問題描述

我正在嘗試對我的 Laravel 應用程序中的用戶進行身份驗證.

I am trying to authenticate users in my Laravel application.

我遇到了以下問題:

• 在 auth.php 中使用驅動程序數據庫:我可以使用 auth::attempt() 登錄，并且 auth::check 正在運行，但我無法驗證登錄用戶是否具有特定角色.
• 在 auth.php 中使用驅動程序 eloquent:我可以使用 auth::attempt() 登錄，但 auth::check 不起作用.但是，我可以檢查登錄用戶的角色.

• using driver database in auth.php: I can login using auth::attempt(), and auth::check is working, but I can't validate if the logged in user has a certain role.
• using driver eloquent in auth.php: I can login using auth::attempt(), but auth::check is not working. I can however check the role of the logged in user.

編輯(問題):我該如何解決這個問題，以便僅使用一個驅動程序，我就可以進行完整的身份驗證和角色檢查?

edit (question): How can I fix this so that with only one of the drivers, i can do a complete authentication and role check?

遷移表:

Schema::create('users', function ($table) {
        $table->increments('id');
        $table->integer('group_id')->unsigned();
        $table->string('name', 64);
        $table->string('email', 64)->unique();
        $table->string('username', 64)->unique();
        $table->string('phone', 13);
        $table->string('address', 64);
        $table->boolean('isresponsible');
        $table->string('password', 64);
        $table->rememberToken()->nullable();
    });
Schema::create('roles', function ($table) {
        $table->increments('id');
        $table->string('name');
    });

Schema::create('users_roles', function ($table) {
            $table->integer('user_id')->unsigned();
            $table->integer('role_id')->unsigned();
        }
    );
Schema::table('users_roles', function($table){
        $table->foreign('user_id')->references('id')->on('users')->onDelete('cascade');
        $table->foreign('role_id')->references('id')->on('roles');
    });

模型類用戶

<?php
use IlluminateAuthUserTrait;`
use IlluminateAuthUserInterface;`
use IlluminateAuthRemindersRemindableTrait;
use IlluminateAuthRemindersRemindableInterface;

class User extends Eloquent implements UserInterface, RemindableInterface {


use UserTrait, RemindableTrait;

/**
 * The database table used by the model.
 *
 * @var string
 */
protected $table = 'users';
public $timestamps = false;

public static $rules = ['name' => 'required', 'group_id' => 'required', 'email' => 'required', 'phone' => 'required'];
protected $fillable = ['name', 'group_id', 'email', 'phone', 'address', 'isresponsible', 'password'];

/**
 * The attributes excluded from the model's JSON form.
 *
 * @var array
 */
protected $hidden = array('password', 'remember_token');

public function group()
{
    return $this->belongsTo('Group');
}

public function userroles(){
    return $this->hasMany('Userrole');
}

public function roles()
{
    return $this->belongsToMany('Role', 'users_roles');
}

public function hasRole($check)
{
    dd($this->roles->toArray());
    return in_array($check, array_fetch($this->roles->toArray(), 'name'));
}

public function setBasicPassword($id){
    $user = User::find($id);
    $user->password = Hash::make('changeme');
    $user->save();
}

public function isValid()
{
    $validation = Validator::make($this->attributes, static::$rules);
    if ($validation->passes()) return true;
    $this->messages = $validation->messages();
    return false;
}


/**
 * Get the e-mail address where password reminders are sent.
 *
 * @return string
 */
public function getReminderEmail()
{
    // TODO: Implement getReminderEmail() method.
}

/**
 * Get the unique identifier for the user.
 *
 * @return mixed
 */
public function getAuthIdentifier()
{
    return $this->email;
}

/**
 * Get the password for the user.
 *
 * @return string
 */
public function getAuthPassword()
{
    return $this->password;
}

/**
 * Get the token value for the "remember me" session.
 *
 * @return string
 */
public function getRememberToken()
{
    return $this->remember_token;
}

public function setRememberToken($value)
{
    $this->remember_token = $value;
}

public function getRememberTokenName()
{
    return 'remember_token';
}
}

模型類角色

class Role extends Eloquent
{

protected $table = 'roles';
public $timestamps = false;

public static $rules = ['role_id' => 'required', 'name' => 'required'];
protected $fillable = ['name'];

/**
 * Get users with a certain role
 */
public function userroles()
{
    return $this->belongsToMany('User', 'users_roles');
}
}

HomeController 認證功能

HomeController authentication function

 public function authenticate(){
    $rules = array(
        'email'    => 'required|email',
        'password' => 'required|alphaNum|min:3'
    );
    $validator = Validator::make(Input::all(), $rules);
    if ($validator->fails()) {
        return Redirect::to('login')
            ->withErrors($validator)
            ->withInput(Input::except('password'));
    } else {
        $userdata = array(
            'email' => Input::get('email'),
            'password' => Input::get('password')
        );
        if (Auth::attempt($userdata, true)) {
            return Redirect::action('HomeController@index');

        } else {
            return Redirect::action('HomeController@login')->withInput();
        }
    }
}

使用數據庫驅動程序
- auth:attempt() 和 auth::check 正在工作

USING THE DATABASE DRIVER
- auth:attempt() and auth::check are working

$this->beforeFilter('admin', ['only' => ['index']]); //filter in controller
//filter in filters;php
Route::filter('admin', function()
{
if(!Auth::check()) return Redirect::action('HomeController@index');
if(!Auth::user()->hasRole('admin')) return View::make('errors.401');
});

這會因調用未定義的方法 IlluminateAuthGenericUser::hasRole()"而失敗

This fails with 'Call to undefined method IlluminateAuthGenericUser::hasRole()'

EDIT 數據庫 驅動程序返回一個 GenericUser 對象，我需要自己的 User 對象.不知道哪里可以改.

EDIT The database driver return a GenericUser Object, and I need my own User object. Don't know where I can change this.

解決方法:我不想使用這個，丑陋的代碼和過濾器(或視圖)不應該需要這樣做

Workaround:I'd rather not use this, ugly code and filters (or views) should not need to do this

Route::filter('admin', function()
{
    if(!Auth::check()) return Redirect::action('HomeController@index');
    $user = User::find((Auth::user()->id));
    if(!$user->hasRole('admin')){ return View::make('errors.401');}
});

使用 ELOQUENT 驅動程序

USING THE ELOQUENT DRIVER

• auth::attempt() 成功
• auth::check() 失敗
• 過濾器沒有錯誤

推薦答案

問題在于您對 getAuthIdentifier() 的實現.此方法實際上應該返回表的主鍵，而不是用于登錄的用戶名.

The problem is your implementation of getAuthIdentifier(). This method should actually return the primary key of your table and not the username that's used for logging in.

所以你的應該是這樣的:

So yours should look like this:

public function getAuthIdentifier(){
    return $this->id;
}

或者實際上，我建議您多清理一下模型，因為所有 getSomeAuthStuff 方法都在兩個特征中實現.

Or actually, I recommend you clean up your model a bit more since all of the getSomeAuthStuff methods are implemented in the two traits.

使用 github 上的默認模型一個基礎并添加所有自定義代碼(角色方法、規則等)

Use the default model on github as a base and add all your custom code (roles methods, rules etc)

getAuthIdentifier() 返回的值將存儲在會話中.
之后使用 check() 時，將在 UserProvider 上調用 retrieveById.而 EloquentUserProvider 就是這樣做的:

The value returned from getAuthIdentifier() will be stored in the session.
When using check() afterwards, retrieveById will be called on the UserProvider. And the EloquentUserProvider does this:

public function retrieveById($identifier)
{
    return $this->createModel()->newQuery()->find($identifier);
}

它使用 find() 它通過它的主鍵(通常是 id)搜索模型

It uses find() which searches for the model by it's primary key (usually id)

這篇關于Laravel 身份驗證與雄辯的角色驅動程序的文章就介紹到這了，希望我們推薦的答案對大家有所幫助，也希望大家多多支持html5模板網！