我目前正在开发我的 Laravel 应用程序,为了防止垃圾邮件,我决定只有活跃用户才能登录。 我目前正在使用 Laravel 的登录系统,就像在 Laravel 的官网教程中一样,这是我的表单操作:
<form class="form-horizontal" role="form" method="POST" action="{{ url('/auth/login') }}">
这完全没问题,但是我想检查用户的事件状态,如果不活动,它将被重定向到激活页面,否则它将登录。 有没有一种简单的方法可以做到这一点,或者我有义务制作一个新的 Controller 、路由和更多验证?谢谢。
编辑:忘了提到我的数据库中有一个“事件”列。
最佳答案
Laravel 5.4/5.5
通过将此函数放置在您的 LoginController 中来覆盖默认的 login() 函数:
public function login(\Illuminate\Http\Request $request) {
$this->validateLogin($request);
// If the class is using the ThrottlesLogins trait, we can automatically throttle
// the login attempts for this application. We'll key this by the username and
// the IP address of the client making these requests into this application.
if ($this->hasTooManyLoginAttempts($request)) {
$this->fireLockoutEvent($request);
return $this->sendLockoutResponse($request);
}
// This section is the only change
if ($this->guard()->validate($this->credentials($request))) {
$user = $this->guard()->getLastAttempted();
// Make sure the user is active
if ($user->active && $this->attemptLogin($request)) {
// Send the normal successful login response
return $this->sendLoginResponse($request);
} else {
// Increment the failed login attempts and redirect back to the
// login form with an error message.
$this->incrementLoginAttempts($request);
return redirect()
->back()
->withInput($request->only($this->username(), 'remember'))
->withErrors(['active' => 'You must be active to login.']);
}
}
// If the login attempt was unsuccessful we will increment the number of attempts
// to login and redirect the user back to the login form. Of course, when this
// user surpasses their maximum number of attempts they will get locked out.
$this->incrementLoginAttempts($request);
return $this->sendFailedLoginResponse($request);
}
建议以这种方式覆盖 login() 方法,而不是这个问题的许多其他答案,因为它允许您仍然使用 Laravel 5.4+ 的许多更高级的身份验证功能,例如登录限制、多个身份验证保护驱动程序/提供程序等,同时仍允许您设置自定义错误消息。
Laravel 5.3
更改或覆盖 AuthController 中的 postLogin() 函数,如下所示:
public function postLogin(Request $request)
{
$this->validate($request, [
'email' => 'required|email', 'password' => 'required',
]);
$credentials = $this->getCredentials($request);
// This section is the only change
if (Auth::validate($credentials)) {
$user = Auth::getLastAttempted();
if ($user->active) {
Auth::login($user, $request->has('remember'));
return redirect()->intended($this->redirectPath());
} else {
return redirect($this->loginPath()) // Change this to redirect elsewhere
->withInput($request->only('email', 'remember'))
->withErrors([
'active' => 'You must be active to login.'
]);
}
}
return redirect($this->loginPath())
->withInput($request->only('email', 'remember'))
->withErrors([
'email' => $this->getFailedLoginMessage(),
]);
}
此代码重定向回登录页面,并显示有关用户处于非事件状态的错误消息。如果您想重定向到身份验证页面,您可以更改我用注释标记的行 将此更改为重定向到其他地方。
关于php - 仅当用户使用 Laravel 处于事件状态时登录,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/31015606/