laravel - Auth(guard) 功能在 laravel 5.6 中不起作用
问题描述
我为(用户、客户端)用户做了多个两种不同的身份验证,这是默认的一种,我为我的管理员维护它。用户默认一个正在工作,但我尝试使用我的前端登录它不工作总是返回此代码(return redirect()->back()->withInput($request->only('email'));
)我不明白我在哪里犯了错误。请帮我解决这个问题。
我附上了我的代码。
验证码
'guards' => [
'web' => [
'driver' => 'session',
'provider' => 'users',
],
'api' => [
'driver' => 'token',
'provider' => 'users',
],
'client' => [
'driver' => 'session',
'provider' => 'clients',
],
'client-api' => [
'driver' => 'token',
'provider' => 'clients',
],
],
'providers' => [
'users' => [
'driver' => 'eloquent',
'model' => App\User::class,
],
'clients' => [
'driver' => 'eloquent',
'model' => App\client::class,
],
// 'users' => [
// 'driver' => 'database',
// 'table' => 'users',
// ],
],
'passwords' => [
'users' => [
'provider' => 'users',
'table' => 'password_resets',
'expire' => 60,
],
'clients' => [
'provider' => 'clients',
'table' => 'password_resets',
'expire' => 60,
],
],
网页.php
Route::namespace('Frontend')->group(function (){
Route::get('/client_login','ClientLoginController@showLogin')->name('Client_Login');
Route::post('/client_login','ClientLoginController@login')->name('Client_Login.submit');
});
client.php(模型)
namespace App;
use Illuminate\Notifications\Notifiable;
use Illuminate\Foundation\Auth\User as Authenticatable;
class client extends Authenticatable
{
use Notifiable;
protected $guard = 'client';
protected $table='clients';
protected $hidden = [
'password', 'remember_token',
];
}
ClientLoginController.php
<?php
namespace App\Http\Controllers\Frontend;
use Illuminate\Http\Request;
use App\Http\Controllers\Controller;
use Illuminate\Support\Facades\Hash;
use Illuminate\Support\Facades\Auth;
class ClientLoginController extends Controller
{
public function __construct()
{
$this->middleware('guest:client');
}
public function showLogin()
{
return view('client_login');
}
public function login(Request $request)
{
if(Auth::guard('client')->attempt(['email'=>$request->email,'password'=>Hash::make($request->password)],$request->remember))
{
return redirect()->intended(route('FrontClient.index'));
}
return redirect()->back()->withInput($request->only('email'));
}
}
解决方案
您将纯文本密码传递给attempt
而不是散列值。您无法对哈希进行精确比较,它们会发生变化。您只能对它们进行“哈希检查”。
->attempt(['email' => ..., 'password' => $request->input('password')], ...)
一个例子说明了为什么你不能直接比较哈希:
$one = bcrypt('test');
// "$2y$10$ZJrZ9av0Uc3dcygOmkpsZ.PjdmUHXojLu.NmI2EnpNS5mpBBX5JvO"
$two = bcrypt('test');
// "$2y$10$0R0phwLB.6T6oQkj5XcvPetQntUxmjivR4ddiEdGPQ4cW0M2fES8C"
$one != $two; // true
推荐阅读
- c++builder - bcc64.exe 如何存储调试信息?
- powershell - 使用批处理脚本触发 powershell 脚本
- sql - SQL:当它是敏感数据时改变默认选择顺序(不带 ORDER BY 子句)
- ruby-on-rails - 下拉列表未显示导轨
- node.js - MEAN 堆栈 mongoDB 示例(猫鼬)
- matlab - 使用 Matlab 读取 GNU Radio 二进制文件进行后处理
- typescript - 升级到 Knockout.js 3.5.0 后,Computed 不可分配给 Observable
- wordpress - Wordpress 不符合速度标准
- null - 为什么 trim(" ") == "" 在 Fortran 中返回 false?
- django-rest-framework - 'QuerySet' 对象在 Model Serializer django rest 中没有属性'phone'