Laravel 身份验证与雄辩的角色驱动程序
我正在尝试对我的 Laravel 应用程序中的用户进行身份验证.
I am trying to authenticate users in my Laravel application.
我遇到了以下问题:
- 在 auth.php 中使用驱动程序数据库:我可以使用 auth::attempt() 登录,并且 auth::check 正在运行,但我无法验证登录用户是否具有特定角色.
- 在 auth.php 中使用驱动程序 eloquent:我可以使用 auth::attempt() 登录,但 auth::check 不起作用.但是,我可以检查登录用户的角色.
- using driver database in auth.php: I can login using auth::attempt(), and auth::check is working, but I can't validate if the logged in user has a certain role.
- using driver eloquent in auth.php: I can login using auth::attempt(), but auth::check is not working. I can however check the role of the logged in user.
编辑(问题):我该如何解决这个问题,以便仅使用一个驱动程序,我就可以进行完整的身份验证和角色检查?
edit (question): How can I fix this so that with only one of the drivers, i can do a complete authentication and role check?
迁移表:
Schema::create('users', function ($table) {
$table->increments('id');
$table->integer('group_id')->unsigned();
$table->string('name', 64);
$table->string('email', 64)->unique();
$table->string('username', 64)->unique();
$table->string('phone', 13);
$table->string('address', 64);
$table->boolean('isresponsible');
$table->string('password', 64);
$table->rememberToken()->nullable();
});
Schema::create('roles', function ($table) {
$table->increments('id');
$table->string('name');
});
Schema::create('users_roles', function ($table) {
$table->integer('user_id')->unsigned();
$table->integer('role_id')->unsigned();
}
);
Schema::table('users_roles', function($table){
$table->foreign('user_id')->references('id')->on('users')->onDelete('cascade');
$table->foreign('role_id')->references('id')->on('roles');
});
模型类用户
<?php
use IlluminateAuthUserTrait;`
use IlluminateAuthUserInterface;`
use IlluminateAuthRemindersRemindableTrait;
use IlluminateAuthRemindersRemindableInterface;
class User extends Eloquent implements UserInterface, RemindableInterface {
use UserTrait, RemindableTrait;
/**
* The database table used by the model.
*
* @var string
*/
protected $table = 'users';
public $timestamps = false;
public static $rules = ['name' => 'required', 'group_id' => 'required', 'email' => 'required', 'phone' => 'required'];
protected $fillable = ['name', 'group_id', 'email', 'phone', 'address', 'isresponsible', 'password'];
/**
* The attributes excluded from the model's JSON form.
*
* @var array
*/
protected $hidden = array('password', 'remember_token');
public function group()
{
return $this->belongsTo('Group');
}
public function userroles(){
return $this->hasMany('Userrole');
}
public function roles()
{
return $this->belongsToMany('Role', 'users_roles');
}
public function hasRole($check)
{
dd($this->roles->toArray());
return in_array($check, array_fetch($this->roles->toArray(), 'name'));
}
public function setBasicPassword($id){
$user = User::find($id);
$user->password = Hash::make('changeme');
$user->save();
}
public function isValid()
{
$validation = Validator::make($this->attributes, static::$rules);
if ($validation->passes()) return true;
$this->messages = $validation->messages();
return false;
}
/**
* Get the e-mail address where password reminders are sent.
*
* @return string
*/
public function getReminderEmail()
{
// TODO: Implement getReminderEmail() method.
}
/**
* Get the unique identifier for the user.
*
* @return mixed
*/
public function getAuthIdentifier()
{
return $this->email;
}
/**
* Get the password for the user.
*
* @return string
*/
public function getAuthPassword()
{
return $this->password;
}
/**
* Get the token value for the "remember me" session.
*
* @return string
*/
public function getRememberToken()
{
return $this->remember_token;
}
public function setRememberToken($value)
{
$this->remember_token = $value;
}
public function getRememberTokenName()
{
return 'remember_token';
}
}
模型类角色
class Role extends Eloquent
{
protected $table = 'roles';
public $timestamps = false;
public static $rules = ['role_id' => 'required', 'name' => 'required'];
protected $fillable = ['name'];
/**
* Get users with a certain role
*/
public function userroles()
{
return $this->belongsToMany('User', 'users_roles');
}
}
HomeController 认证功能
HomeController authentication function
public function authenticate(){
$rules = array(
'email' => 'required|email',
'password' => 'required|alphaNum|min:3'
);
$validator = Validator::make(Input::all(), $rules);
if ($validator->fails()) {
return Redirect::to('login')
->withErrors($validator)
->withInput(Input::except('password'));
} else {
$userdata = array(
'email' => Input::get('email'),
'password' => Input::get('password')
);
if (Auth::attempt($userdata, true)) {
return Redirect::action('HomeController@index');
} else {
return Redirect::action('HomeController@login')->withInput();
}
}
}
使用数据库驱动程序
- auth:attempt() 和 auth::check 正在工作
USING THE DATABASE DRIVER
- auth:attempt() and auth::check are working
$this->beforeFilter('admin', ['only' => ['index']]); //filter in controller
//filter in filters;php
Route::filter('admin', function()
{
if(!Auth::check()) return Redirect::action('HomeController@index');
if(!Auth::user()->hasRole('admin')) return View::make('errors.401');
});
这会因调用未定义的方法 IlluminateAuthGenericUser::hasRole()"而失败
This fails with 'Call to undefined method IlluminateAuthGenericUser::hasRole()'
EDIT 数据库 驱动程序返回一个 GenericUser 对象,我需要自己的 User 对象.不知道哪里可以改.
EDIT The database driver return a GenericUser Object, and I need my own User object. Don't know where I can change this.
解决方法:我不想使用这个,丑陋的代码和过滤器(或视图)不应该需要这样做
Workaround:I'd rather not use this, ugly code and filters (or views) should not need to do this
Route::filter('admin', function()
{
if(!Auth::check()) return Redirect::action('HomeController@index');
$user = User::find((Auth::user()->id));
if(!$user->hasRole('admin')){ return View::make('errors.401');}
});
使用 ELOQUENT 驱动程序
USING THE ELOQUENT DRIVER
- auth::attempt() 成功
- auth::check() 失败
- 过滤器没有错误
推荐答案
问题在于您对 getAuthIdentifier()
的实现.此方法实际上应该返回表的主键,而不是用于登录的用户名.
The problem is your implementation of getAuthIdentifier()
. This method should actually return the primary key of your table and not the username that's used for logging in.
所以你的应该是这样的:
So yours should look like this:
public function getAuthIdentifier(){
return $this->id;
}
或者实际上,我建议您多清理一下模型,因为所有 getSomeAuthStuff
方法都在两个特征中实现.
Or actually, I recommend you clean up your model a bit more since all of the getSomeAuthStuff
methods are implemented in the two traits.
使用 github 上的默认模型一个基础并添加所有自定义代码(角色方法、规则等)
Use the default model on github as a base and add all your custom code (roles methods, rules etc)
getAuthIdentifier()
返回的值将存储在会话中.
之后使用 check()
时,将在 UserProvider
上调用 retrieveById
.而 EloquentUserProvider
就是这样做的:
The value returned from getAuthIdentifier()
will be stored in the session.
When using check()
afterwards, retrieveById
will be called on the UserProvider
. And the EloquentUserProvider
does this:
public function retrieveById($identifier)
{
return $this->createModel()->newQuery()->find($identifier);
}
它使用 find()
它通过它的主键(通常是 id
)搜索模型
It uses find()
which searches for the model by it's primary key (usually id
)
相关文章