我正在使用 laravel sanctum 进行测试,但这里有一些问题。我正在创建管理员守卫。
当我将中间件更改为 auth:sanctum_admin.. 它应该只能由管理员访问,但在这里我可以使用普通用户帐户和 web Guard 访问。我不知道为什么?...我使用带有多重身份验证包的护照。没关系。但是在圣所中不能将用户表和管理员分开。
问问题
10815 次
5 回答
10
您也可以在圣所中使用多个守卫。为此,请按照以下步骤操作 -
- 根据需要创建自己的后卫。(在
config/auth.php)
'guards' => [
'web' => [
'driver' => 'session',
'provider' => 'users',
],
'api' => [
'driver' => 'token',
'provider' => 'users',
'hash' => false,
],
'admin' => [
'driver' => 'session',
'provider' => 'admins',
]
],
- 设置提供者。(在
config/auth.php)
'providers' => [
'users' => [
'driver' => 'eloquent',
'model' => App\User::class,
],
'admins' => [
'driver' => 'eloquent',
'model' => App\Admin::class,
],
],
- 当您对用户进行身份验证时使用此防护。(在路线文件中)
if(auth()->guard('admin')->attempt($request->only('email','password'))) { return auth()->guard('admin')->user(); }
于 2020-05-09T18:45:28.927 回答
7
@Abhishek Mitra
对于使用 Laravel Sanctum 的授权Multiple Auth Guard,我们可以这样使用中间件
Route::middleware(['auth:guard_name'])->get('/user', function(){
return auth()->guard('guard_name')->user();
}
于 2020-05-19T07:01:26.120 回答
3
配置/auth.php
司机是圣地
'guards' => [
'users' => [
'driver' => 'sanctum',
'provider' => 'users',
],
'partners' => [
'driver' => 'sanctum',
'provider' => 'partners',
],
'admins' => [
'driver' => 'sanctum',
'provider' => 'admins',
],
],
提供者:
providers' => [
'users' => [
'driver' => 'eloquent',
'model' => App\Models\User::class,
],
'partners' => [
'driver' => 'eloquent',
'model' => App\Models\Partner::class,
],
'admins' => [
'driver' => 'eloquent',
'model' => App\Models\Admin::class,
],
],
模型:
必须添加可验证的
<?php
namespace App\Models;
use Illuminate\Contracts\Auth\MustVerifyEmail;
use Illuminate\Database\Eloquent\Factories\HasFactory;
use Illuminate\Foundation\Auth\User as Authenticatable;
use Illuminate\Notifications\Notifiable;
class Admin extends Authenticatable
{
use HasFactory, Notifiable;
/**
* The attributes that are mass assignable.
*
* @var array
*/
protected $fillable = [
'name',
'email',
'password',
];
/**
* The attributes that should be hidden for arrays.
*
* @var array
*/
protected $hidden = [
'password',
'remember_token',
];
/**
* The attributes that should be cast to native types.
*
* @var array
*/
protected $casts = [
'email_verified_at' => 'datetime',
];
}
中间件:
Route::middleware(['auth:admin'])->get('/user', function(){
}
警卫:
auth()->guard('admin')->user();
未经身份验证的用户消息:
在 app/Exceptions/Handler.php
use Illuminate\Auth\AuthenticationException;
功能:
protected function unauthenticated($request, AuthenticationException $exception)
{
return response()->json(['message' => 'Unauthenticated.'], 401);
}
或者
自定义守卫和自定义重定向
public function render($request, Exception $exception)
{
$class = get_class($exception);
switch($class) {
case 'Illuminate\Auth\AuthenticationException':
$guard = array_get($exception->guards(), 0);
switch ($guard) {
case 'admin':
$login = 'admin.login';
break;
default:
$login = 'login';
break;
}
return redirect()->route($login);
}
return parent::render($request, $exception);
}
于 2021-02-27T05:04:16.007 回答
1
- 您必须在config/auth.php中添加您的自定义防护。
'守卫' => [
'web' => [
'driver' => 'session',
'provider' => 'users',
],
'custom-guard' => [
'driver' => 'session',
'provider' => 'custom-provider',
]
],
注意,custom guard 中的驱动程序必须是session。并将提供者设置为:
'providers' => [
'users' => [
'driver' => 'eloquent',
'model' => App\User::class,
],
'custom-provider' => [
'driver' => 'eloquent',
'model' => App\CustomProvider::class,
],
],App\CustomProvider::class 必须是模型。之后可以轻松地在身份验证中使用防护。
auth('custom-guard')->user()
于 2021-08-31T04:50:45.983 回答
-1
我认为默认守卫应该是这样的:
'defaults'{
'guard' : "sanctum_admin",
'passwords': 'admins',
}
或者
'defaults'{
'guard' : 'web',
'passwords' : 'users',
}
于 2020-04-18T05:40:32.163 回答