Laravel 广播身份验证工作或用于网络保护或自定义保护

Question

在项目中，我有两个身份验证守卫，网络（默认情况下是用户）和我的自定义（教师）。我注意到，老师不能在广播中授权。在Broadcast::routes(['middleware' => ['web', 'auth:teacher']])添加中间件后，教师授权成功，但用户重定向到登录页面。 所以我有以下问题：

1. 有Broadcast::routes(); 代码，广播工作正常 对于用户守卫，对于教师，它返回 403 forbidden 错误。

2. 有Broadcast::routes(['middleware' => ['web', 'auth:teacher']]);代码，广播只对教师有效 守卫，因为用户正在重定向到身份验证，登录，然后是用户页面。

config/auth.php

<?php

return [

    /*
    |--------------------------------------------------------------------------
    | Authentication Defaults
    |--------------------------------------------------------------------------
    |
    | This option controls the default authentication "guard" and password
    | reset options for your application. You may change these defaults
    | as required, but they're a perfect start for most applications.
    |
    */

    'defaults' => [
        'guard' => 'web',
        'passwords' => 'users',
    ],

    /*
    |--------------------------------------------------------------------------
    | Authentication Guards
    |--------------------------------------------------------------------------
    |
    | Next, you may define every authentication guard for your application.
    | Of course, a great default configuration has been defined for you
    | here which uses session storage and the Eloquent user provider.
    |
    | All authentication drivers have a user provider. This defines how the
    | users are actually retrieved out of your database or other storage
    | mechanisms used by this application to persist your user's data.
    |
    | Supported: "session", "token"
    |
    */

    'guards' => [
        'web' => [
            'driver' => 'session',
            'provider' => 'users',
        ],
        'teacher' => [
            'driver' => 'session',
            'provider' => 'teacher',
        ],

        'api' => [
            'driver' => 'token',
            'provider' => 'users',
            'hash' => false,
        ],
    ],

    /*
    |--------------------------------------------------------------------------
    | User Providers
    |--------------------------------------------------------------------------
    |
    | All authentication drivers have a user provider. This defines how the
    | users are actually retrieved out of your database or other storage
    | mechanisms used by this application to persist your user's data.
    |
    | If you have multiple user tables or models you may configure multiple
    | sources which represent each model / table. These sources may then
    | be assigned to any extra authentication guards you have defined.
    |
    | Supported: "database", "eloquent"
    |
    */

    'providers' => [
        'users' => [
            'driver' => 'eloquent',
            'model' => App\User::class,
        ],
        'teacher' => [
            'driver' => 'eloquent',
            'model' => App\Teacher::class,
        ],

        // 'users' => [
        //     'driver' => 'database',
        //     'table' => 'users',
        // ],
    ],

    /*
    |--------------------------------------------------------------------------
    | Resetting Passwords
    |--------------------------------------------------------------------------
    |
    | You may specify multiple password reset configurations if you have more
    | than one user table or model in the application and you want to have
    | separate password reset settings based on the specific user types.
    |
    | The expire time is the number of minutes that the reset token should be
    | considered valid. This security feature keeps tokens short-lived so
    | they have less time to be guessed. You may change this as needed.
    |
    */

    'passwords' => [
        'users' => [
            'provider' => 'users',
            'table' => 'password_resets',
            'expire' => 60,
            'throttle' => 60,
        ],
    ],

    /*
    |--------------------------------------------------------------------------
    | Password Confirmation Timeout
    |--------------------------------------------------------------------------
    |
    | Here you may define the amount of seconds before a password confirmation
    | times out and the user is prompted to re-enter their password via the
    | confirmation screen. By default, the timeout lasts for three hours.
    |
    */

    'password_timeout' => 10800,

];

app\Providers\BroadcastServiceProvider.php

<?php

namespace App\Providers;

use Illuminate\Support\Facades\Broadcast;
use Illuminate\Support\ServiceProvider;

class BroadcastServiceProvider extends ServiceProvider
{
    /**
     * Bootstrap any application services.
     *
     * @return void
     */
    public function boot()
    {   
        Broadcast::routes(['middleware' => ['web', 'auth:teacher']]);

        require base_path('routes/channels.php');
    }
}

Answer 1

这个来晚了，不过，如果你没有，你应该试试这个 Broadcast::routes(['middleware' => ['auth:web', 'auth:teacher']]);

Broadcast::routes() 适用于学生，因为使用了身份验证中间件的默认“auth:web”保护，并且当您为教师添加时，您指定了错误的“web”，而不是“auth:web”。 尝试使用 Broadcast::routes(['middleware' => ['auth:web', 'auth:teacher']]); 或 Broadcast::routes(['middleware' => ['auth:web,teacher']]);