當有人注冊時,他們可以在下拉選擇中注冊為個人資料或企業。從我下面的代碼中,如何創建中間件,使個人資料用戶無法訪問業務儀表板,業務用戶也無法訪問個人資料儀表板?我如何保護這些頁面?
2014_10_12_000000_create_users_table.php
Schema::create('users', function (Blueprint $table) {
$table->id();
$table->string('account_type');
$table->string('first_name');
$table->string('last_name');
$table->string('username')->unique();
$table->string('email')->unique();
$table->timestamp('email_verified_at')->nullable();
$table->string('phone');
$table->string('address', 50);
$table->string('city', 25);
$table->char('state', 2);
$table->char('zip', 10);
$table->string('password');
$table->rememberToken();
$table->timestamps();
});
注冊控制器.php
<?php
namespace App\Http\Controllers\Auth;
use App\Models\User;
use Illuminate\Http\Request;
use App\Http\Controllers\Controller;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\Hash;
class RegisterController extends Controller
{
public function index()
{
return view('auth.register');
}
public function store(Request $request)
{
$this->validate($request, [
'account_type' => 'required|not_in:0',
'first_name' => 'required|max:255',
'last_name' => 'required|max:255',
'username' => 'required|max:15|unique:users',
'email' => 'required|email|unique:users',
'phone' => 'required|max:255|digits:10',
'address' => 'required|max:255',
'city' => 'required|max:20',
'state' => 'required|not_in:0',
'zip' => 'required|regex:/\b\d{5}\b/',
'password' => 'required|string|confirmed|min:8',
]);
User::create([
'account_type' => $request->account_type,
'first_name' => $request->first_name,
'last_name' => $request->last_name,
'username' => $request->username,
'email' => $request->email,
'phone' => $request->phone,
'address' => $request->address,
'city' => $request->city,
'state' => $request->state,
'zip' => $request->zip,
'password' => Hash::make($request->password),
]);
Auth::attempt([
'email' => $request->email,
'password' => $request->password,
]);
// Redirect to dashboards based on registers account type
if(Auth::user()->account_type == 'profile'){
return redirect()->route('dashboard_profile');
} else {
return redirect()->route('dashboard_business');
}
}
}
BusinessDashboardController.php
class BusinessDashboardController extends Controller
{
public function __construct()
{
$this->middleware('auth');
}
public function index()
{
return view('auth.dashboard_business');
}
}
ProfileDashboardController.php
class ProfileDashboardController extends Controller
{
public function __construct()
{
$this->middleware('auth');
}
public function index()
{
return view('auth.dashboard_profile');
}
}
我想學會在不使用包的情況下做到這一點。
uj5u.com熱心網友回復:
除了@nagidi 提供的解決方案之外,您還可以更新middleware句柄條件以檢查account_type是個人資料還是業務。
public function handle($request, Closure $next, $type)
{
if (Auth::user() && Auth::user()->account_type == $type) {
return $next($request);
}
abort(403, 'Unauthorized action.');
}
Route::get('/business-profile', ['middleware' => 'accType:business', function () {
//
}]);
Route::get('/profile', ['middleware' => 'accType:profile', function () {
//
}]);
uj5u.com熱心網友回復:
1-運行:
php artisan make:middleware AccountType
2-通過打開將其添加到內核檔案中的routeMiddleware陣列app/Http/Kernel.php:
'accType' => \App\Http\Middleware\AccountType::class,
3- 編輯AccountType檔案:
public function handle($request, Closure $next)
{
// If user account type is profile allow to next or else block the request
if (Auth::user() && Auth::user()->account_type == 'profile') {
return $next($request);
}else{
abort(403, 'Unauthorized action.');
}
}
4- 將中間件應用于您的路線:
Route::get('/profile', ['middleware' => 'accType', function () {
//
}]);
uj5u.com熱心網友回復:
如果您想擁有一個具有不同邏輯的多身份驗證系統,最好實作多個保護并在您想要的模型中定義它們:
[...]
'guards' => [
[...]
'admin' => [
'driver' => 'session',
'provider' => 'admins',
],
'writer' => [
'driver' => 'session',
'provider' => 'writers',
],
],
[...]
[...]
'providers' => [
[...]
'admins' => [
'driver' => 'eloquent',
'model' => App\BusinessDashboard::class,
],
'writers' => [
'driver' => 'eloquent',
'model' => App\ProfileDashboard::class,
],
],
[...]
您可以在下面的代碼中找到完整的指南文章:
在此處輸入鏈接描述
轉載請註明出處,本文鏈接:https://www.uj5u.com/ruanti/361735.html