php - 登录尝试成功后 Auth::check() 返回 false
问题描述
我正在尝试制作自定义防护并且我成功了,但是当我尝试使用防护登录时
$this->attemptLogin($request)
返回true
,但之后直接Auth::check()
返回该方法false
/**
* Handle a login request to the application.
*
* @param \Illuminate\Http\Request $request
* @return \Illuminate\Http\RedirectResponse|\Illuminate\Http\Response|\Illuminate\Http\JsonResponse
*
* @throws \Illuminate\Validation\ValidationException
*/
public function login(Request $request)
{
$this->validateLogin($request);
// If the class is using the ThrottlesLogins trait, we can automatically throttle
// the login attempts for this application. We'll key this by the username and
// the IP address of the client making these requests into this application.
if (method_exists($this, 'hasTooManyLoginAttempts') &&
$this->hasTooManyLoginAttempts($request)) {
$this->fireLockoutEvent($request);
return $this->sendLockoutResponse($request);
}
if ($this->attemptLogin($request)) { // Returns true
dd(Auth::check()); // Returns false
return $this->sendLoginResponse($request);
}
// If the login attempt was unsuccessful we will increment the number of attempts
// to login and redirect the user back to the login form. Of course, when this
// user surpasses their maximum number of attempts they will get locked out.
$this->incrementLoginAttempts($request);
return $this->sendFailedLoginResponse($request);
}
使用的模型扩展Illuminate\Foundation\Auth\User
我还覆盖了该getAuthPassword
方法,因为您使用access_code
我还在使用中定义$guard
并为它做了一个保护auth.php
session as the driver
我读过类似的问题,但他们建议应该调用 PKid
和 be auto_increment
。
我确实满足这些条件。
我还覆盖了guard
LoginController 中的方法,它包含该use AuthenticatesUsers;
行
我正在使用 Laravel 6.5.1 版
我也没有收到错误。
以下是整个课程:
登录控制器:
namespace App\Http\Controllers\Auth;
use App\Http\Controllers\Controller;
use Illuminate\Foundation\Auth\AuthenticatesUsers;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\Hash;
class LoginController extends Controller
{
/*
|--------------------------------------------------------------------------
| Login Controller
|--------------------------------------------------------------------------
|
| This controller handles authenticating users for the application and
| redirecting them to your home screen. The controller uses a trait
| to conveniently provide its functionality to your applications.
|
*/
use AuthenticatesUsers;
/**
* Where to redirect users after login.
*
* @var string
*/
protected $redirectTo = '/home';
/**
* Create a new controller instance.
*
* @return void
*/
public function __construct()
{
$this->middleware('guest')->except('logout');
}
/**
* Get the guard to be used during authentication.
*
* @return \Illuminate\Contracts\Auth\StatefulGuard
*/
protected function guard()
{
return Auth::guard("contestant");
}
}
模型:
namespace App;
use Illuminate\Contracts\Auth\MustVerifyEmail;
use Illuminate\Foundation\Auth\User as Authenticatable;
use Illuminate\Notifications\Notifiable;
class Contestants extends Authenticatable
{
use Notifiable;
protected $guard = "contestant";
/**
* The attributes that are mass assignable.
*
* @var array
*/
protected $fillable = [
'first_name','last_name','present','email','phone_number', 'access_code'
];
/**
* The attributes that should be hidden for arrays.
*
* @var array
*/
protected $hidden = [
'access_code'
];
/**
* Get the password for the user.
*
* @return string
*/
public function getAuthPassword()
{
return $this->access_code;
}
}
认证.php:
<?php
return [
/*
|--------------------------------------------------------------------------
| Authentication Defaults
|--------------------------------------------------------------------------
|
| This option controls the default authentication "guard" and password
| reset options for your application. You may change these defaults
| as required, but they're a perfect start for most applications.
|
*/
'defaults' => [
'guard' => 'web',
'passwords' => 'users',
],
/*
|--------------------------------------------------------------------------
| Authentication Guards
|--------------------------------------------------------------------------
|
| Next, you may define every authentication guard for your application.
| Of course, a great default configuration has been defined for you
| here which uses session storage and the Eloquent user provider.
|
| All authentication drivers have a user provider. This defines how the
| users are actually retrieved out of your database or other storage
| mechanisms used by this application to persist your user's data.
|
| Supported: "session", "token"
|
*/
'guards' => [
'web' => [
'driver' => 'session',
'provider' => 'users',
],
'contestant' => [
'driver' => 'session',
'provider' => 'contestant',
],
'api' => [
'driver' => 'token',
'provider' => 'users',
'hash' => false,
],
],
/*
|--------------------------------------------------------------------------
| User Providers
|--------------------------------------------------------------------------
|
| All authentication drivers have a user provider. This defines how the
| users are actually retrieved out of your database or other storage
| mechanisms used by this application to persist your user's data.
|
| If you have multiple user tables or models you may configure multiple
| sources which represent each model / table. These sources may then
| be assigned to any extra authentication guards you have defined.
|
| Supported: "database", "eloquent"
|
*/
'providers' => [
'users' => [
'driver' => 'eloquent',
'model' => App\User::class,
],
'contestant' => [
'driver' => 'eloquent',
'model' => \App\Contestants::class,
],
// 'users' => [
// 'driver' => 'database',
// 'table' => 'users',
// ],
],
/*
|--------------------------------------------------------------------------
| Resetting Passwords
|--------------------------------------------------------------------------
|
| You may specify multiple password reset configurations if you have more
| than one user table or model in the application and you want to have
| separate password reset settings based on the specific user types.
|
| The expire time is the number of minutes that the reset token should be
| considered valid. This security feature keeps tokens short-lived so
| they have less time to be guessed. You may change this as needed.
|
*/
'passwords' => [
'users' => [
'provider' => 'users',
'table' => 'password_resets',
'expire' => 60,
'throttle' => 60,
],
],
/*
|--------------------------------------------------------------------------
| Password Confirmation Timeout
|--------------------------------------------------------------------------
|
| Here you may define the amount of seconds before a password confirmation
| times out and the user is prompted to re-enter their password via the
| confirmation screen. By default, the timeout lasts for three hours.
|
*/
'password_timeout' => 10800,
];
如果您需要更多信息,请随时询问。
解决方案
您的默认守卫是web
. 当您在Auth::...
未指定守卫的情况下调用时,它将使用默认守卫。
在您LoginController
中,您正在定义要用作方法的contestant
防护的防护guard
。你需要检查那个守卫而不是网络守卫。您可以使用从该方法返回的守卫来检查,而不是Auth::check()
:
dd($this->guard()->check());
推荐阅读
- excel - 从Excel中的单元格中删除字母
- reactjs - ReactJS 通过 props 传递对象或每次从数据库中读取性能更高
- php - 在 post 方法中将变量传递到另一个页面
- c# - 在带有 WCF 对象的 Visual Studio QuickWatch 中使用 LINQ
- postgresql - 如何从 PostgreSQL 的 if 语句中触发脚本?
- google-apps-script - GAS:如何转换 [hh].mm.ss 字符串
- r - 当月份是 3 个字符变量时,在 R 中转换为日期的最佳方法?
- ms-access - 访问:如何在文本框的控制源下插入新行?
- excel - 如何使用 Excel VBA 通过基于单元格值/列表的过滤来创建数据透视表?
- python - 函数中的字典值和列表值