二 laravel blog Auth前后台登录的后台理解

因为时间有限就不展示自己前台代码的书写，就是想巩固一下自己对Auth后台的理解

在RouteServriceProvider区分一下前后台路由代码` public function map()
{
$this->mapApiRoutes();

    $this->homeRoutes();

    $this->adminRoutes();
    //
}

/**
 * Define the "web" routes for the application.
 *
 * These routes all receive session state, CSRF protection, etc.
 *
 * @return void
 *
 * 前台路由
 */
protected function homeRoutes()
{
    Route::middleware('web')
         ->namespace($this->namespace.'\Home')
         ->group(base_path('routes/home.php'));
}
/*
 * 后台路由
 */
protected function adminRoutes()
{
    Route::middleware('web')
        ->namespace($this->namespace.'\Admin')
        ->group(base_path('routes/admin.php'));
}
/**
 * Define the "api" routes for the application.
 *
 * These routes are typically stateless.
 *
 * @return void
 */
protected function mapApiRoutes()
{
    Route::prefix('api')
         ->middleware('api')
         ->namespace($this->namespace)
         ->group(base_path('routes/api.php'));
}`

然后在config auth下注册guard（‘admin’）

  'guards' => [
        'web' => [
            'driver' => 'session',
            'provider' => 'users',
        ],
        'admin' => [
            'driver' => 'session',
            'provider' => 'admins',
        ],

        'api' => [
            'driver' => 'token',
            'provider' => 'users',
        ],
    ],
    'providers' => [
        'users' => [
            'driver' => 'eloquent',
            'model' => App\User::class,
        ],
        'admins' => [
            'driver' => 'eloquent',
            'model' => App\Admin::class,
        ],
        // 'users' => [
        //     'driver' => 'database',
        //     'table' => 'users',
        // ],
    ],

仿User创建Admin model层` use Notifiable;

/**
 * The attributes that are mass assignable.
 *
 * @var array
 */
protected $fillable = [
    'name', 'password',
];

/**
 * The attributes that should be hidden for arrays.
 *
 * @var array
 */
protected $hidden = [
    'password', 'remember_token',
];`

迁移文件填充数据就不展示了

class LoginController extends Controller
{
    /*
   |--------------------------------------------------------------------------
   | Login Controller
   |--------------------------------------------------------------------------
   |
   | This controller handles authenticating users for the application and
   | redirecting them to your home screen. The controller uses a trait
   | to conveniently provide its functionality to your applications.
   |
   */

    use AuthenticatesUsers;

    /**
     * Where to redirect users after login.
     *
     * @var string
     */
    protected $redirectTo = '/admin';

    /**
     * Create a new controller instance.
     *
     * @return void
     */
     //我这里是更改了中间件判断当前用户是否认证通过，如果是admin的话跳转到/admin，就以注释的方式展示
//    public function handle($request, Closure $next, $guard = null)
    //{
    //    if (Auth::guard($guard)->check()) {
      //      return redirect($guard == 'admin' ? '/admin' : '/home');
      //  }
   //     return $next($request);
  //  }
//}

//
//
   public function __construct()
    {
        $this->middleware('guest:admin')->except('logout');
    }
    /*
     * 显示后台登录模板
     *
     */
    public function showLoginForm()
     {
         return view('admin.login');
     }
     /*
      * 验证name字段
      */
    public function username()
    {
        return 'name';
    }

    /*
     * 生成guard（‘admin’）
     */
    protected function guard()
    {
        return auth()->guard('admin');
    }
    /*
     * 验证表单
     */
    protected function validateLogin(Request $request)
    {
        $this->validate($request, [
            $this->username() => 'required|string|max:6',
            'password' => 'required|string|max:6',
        ],[
            $this->username().'required'=>'账号必须填写',
            $this->username().'string'=>'账号必须填写字符串',
            $this->username().'max'=>'账号不大于6位',
            'password.required'=>'密码必须填写',
            'password.string'=>'密码必须填写字符串',
            'password.max'=>'密码不大于6位',
        ]);

    }
    //重写提交登录失败信息
    protected function sendFailedLoginResponse(Request $request)
    {

        $name = $request->name;
        $user=Admin::where('name',$name)->first();
        if(empty($user))
        {
            throw ValidationException::withMessages([
                'name'=>'没有此用户'
            ]);
            return false;
        }
        if (!Hash::check($request->password, $user->password)) {
            throw ValidationException::withMessages([
                'password'=>'密码错误'
            ]);
            return false;
        }

    }
    //用户通过身份认证
    protected function sendLoginResponse(Request $request)
    {

      // 设置记住我的时间为60分钟
        $rememberTokenExpireMinutes = 60;
        // 首先获取 记住我 这个 Cookie 的名字, 这个名字一般是随机生成的,
        // 类似 remember_admin_59ba36addc2b2f9401580f014c7f58ea4e30989d
        $rememberTokenName = Auth::guard('admin')->getRecallerName();
        // 再次设置一次这个 Cookie 的过期时间
        Cookie::queue($rememberTokenName, Cookie::get($rememberTokenName), $rememberTokenExpireMinutes);
        // 下面的代码是从 AuthenticatesUsers 中的 sendLoginResponse() 直接复制而来
        $request->session()->regenerate();

        $this->clearLoginAttempts($request);

        return $this->authenticated($request, $this->guard()->user())
            ?: redirect()->intended($this->redirectPath());

    }

    protected function authenticated(Request $request, $user)
    {

        info('测试日志');
//        return response()->json(['msg'=>200]);
    }

}

我们还要防止用户直接跳过登录访问别的页面
app下的Exceptions/Handler.php//前后端未登录的跳转 protected function unauthenticated($request, AuthenticationException $exception) { if (in_array('admin', $exception->guards())) { return $request->expectsJson() ? response()->json(['msg'=>'用户未登录'], 401) : redirect()->guest(url('admin/login')); } return $request->expectsJson() ? response()->json(['msg'=>'用户未登录'], 401) : redirect()->guest(route('login')); } }
ok然后在路由加个中间件