, [
$this->loginUsername() => 'required', 'password' => 'required',
]);
// If the class is using the ThrottlesLogins trait, we can automatically throttle
// the login attempts for this application. We'll key this by the username and
// the IP address of the client making these requests into this application.
$throttles = $this->isUsingThrottlesLoginsTrait();
if ($throttles && $this->hasTooManyLoginAttempts($request)) {
return $this->sendLockoutResponse($request);
}
$credentials = $this->getCredentials($request);
if (Auth::attempt($credentials, $request->has('remember'))) {
return $this->handleUserWasAuthenticated($request, $throttles);
}
// If the login attempt was unsuccessful we will increment the number of attempts
// to login and redirect the user back to the login form. Of course, when this
// user surpasses their maximum number of attempts they will get locked out.
if ($throttles) {
$this->incrementLoginAttempts($request);
}
return redirect($this->loginPath())
->withInput($request->only($this->loginUsername(), 'remember'))
->withErrors([
$this->loginUsername() => $this->getFailedLoginMessage(),
]);
}
/**
* Send the response after the user was authenticated.
*
* @param 'Illuminate'Http'Request $request
* @param bool $throttles
* @return 'Illuminate'Http'Response
*/
protected function handleUserWasAuthenticated(Request $request, $throttles)
{
if ($throttles) {
$this->clearLoginAttempts($request);
}
if (method_exists($this, 'authenticated')) {
return $this->authenticated($request, Auth::user());
}
return redirect()->intended($this->redirectPath());
}
/**
* Get the needed authorization credentials from the request.
*
* @param 'Illuminate'Http'Request $request
* @return array
*/
protected function getCredentials(Request $request)
{
return $request->only($this->loginUsername(), 'password');
}
/**
* Get the failed login message.
*
* @return string
*/
protected function getFailedLoginMessage()
{
return Lang::has('auth.failed')
? Lang::get('auth.failed')
: 'These credentials do not match our records.';
}
/**
* Log the user out of the application.
*
* @return 'Illuminate'Http'Response
*/
public function getLogout()
{
Auth::logout();
return redirect(property_exists($this, 'redirectAfterLogout') ? $this->redirectAfterLogout : '/');
}
/**
* Get the path to the login route.
*
* @return string
*/
public function loginPath()
{
return property_exists($this, 'loginPath') ? $this->loginPath : '/auth/login';
}
/**
* Get the login username to be used by the controller.
*
* @return string
*/
public function loginUsername()
{
return property_exists($this, 'username') ? $this->username : 'email';
}
/**
* Determine if the class is using the ThrottlesLogins trait.
*
* @return bool
*/
protected function isUsingThrottlesLoginsTrait()
{
return in_array(
ThrottlesLogins::class, class_uses_recursive(get_class($this))
);
}
}
我如何链接到管理页面在我的主。管理刀片文件(也许这是罪魁祸首?)
<ul class="nav nav-sidebar">
<li {{ Request::is('admin/content') ? "class=active" : null }}><a href="{{ URL::route('admin.content.index') }}">Inhalte <span class="sr-only">(current)</span></a></li>
<li {{ Request::is('admin/comment') ? "class=active" : null }}><a href="{{ URL::route('admin.comment.index') }}">Kommentare <span class="sr-only">(current)</span></a></li>
</ul>
跟随无数的谷歌链接,我已经检查了存储/框架/会话目录权限,并检查了会话是否持久。在我看来是这样。我在config/session.php中从基于文件的会话切换到数据库会话,根本没有改变。日志文件中也没有任何内容。
我已经无计可施了。可能是我不懂的配置。谢谢你的帮助!
找到解决方案。我在stackoverflow上偶然发现了一个关于授权的不同问题,并发现了这个问题。
我用
<li><a href="{{ Auth::logout() }}">Logout</a></li>
在我的刀片模板中注销。只要这个存在,上面描述的行为就会出现。我将其替换为以下
<li><a href="{{ URL::to('admin/logout') }}">Logout</a></li>
,现在一切正常!我还是想知道为什么会这样……但也许这能帮助别人!