php - 我如何在 Laravel Auth::attempt 中使用条件参数？

Question

使用 Laravel 4.1.30 我得到了以下代码，它测试了通过 Auth 的登录尝试。

//... more codes here ...

$auth = Auth::attempt(array(
    'email'     => Input::get('email'),
    'password'  => Input::get('password'),
    'active'    => 1
), $remember);

if ($auth) {
    //... more codes here ...
}

我喜欢实现一个条件值，例如:

->active > 0

我使用 active(字段)作为登录用户的身份验证级别。任何高于 0(零)的值都应满足下一个条件。

如何在一条语句中完成？

Answer 1

tl;dr

您不能在传递给 Auth::attempt() 的数组中执行此操作，因为在框架中它被硬编码为在生成的查询中使用相等比较。

全面回顾

框架实现

attempt()函数在Illuminate/Auth/Guard.php中实现。

public function attempt(array $credentials = array(), $remember = false, $login = true)
{
    $this->fireAttemptEvent($credentials, $remember, $login);

    $this->lastAttempted = $user = $this->provider->retrieveByCredentials($credentials);

    // If an implementation of UserInterface was returned, we'll ask the provider
    // to validate the user against the given credentials, and if they are in
    // fact valid we'll log the users into the application and return true.
    if ($this->hasValidCredentials($user, $credentials))
    {
        if ($login) $this->login($user, $remember);

        return true;
    }

    return false;
}

在这里您可以看到对 $this->provider->retrieveByCredentials($credentials); 的调用。 retrieveByCredentials() 函数在 Illuminate/Auth/DatabaseUserProvider.php 中实现。

public function retrieveByCredentials(array $credentials)
{
    // First we will add each credential element to the query as a where clause.
    // Then we can execute the query and, if we found a user, return it in a
    // generic "user" object that will be utilized by the Guard instances.
    $query = $this->conn->table($this->table);

    foreach ($credentials as $key => $value)
    {
        if ( ! str_contains($key, 'password'))
        {
            $query->where($key, $value);
        }
    }

    // Now we are ready to execute the query to see if we have an user matching
    // the given credentials. If not, we will just return nulls and indicate
    // that there are no matching users for these given credential arrays.
    $user = $query->first();

    if ( ! is_null($user))
    {
        return new GenericUser((array) $user);
    }
}

在这里您可以看到您传递给 Auth::attempt() 的数组在 foreach 中处理，并且每个键值对都作为 添加>WHERE 子句到查询。因为它是通过 $query->where($key, $value); 调用完成的，所以它仅限于相等比较。

可能的解决方案

解决方法是将此行更改为类似以下内容:

$query->where($key, $value['operator'], $value['value']);

然后你可以重组给 Auth::attempt() 的数组。

$auth = Auth::attempt(array(
    'email' => array(
        'value'    => Input::get('email'),
        'operator' => '='
    ),
    'password' => array(
        'value'    => Input::get('password'),
        'operator' => '='
    ),
    'active' => array(
        'value'    => 0,
        'operator' => '>'
    )
), $remember);

问题在于您必须重写所有其他使用此数组的函数，因此您最终会得到一个自定义解决方案。通过这种努力，您可以编写自己的身份验证查询或在 Auth::attempt() 之后检查 active。