Laravel 身份验证与雄辩的角色驱动程序

2021-12-26 00:00:00 authentication php laravel eloquent

我正在尝试对我的 Laravel 应用程序中的用户进行身份验证.

I am trying to authenticate users in my Laravel application.

我遇到了以下问题:

  • 在 auth.php 中使用驱动程序数据库:我可以使用 auth::attempt() 登录,并且 auth::check 正在运行,但我无法验证登录用户是否具有特定角色.
  • 在 auth.php 中使用驱动程序 eloquent:我可以使用 auth::attempt() 登录,但 auth::check 不起作用.但是,我可以检查登录用户的角色.
  • using driver database in auth.php: I can login using auth::attempt(), and auth::check is working, but I can't validate if the logged in user has a certain role.
  • using driver eloquent in auth.php: I can login using auth::attempt(), but auth::check is not working. I can however check the role of the logged in user.

编辑(问题):我该如何解决这个问题,以便仅使用一个驱动程序,我就可以进行完整的身份验证和角色检查?

edit (question): How can I fix this so that with only one of the drivers, i can do a complete authentication and role check?

迁移表:

Schema::create('users', function ($table) {
        $table->increments('id');
        $table->integer('group_id')->unsigned();
        $table->string('name', 64);
        $table->string('email', 64)->unique();
        $table->string('username', 64)->unique();
        $table->string('phone', 13);
        $table->string('address', 64);
        $table->boolean('isresponsible');
        $table->string('password', 64);
        $table->rememberToken()->nullable();
    });
Schema::create('roles', function ($table) {
        $table->increments('id');
        $table->string('name');
    });

Schema::create('users_roles', function ($table) {
            $table->integer('user_id')->unsigned();
            $table->integer('role_id')->unsigned();
        }
    );
Schema::table('users_roles', function($table){
        $table->foreign('user_id')->references('id')->on('users')->onDelete('cascade');
        $table->foreign('role_id')->references('id')->on('roles');
    });

模型类用户

<?php
use IlluminateAuthUserTrait;`
use IlluminateAuthUserInterface;`
use IlluminateAuthRemindersRemindableTrait;
use IlluminateAuthRemindersRemindableInterface;

class User extends Eloquent implements UserInterface, RemindableInterface {


use UserTrait, RemindableTrait;

/**
 * The database table used by the model.
 *
 * @var string
 */
protected $table = 'users';
public $timestamps = false;

public static $rules = ['name' => 'required', 'group_id' => 'required', 'email' => 'required', 'phone' => 'required'];
protected $fillable = ['name', 'group_id', 'email', 'phone', 'address', 'isresponsible', 'password'];

/**
 * The attributes excluded from the model's JSON form.
 *
 * @var array
 */
protected $hidden = array('password', 'remember_token');

public function group()
{
    return $this->belongsTo('Group');
}

public function userroles(){
    return $this->hasMany('Userrole');
}

public function roles()
{
    return $this->belongsToMany('Role', 'users_roles');
}

public function hasRole($check)
{
    dd($this->roles->toArray());
    return in_array($check, array_fetch($this->roles->toArray(), 'name'));
}

public function setBasicPassword($id){
    $user = User::find($id);
    $user->password = Hash::make('changeme');
    $user->save();
}

public function isValid()
{
    $validation = Validator::make($this->attributes, static::$rules);
    if ($validation->passes()) return true;
    $this->messages = $validation->messages();
    return false;
}


/**
 * Get the e-mail address where password reminders are sent.
 *
 * @return string
 */
public function getReminderEmail()
{
    // TODO: Implement getReminderEmail() method.
}

/**
 * Get the unique identifier for the user.
 *
 * @return mixed
 */
public function getAuthIdentifier()
{
    return $this->email;
}

/**
 * Get the password for the user.
 *
 * @return string
 */
public function getAuthPassword()
{
    return $this->password;
}

/**
 * Get the token value for the "remember me" session.
 *
 * @return string
 */
public function getRememberToken()
{
    return $this->remember_token;
}

public function setRememberToken($value)
{
    $this->remember_token = $value;
}

public function getRememberTokenName()
{
    return 'remember_token';
}
}

模型类角色

class Role extends Eloquent
{

protected $table = 'roles';
public $timestamps = false;

public static $rules = ['role_id' => 'required', 'name' => 'required'];
protected $fillable = ['name'];

/**
 * Get users with a certain role
 */
public function userroles()
{
    return $this->belongsToMany('User', 'users_roles');
}
}

HomeController 认证功能

HomeController authentication function

 public function authenticate(){
    $rules = array(
        'email'    => 'required|email',
        'password' => 'required|alphaNum|min:3'
    );
    $validator = Validator::make(Input::all(), $rules);
    if ($validator->fails()) {
        return Redirect::to('login')
            ->withErrors($validator)
            ->withInput(Input::except('password'));
    } else {
        $userdata = array(
            'email' => Input::get('email'),
            'password' => Input::get('password')
        );
        if (Auth::attempt($userdata, true)) {
            return Redirect::action('HomeController@index');

        } else {
            return Redirect::action('HomeController@login')->withInput();
        }
    }
}

使用数据库驱动程序
- auth:attempt() 和 auth::check 正在工作

USING THE DATABASE DRIVER
- auth:attempt() and auth::check are working

$this->beforeFilter('admin', ['only' => ['index']]); //filter in controller
//filter in filters;php
Route::filter('admin', function()
{
if(!Auth::check()) return Redirect::action('HomeController@index');
if(!Auth::user()->hasRole('admin')) return View::make('errors.401');
});

这会因调用未定义的方法 IlluminateAuthGenericUser::hasRole()"而失败

This fails with 'Call to undefined method IlluminateAuthGenericUser::hasRole()'

EDIT 数据库 驱动程序返回一个 GenericUser 对象,我需要自己的 User 对象.不知道哪里可以改.

EDIT The database driver return a GenericUser Object, and I need my own User object. Don't know where I can change this.

解决方法:我不想使用这个,丑陋的代码和过滤器(或视图)不应该需要这样做

Workaround:I'd rather not use this, ugly code and filters (or views) should not need to do this

Route::filter('admin', function()
{
    if(!Auth::check()) return Redirect::action('HomeController@index');
    $user = User::find((Auth::user()->id));
    if(!$user->hasRole('admin')){ return View::make('errors.401');}
});

使用 ELOQUENT 驱动程序

USING THE ELOQUENT DRIVER

  • auth::attempt() 成功
  • auth::check() 失败
  • 过滤器没有错误

推荐答案

问题在于您对 getAuthIdentifier() 的实现.此方法实际上应该返回表的主键,而不是用于登录的用户名.

The problem is your implementation of getAuthIdentifier(). This method should actually return the primary key of your table and not the username that's used for logging in.

所以你的应该是这样的:

So yours should look like this:

public function getAuthIdentifier(){
    return $this->id;
}

或者实际上,我建议您多清理一下模型,因为所有 getSomeAuthStuff 方法都在两个特征中实现.

Or actually, I recommend you clean up your model a bit more since all of the getSomeAuthStuff methods are implemented in the two traits.

使用 github 上的默认模型一个基础并添加所有自定义代码(角色方法、规则等)

Use the default model on github as a base and add all your custom code (roles methods, rules etc)

getAuthIdentifier() 返回的值将存储在会话中.
之后使用 check() 时,将在 UserProvider 上调用 retrieveById.而 EloquentUserProvider 就是这样做的:

The value returned from getAuthIdentifier() will be stored in the session.
When using check() afterwards, retrieveById will be called on the UserProvider. And the EloquentUserProvider does this:

public function retrieveById($identifier)
{
    return $this->createModel()->newQuery()->find($identifier);
}

它使用 find() 它通过它的主键(通常是 id)搜索模型

It uses find() which searches for the model by it's primary key (usually id)

相关文章