除了电子邮件和密码之外,我还在登录时检查了名为已验证的额外列。我在 AuthenticatesUser.php 中对其进行了更改,如下所示受保护的函数凭据(请求 $request)
{
//return $request->only($this->username(), 'password');
$credentials = $request->only('email', 'password');
$credentials = array_add($credentials, 'verified', '1');
return $credentials;
}
它现在正在工作。如果电子邮件和密码匹配但已验证 = 0,我想发送未验证的错误消息。
用户控制器.php
public function doLogin(){
// validate the info, create rules for the inputs
$rules = array(
'email' => 'required|email', // make sure the email is an actual email
'password' => 'required|alphaNum|min:6' // password can only be alphanumeric and has to be greater than 6 characters
);
// run the validation rules on the inputs from the form
$validator = Validator::make(Input::all(), $rules);
// if the validator fails, redirect back to the form
if ($validator->fails()) {
return Redirect::to('user/login')
->withErrors($validator) // send back all errors to the login form
->withInput(Input::except('password')); // send back the input (not the password) so that we can repopulate the form
} else {
// create our user data for the authentication
$userdata = array(
'email' => Input::get('email'),
'password' => Input::get('password')
);
// attempt to do the login
if (Auth::attempt($userdata)) {
// validation successful!
// redirect them to the secure section or whatever
// check if verified
$user = Auth::getLastAttempted();
if ($user->confirmed==1) {
return Redirect::to('user/dashboard');
}
else{
Auth::logout();
return redirect('user/login')->with('flash_msg','Your account is not verified. Check your email for further process.')->withInput(Input::except('password'));
}
} else {
// validation not successful, send back to form
return redirect('user/login')->with('error_msg','Invalid login information, try again')->withInput(Input::except('password'));
}
}
}