php - 在 laravel 中为 Controller 添加中间件

Question

在 laravel 5.3 及以上版本中，过滤器的概念已经消失，取而代之的是使用中间件。我已经将我的项目从 laravel 4 迁移到 5.4。

我想修改 DeviceLoginController，当我没有登录时它必须刷新到登录页面。其他细节可以在 Controller 页面中看到。

问题: Controller 页面无用，因为即使我没有登录，任何人都可以访问此页面，并且任何人都可以填写任何内容。从 2 天开始，我一直在尝试解决这个问题，但我仍然不知所措。

DeviceLoginController 页面如下所示:

    <?php

    namespace App\Http\Controllers;
    use App\Http\Controllers\BaseController;
    use Auth;
    use Format;
    use Input;
    use DB;
    use Session;
    use Validator;
    use Hash;
    use Redirect;
    use User;
    use App\Models\License;
    use App\Models\LicenseCount;
    use App\Models\Manufacturer;
    use App\Models\DeviceModel as Model;
    use App\Models\Device;
    use App\Models\Application;

    class DeviceLoginController extends BaseController {

     /**
     * Create a new controller instance.
     *
     * @return void
     */
    public function __construct()
    {
       $this->middleware('auth');
    }


    public function attempt() 
    {
        $username = Format::ltr(Input::get("username"));
        $device_key = Input::get("device_key");
        $imei = Format::ltr(Input::get('imei'));
        $model = Format::utr(Input::get('model'));
        $manufacturer = Format::utr(Input::get('manufacturer'));
        $app_code = Format::ltr(Input::get('app_code'));

        $user = User::where('username', $username)->first();
        if(!Hash::check($device_key, $user->device_key)) {
            Event::fire('auth.login.fail', array($username, Request::getClientIp(), time()));
            die("1");
        }
        Auth::loginUsingId($user->id);

        // check if device is already registered under given user for given app
        $license = License::where('device_imei', $imei)->where('app_code', $app_code)->where('user_username', $username);

        // if device isn't registered, first check if device is registered by different user. If not, check if licenses are available or not with the user to register new device
        if(!$license->count()) {

            // checking if licenses are available or not
            $license_count = LicenseCount::where('user_username', $username)->where('app_code', $app_code)->first();
            // if licenses are left, register the device
            if((int) $license_count['left']) {
                $manufacturer = Manufacturer::firstOrCreate(array('name' => $manufacturer));
                $model = Model::firstOrCreate(array('name' => $model, 'manufacturer_code' => $manufacturer->code));
                $device = Device::where('imei', $imei)->first();
                if(!$device) {
                    $device = Device::firstOrCreate(array('imei' => $imei, 'model_code' => $model->code));
                }
                License::create(array('device_imei' => $imei, 'app_code' => $app_code, "user_username" => $username, "expiry_date" => date("Y-m-d H:i:s", strtotime("+1 year"))));

                $license_count->left = Format::itr($license_count->left) - 1;
                $license_count->save();
            } else {
                // Prints 3, if the device is not registered and user has no more licenses left for the given app
                die("3");
            }
            // Prints 2, if the device was not previously registered and it is now registered under given user for given app
            Session::put('login_response', '2');
        } else {
            // Prints 0, if device is already registered under given user for given app
            Session::put('login_response', '0');
        }

    }
}

我的authenticate.php 文件如下所示

<?php

namespace Illuminate\Auth\Middleware;

use Closure;
use Illuminate\Auth\AuthenticationException;
use Illuminate\Contracts\Auth\Factory as Auth;

class Authenticate
{
    /**
     * The authentication factory instance.
     *
     * @var \Illuminate\Contracts\Auth\Factory
     */
    protected $auth;

    /**
     * Create a new middleware instance.
     *
     * @param  \Illuminate\Contracts\Auth\Factory  $auth
     * @return void
     */
    public function __construct(Auth $auth)
    {
        $this->auth = $auth;
    }

    /**
     * Handle an incoming request.
     *
     * @param  \Illuminate\Http\Request  $request
     * @param  \Closure  $next
     * @param  string[]  ...$guards
     * @return mixed
     *
     * @throws \Illuminate\Auth\AuthenticationException
     */
    public function handle($request, Closure $next, $guards=null)
    {
        if($this->auth ->guest())
        {
            if($request->ajax())
            {
                return response('unauthorized',401);
            }
            else
            {
                return redirect()->guest('login');
            }
        }
        //$this->authenticate($guards);

        return $next($request);
    }

    /**
     * Determine if the user is logged in to any of the given guards.
     *
     * @param  array  $guards
     * @return void
     *
     * @throws \Illuminate\Auth\AuthenticationException
     */
    protected function authenticate(array $guards)
    {
        if (empty($guards)) {
            return $this->auth->authenticate();
        }

        foreach ($guards as $guard) {
            if ($this->auth->guard($guard)->check()) {
                return $this->auth->shouldUse($guard);
            }
        }

        throw new AuthenticationException('Unauthenticated.', $guards);
    }
}

我是 Laravel 的新手，如果我问了一些愚蠢的问题，请原谅我。我不知道在这一点上该怎么做。如果我需要添加其他文件，请帮助并告诉我。

Answer 1

很高兴您已经迁移到 Laravel 5.4。但是，我建议您先阅读文档或观看 Laravel 5.4 from Scratch 系列。

对于您的问题，您需要将调用 Controller 功能的路由放在“auth”中间件下。 Laravel 开箱即用地提供了这个中间件。如果用户未登录并调用该路由，您可以将路由更改为将用户重定向到的位置。

请通过documentation为此。

假设你的路由是 'admin/profile' 并且你已经在 web.php 路由文件中定义了它，你可以向它添加一个中间件，如图所示(从 DOC 中选择这个例子。)

Route::get('admin/profile', function () {
    //
})->middleware('auth');

要将多个路由放在同一个中间件下，可以使用路由组。