【发布时间】:2019-02-07 16:13:13
【问题描述】:
我的问题很简单,我想在我的 laravel 应用程序中使用 Guard 进行多重身份验证(对于用户 + 管理员),所以我可以在控制器中简单地检查经过身份验证的用户是否是管理员,如下所示:
public function addCategories(Request $request) {
if (!Auth::guard('admin')->check()) {
abort(404);
}
....
}
但是上面的代码总是返回false,不知道为什么,这是我的管理员登录:
public function doLogin(Request $request) {
try {
$validator = \Validator::make($request->post(), [
'username' => array(
'required',
'string',
'max:12',
'regex:/(^[A-Za-z0-9_]+$)+/'
),
'password' => 'required|max:12'
]);
if ($validator->fails()) {
//$validator->errors()
throw new Exception('post data are incorrect');
}
$admin = Admin::where('AUsername', '=', $request->post('username'))
->first();
if ($admin == null) {
throw new Exception('username or password are incorrect');
} else if (!\Hash::check($request->post('password'), $admin->toArray()['APassword'])) {
throw new Exception('username or password are incorrect');
}
Auth::guard('admin')->login($admin);
if (!Auth::guard('admin')->check()) {
throw new Exception('could not login, please try again later');
}
return response()->json([
'success' => 'login success'
]);
} catch(Exception $e) {
return response()->json(
['error' => $e->getMessage()]
);
}
}
顺便说一句,我没有使用(Auth::attempt()),因为它总是失败(返回 false))
最后这是我的 auth.php:
'defaults' => [
'guard' => 'web',
'passwords' => 'users',
],
'guards' => [
'web' => [
'driver' => 'session',
'provider' => 'users',
],
'api' => [
'driver' => 'token',
'provider' => 'users',
],
'admin' => [
'driver' => 'session',
'provider' => 'admins',
],
],
'providers' => [
'users' => [
'driver' => 'eloquent',
'model' => App\User::class,
],
'admins' => [
'driver' => 'eloquent',
'model' => App\Admin::class,
],
],
【问题讨论】: