0

我创建了一个中间件:

use Closure;
use Gate;
class ACLMiddleware
{
    /**
     * Handle an incoming request.
     *
     * @param  \Illuminate\Http\Request  $request
     * @param  \Closure  $next
     * @return mixed
     */
    public function handle($request, Closure $next)
    {
        if (Gate::denies('access-post')) {
            abort(403,'Not allowed!!!');
        }
        return $next($request);
    }
}

然后在路由中定义为:

Route::get('/', 'HomeController@index');

Route::group(['middleware' => 'auth','acl'], function () {

    Route::resource('post', 'PostController');
   ...

当我运行它时.. 它适用于所有路线,甚至适用于/. 为什么会这样?

内核.php

<?php

namespace App\Http;

use Illuminate\Foundation\Http\Kernel as HttpKernel;

class Kernel extends HttpKernel
{
    /**
     * The application's global HTTP middleware stack.
     *
     * @var array
     */
    protected $middleware = [
        \Illuminate\Foundation\Http\Middleware\CheckForMaintenanceMode::class,
        \App\Http\Middleware\EncryptCookies::class,
        \Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class,
        \Illuminate\Session\Middleware\StartSession::class,
        \Illuminate\View\Middleware\ShareErrorsFromSession::class,
        \App\Http\Middleware\VerifyCsrfToken::class,
        \App\Http\Middleware\ACLMiddleware::class,
    ];

    /**
     * The application's route middleware.
     *
     * @var array
     */
    protected $routeMiddleware = [
        'auth'       => \App\Http\Middleware\Authenticate::class,
        'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
        'guest'      => \App\Http\Middleware\RedirectIfAuthenticated::class,
        'acl'        => \App\Http\Middleware\ACLMiddleware::class,
    ];
}
4

2 回答 2

3

您的中间件注册在App\Http\Kernel.php.

数组:

protected $middleware = ['...'];

定义应该在每个 http 请求上运行的中间件。\App\Http\Middleware\ACLMiddleware::class在您的情况下,如果您不希望它在每个请求上运行,则需要删除。

数组:

protected $routeMiddleware = ['...']; 

定义仅在您指定的地方应用的中间件。这是您的定义所属的地方。

于 2015-11-01T11:59:59.997 回答
0

您需要使用 MW 类名称将您的中间件与您的路由链接,例如:Route::post('route', 'Controller@index')->middleware(Authorize::class);

于 2017-05-18T14:03:34.653 回答