laravel中的Auth認證：

簡介

Laravel 5.3 的 Auth 認證在 5.2 的基礎上又有一些改變，本文說明如何在 Laravel 5.3 下做不同用戶表的登錄認證。

Auth 認證原理簡述

Laravel 的認證是使用 guard 與 provider 配合完成， guard 負責認證的業務邏輯，認證信息的服務端保存等； provider負責提供認證信息的持久化數據提供。 
請求提交給 guard， guard 從 provider 里取出數據（類似用戶名、密碼等），驗證輸入數據與服務器端存儲的數據是否吻合。如果提交的數據正確，再做 session 等業務的處理（如有需要）。

認證腳手架

首先我們導入 Laravel 的自帶的認證腳手架

php artisan make:auth

執行數據庫遷移：

php artisan migrate

修改 Auth 認證的配置文件 config/auth.php

在 gurads 處，添加 admin guard 用於后台管理員認證

    'guards' => [ 'web' => [ 'driver' => 'session', 'provider' => 'users', ], 'admin' => [ 'driver' => 'session', 'provider' => 'admins', ], 'api' => [ 'driver' => 'token', 'provider' => 'users', ], ],

在 providers 處添加 admins provider，使用 Admin 模型

    'providers' => [ 'users' => [ 'driver' => 'eloquent', 'model' => App\User::class, ], 'admins' => [ 'driver' => 'eloquent', 'model' => App\Admin::class, ], ],

創建后台管理員模型

我們再創建一個 Admin 模型，用於后台管理員登錄驗證。

php artisan make:model Admin -m

-m 參數會同時生成數據庫遷移文件 xxxx_create_admins_table

修改 app/Admin.php 模型文件

<?php namespace App; use Illuminate\Notifications\Notifiable; use Illuminate\Foundation\Auth\User as Authenticatable; class Admin extends Authenticatable { use Notifiable; /** * The attributes that are mass assignable. * * @var array */ protected $fillable = [ 'name', 'password', ]; /** * The attributes that should be hidden for arrays. * * @var array */ protected $hidden = [ 'password', 'remember_token', ]; }

編輯 xxxx_create_admins_table 文件，后台管理員模型結構與前台用戶差不多，去掉 email 字段，name 字段設為 unique

<?php use Illuminate\Support\Facades\Schema; use Illuminate\Database\Schema\Blueprint; use Illuminate\Database\Migrations\Migration; class CreateAdminsTable extends Migration { /** * Run the migrations. * * @return void */ public function up() { Schema::create('admins', function (Blueprint $table) { $table->increments('id'); $table->string('name')->unique(); $table->string('password'); $table->rememberToken(); $table->timestamps(); }); } /** * Reverse the migrations. * * @return void */ public function down() { Schema::dropIfExists('admins'); } }

管理員模型填充數據

定義一個數據模型工廠，在 database/factories/ModelFactory.php 中添加如下代碼

$factory->define(App\Admin::class, function (Faker\Generator $faker) { static $password; return [ 'name' => $faker->firstName, 'password' => $password ?: $password = bcrypt('secret'), 'remember_token' => str_random(10), ]; });

使用 Faker 隨機填充用戶名

在 database/seeds 目錄下生成 AdminsTableSeeder.php 文件。

php artisan make:seeder AdminsTableSeeder

編輯 database/seeds/AdminsTableSeeder.php 文件的 run 方法，添加3個管理員用戶，密碼為 123456

    public function run() { factory('App\Admin', 3)->create([ 'password' => bcrypt('123456') ]); }

在 database/seeds/DatabaseSeeder.php 的 run 方法里調用 AdminsTableSeeder 類

    public function run() { $this->call(AdminsTableSeeder::class); }

執行數據庫遷移命令

php artisan migrate --seed

數據庫里會創建 admins 表，並且生成了3條數據

id	name	password	remember_token	create_at	update_at
1	John	$2y$10$AYD4MoW…	9p7bycJ5Wn	2016-09-12 11:12:37	2016-09-12 11:12:37
2	Ransom	$2y$10$AYD4MoW…	Ct8W5nmTsg	2016-09-12 11:12:37	2016-09-12 11:12:37
3	Dulce	$2y$10$AYD4MoW…	I8RJpxwVrk	2016-09-12 11:12:37	2016-09-12 11:12:37

創建后台頁面

創建控制器

php artisan make:controller Admin/LoginController    
php artisan make:controller Admin/IndexController

其中， Admin/LoginController 負責登錄邏輯； Admin/IndexController 管理登錄后的首頁。

編輯 Admin/LoginController.php

<?php namespace App\Http\Controllers\Admin; use App\Http\Controllers\Controller; use Illuminate\Foundation\Auth\AuthenticatesUsers; class LoginController extends Controller { /* |-------------------------------------------------------------------------- | Login Controller |-------------------------------------------------------------------------- | | This controller handles authenticating users for the application and | redirecting them to your home screen. The controller uses a trait | to conveniently provide its functionality to your applications. | */ use AuthenticatesUsers; /** * Where to redirect users after login / registration. * * @var string */ protected $redirectTo = '/admin'; /** * Create a new controller instance. * * @return void */ public function __construct() { $this->middleware('guest.admin', ['except' => 'logout']); } /** * 顯示后台登錄模板 */ public function showLoginForm() { return view('admin.login'); } /** * 使用 admin guard */ protected function guard() { return auth()->guard('admin'); } /** * 重寫驗證時使用的用戶名字段 */ public function username() { return 'name'; } }

編輯 Admin/IndexController.php

<?php namespace App\Http\Controllers\Admin; use Illuminate\Http\Request; use App\Http\Requests; use App\Http\Controllers\Controller; class IndexController extends Controller { /** * 顯示后台管理模板首頁 */ public function index() { return view('admin.index'); } }

后台顯示模板

復制 views/layouts/app.blade.php 成 views/layouts/admin.blade.php

編輯后台管理布局模板

<!DOCTYPE html> <html lang="en"> <head> <meta charset="utf-8"> <meta http-equiv="X-UA-Compatible" content="IE=edge"> <meta name="viewport" content="width=device-width, initial-scale=1"> <!-- CSRF Token --> <meta name="csrf-token" content="{{ csrf_token() }}"> <title>{{ config('app.name', 'Laravel') }} - Admin</title> <!-- Styles --> <link href="/css/app.css" rel="stylesheet"> <!-- Scripts --> <script> window.Laravel = <?php echo json_encode([ 'csrfToken' => csrf_token(), ]); ?> </script> </head> <body> <nav class="navbar navbar-default navbar-static-top"> <div class="container"> <div class="navbar-header"> <!-- Collapsed Hamburger --> <button type="button" class="navbar-toggle collapsed" data-toggle="collapse" data-target="#app-navbar-collapse"> <span class="sr-only">Toggle Navigation</span> <span class="icon-bar"></span> <span class="icon-bar"></span> <span class="icon-bar"></span> </button> <!-- Branding Image --> <a class="navbar-brand" href="{{ url('/') }}"> {{ config('app.name', 'Laravel') }} </a> </div> <div class="collapse navbar-collapse" id="app-navbar-collapse"> <!-- Left Side Of Navbar --> <ul class="nav navbar-nav"> &nbsp; </ul> <!-- Right Side Of Navbar --> <ul class="nav navbar-nav navbar-right"> <!-- Authentication Links --> @if (auth()->guard('admin')->guest()) <li><a href="{{ url('/admin/login') }}">Login</a></li> @else <li class="dropdown"> <a href="#" class="dropdown-toggle" data-toggle="dropdown" role="button" aria-expanded="false"> {{ auth()->guard('admin')->user()->name }} <span class="caret"></span> </a> <ul class="dropdown-menu" role="menu"> <li> <a href="{{ url('/admin/logout') }}" onclick="event.preventDefault(); document.getElementById('logout-form').submit();"> Logout </a> <form id="logout-form" action="{{ url('/admin/logout') }}" method="POST" style="display: none;"> {{ csrf_field() }} </form> </li> </ul> </li> @endif </ul> </div> </div> </nav> @yield('content') <!-- Scripts --> <script src="/js/app.js"></script> </body> </html> 

復制 views/auth/login.blade.php 成 views/admin/login.blade.php

編輯該模板，更改布局文件為 layouts.admin， 把表單的提交 url 改為 admin/login，email 字段改成 name 字段，去掉找回密碼的部分

@extends('layouts.admin') @section('content') <div class="container"> <div class="row"> <div class="col-md-8 col-md-offset-2"> <div class="panel panel-default"> <div class="panel-heading">Admin Login</div> <div class="panel-body"> <form class="form-horizontal" role="form" method="POST" action="{{ url('/admin/login') }}"> {{ csrf_field() }} <div class="form-group{{ $errors->has('name') ? ' has-error' : '' }}"> <label for="name" class="col-md-4 control-label">Name</label> <div class="col-md-6"> <input id="name" type="text" class="form-control" name="name" value="{{ old('name') }}" required autofocus> @if ($errors->has('name')) <span class="help-block"> <strong>{{ $errors->first('name') }}</strong> </span> @endif </div> </div> <div class="form-group{{ $errors->has('password') ? ' has-error' : '' }}"> <label for="password" class="col-md-4 control-label">Password</label> <div class="col-md-6"> <input id="password" type="password" class="form-control" name="password" required> @if ($errors->has('password')) <span class="help-block"> <strong>{{ $errors->first('password') }}</strong> </span> @endif </div> </div> <div class="form-group"> <div class="col-md-6 col-md-offset-4"> <div class="checkbox"> <label> <input type="checkbox" name="remember"> Remember Me </label> </div> </div> </div> <div class="form-group"> <div class="col-md-8 col-md-offset-4"> <button type="submit" class="btn btn-primary"> Login </button> </div> </div> </form> </div> </div> </div> </div> </div> @endsection

復制 views/home.blade.php 成 views/admins/index.blade.php

編輯該模板

@extends('layouts.admin')

@section('content')
<div class="container"> <div class="row"> <div class="col-md-8 col-md-offset-2"> <div class="panel panel-default"> <div class="panel-heading">Dashboard</div> <div class="panel-body"> You are logged in admin dashboard! </div> </div> </div> </div> </div> @endsection

添加后台路由

編輯 routes/web.php， 添加以下內容

Route::group(['prefix' => 'admin'], function () { Route::group(['middleware' => 'auth.admin'], function () { Route::get('/', 'Admin\IndexController@index'); }); Route::get('login', 'Admin\LoginController@showLoginForm')->name('admin.login'); Route::post('login', 'Admin\LoginController@login'); Route::post('logout', 'Admin\LoginController@logout'); });

后台管理認證中間件

創建后台管理認證中間件

php artisan make:middleware AuthAdmin

編輯 AuthAdmin

<?php namespace App\Http\Middleware; use Closure; class AuthAdmin { /** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { if (auth()->guard('admin')->guest()) { if ($request->ajax() || $request->wantsJson()) { return response('Unauthorized.', 401); } else { return redirect()->guest('admin/login'); } } return $next($request); } }

創建后台管理登錄跳轉中間件，用於有些操作在登錄之后的跳轉

php artisan make:middleware GuestAdmin

編輯該中間件的 handle 方法

    public function handle($request, Closure $next) { if (auth()->guard('admin')->check()) { return redirect('/admin'); } return $next($request); }

在 app/Http/Kernel.php 中注冊以上中間件

protected $routeMiddleware = [ ...... 'auth.admin' => \App\Http\Middleware\AuthAdmin::class, 'guest.admin' => \App\Http\Middleware\GuestAdmin::class, ...... ];

處理注銷

經過上面的步驟，已經實現了前后台分離登錄，但是不管是在前台注銷，還是在后台注銷，都銷毀了所有的 session，導致前后台注銷連在一起。所以我們還要對注銷的方法處理一下。

原來的 logout 方法是這樣寫的，在 Illuminate\Foundation\Auth\AuthenticatesUsers 里

    public function logout(Request $request) { $this->guard()->logout(); $request->session()->flush(); $request->session()->regenerate(); return redirect('/'); }

注意這一句

$request->session()->flush();

將所有的 session 全部清除，這里不分前台、后台，所以要對這里進行改造。

因為前台、后台注銷都要修改，所以我們新建一個 trait，前后台都可以使用。

新建一個文件 app/Extensions/AuthenticatesLogout.php

<?php namespace App\Extensions; use Illuminate\Http\Request; trait AuthenticatesLogout { public function logout(Request $request) { $this->guard()->logout(); $request->session()->forget($this->guard()->getName()); $request->session()->regenerate(); return redirect('/'); } }

我們將上面的那一句改成

$request->session()->forget($this->guard()->getName());

只是刪除掉當前 guard 所創建的 session，這樣就達到了分別注銷的目的。

修改 Auth/LoginController.php 和 Admin/LoginController.php，將

class LoginController extends Controller { use AuthenticatesUsers;

改掉，在文件的前面別忘了加上 use 語句

use App\Extensions\AuthenticatesLogout; ... class LoginController extends Controller { use AuthenticatesUsers, AuthenticatesLogout { AuthenticatesLogout::logout insteadof AuthenticatesUsers; } ...