php - 给定的角色或权限应该使用guard `web, api` 而不是 `admin`
问题描述
首先,我注册为标准会员。没有角色定义。然后从我创建的面板中。我创建了一个新的用户页面。在这里,我想创建一个新用户并将角色设置为该用户。虽然一切正常,但我得到“ Spatie\Permission\Exceptions\GuardDoesNotMatch The given role or permission should use guardweb, api
而不是admin
. ” 错误。
我在软件中使用了另一个包,护照模块。不知道有没有效果。
首先我的用户模型如下
<?php
namespace App;
use Illuminate\Contracts\Auth\MustVerifyEmail;
use Laravel\Passport\HasApiTokens;
use Illuminate\Foundation\Auth\User as Authenticatable;
use Illuminate\Notifications\Notifiable;
use Spatie\Permission\Traits\HasRoles;
class User extends Authenticatable
{
use HasRoles, HasApiTokens, Notifiable;
/**
* The attributes that are mass assignable.
*
* @var array
*/
protected $fillable = [
'name', 'email', 'password',
];
/**
* The attributes that should be hidden for arrays.
*
* @var array
*/
protected $hidden = [
'password', 'remember_token',
];
/**
* The attributes that should be cast to native types.
*
* @var array
*/
protected $casts = [
'email_verified_at' => 'datetime',
];
}
用户控制器
<?php
namespace App\Http\Controllers\User;
use App\Http\Controllers\Controller;
use App\Providers\RouteServiceProvider;
use App\User;
use Illuminate\Foundation\Auth\RegistersUsers;
use Illuminate\Support\Facades\Hash;
use Illuminate\Support\Facades\Validator;
use RealRashid\SweetAlert\Facades\Alert;
use Illuminate\Http\Request;
use App\DataTables\UsersDataTable;
use Datatables;
use Session;
use DB;
use Auth;
use Spatie\Permission\Models\Role;
use Spatie\Permission\Models\Permission;
class UserController extends Controller
{
// use RegistersUsers;
public function __construct() {
$this->middleware(['auth', 'isAdmin']);
//isAdmin middleware lets only users with a //specific permission permission to access these resources
}
public function index()
{
$roles = Role::all();
return view('panel.users.create')->with(compact('roles'));
}
public function register(Request $data)
{
try {
DB::beginTransaction();
$validatedData = $data->validate([
'name' => ['required', 'string', 'max:255'],
'email' => ['required', 'string', 'email', 'max:255', 'unique:users'],
'password' => ['required', 'string', 'min:6', 'confirmed'],
'roles' => ['required'],
]);
$user = new User;
$user->name = $data->name;
$user->email = $data->email;
$user->password = Hash::make($data['password']);
$user->save();
$roles = $data['roles'];
$role_r = Role::where('id', '=', $roles)->firstOrFail();
$user->assignRole($role_r);
DB::commit();
return redirect()->route('user.list')->withErrors($validatedData)->with('toast_success','New User Added');
}
catch (Exception $e) {
try {
DB::rollBack();
}
catch (Exception $e) {
}
return response([
'error' => true,
'message' => $e->getMessage() . $e->getLine()
]);
}
}
public function list(UsersDataTable $dataTable)
{
return $dataTable->render('panel.users.list');
}
}
管理员中间件
<?php
namespace App\Http\Middleware;
use Closure;
use Illuminate\Support\Facades\Auth;
use App\User;
class AdminMiddleware
{
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
$user = User::all()->count();
if (!($user == 1)) {
if (!Auth::user()->hasPermissionTo('Administer roles & permissions'))
//If user does //not have this permission
{
abort('401');
}
}
return $next($request);
}
}
配置/auth.php
<?php
return [
'defaults' => [
'guard' => 'web',
'passwords' => 'users',
],
'guards' => [
'web' => [
'driver' => 'session',
'provider' => 'users',
],
'api' => [
'driver' => 'passport',
'provider' => 'users',
'hash' => false,
],
],
'providers' => [
'users' => [
'driver' => 'eloquent',
'model' => App\User::class,
],
// 'users' => [
// 'driver' => 'database',
// 'table' => 'users',
// ],
],
'passwords' => [
'users' => [
'provider' => 'users',
'table' => 'password_resets',
'expire' => 60,
'throttle' => 60,
],
],
'password_timeout' => 10800,
];
我在互联网上搜索,但找不到解决方案。你认为我在哪里做错或错了。
解决方案
首先,您必须在 config/auth.php 中定义“admin”角色,如下所示:
'guards' => [
'web' => [
'driver' => 'session',
'provider' => 'users',
],
'api' => [
'driver' => 'token',
'provider' => 'users',
],
'admin' => [
'driver' => 'session',
'provider' => 'admin',
]
],
接下来,您必须为普通用户和管理员制作 2 个模型,如下所示:
class Admin extends Authenticatable
{
// this code will define user's guard
protected $guard = 'admin';
// rest of code
}
class User extends Authenticatable
{
protected $table = 'users';
protected $hidden = [
'password', 'remember_token',
];
// rest of code
}
最后,当用户登录时,您必须使用这两种模型,如下所示:
class LoginController extends Controller
{
protected function attemptLogin(Request $request)
{
$user = \App\Models\User::where([
'email' => $request->email,
'password' => (md5($request->password))
])->first();
if ($user) {
$this->guard()->login($user, $request->has('remember'));
return true;
}
return false;
}
use AuthenticatesUsers;
public function __construct()
{
$this->middleware('guest')->except('logout');
}
}
class AdminLoginController extends Controller
{
protected function guard(){
return Auth::guard('admin');
}
protected function attemptLogin(Request $request)
{
$user = \App\Models\Admin::where([
'email' => $request->email,
'password' => md5($request->password)
])->first();
if ($user) {
$this->guard()->login($user, $request->has('remember'));
return true;
}
return false;
}
use AuthenticatesUsers;
/**
* Create a new controller instance.
*
* @return void
*/
public function __construct()
{
$this->middleware('guest:admin')->except('logout');
}
}
就这样。希望有所帮助
推荐阅读
- libreoffice-calc - 在 OpenOffice Calc 中按字母顺序对单元格进行排序,使其在列中相等
- react-native - EXPO AuthSession 在 Android 设备上返回关闭
- r - R 中的霍特林斯 T2
- java - 计时器,显示在使用 java 中的按钮之前必须等待多少秒
- java - RecyclerView 适配器中的 onBackPressed()
- python - 通过破折号中的数据范围过滤数据
- java - Java 代码将工作簿导出到当前用户 PC 而不是实际的 Web 应用程序主机
- matlab - 如何计算matlab文本文件中每个字母(AZ,az以及'.',','和'')的出现次数?
- python - Python的列表索引超出范围
- python - 在 Python 中比较两个数据框并有条件地捕获随机数据