Laravel 创建自定义中间件以通过路由检查用户权限

Question

我想创建一个自定义中间件来检查我的用户是否被允许进入教室。教室相关的路由应该受到 ClassRoom 中间件的保护，在重定向到控制器之前检查用户权限。

这是教室路线组：

Route::group(['prefix' => 'classroom/{classroom_id}', 'namespace' => 'Classroom', 'as' => 'classroom.'], function(){
    Route::resource('dashboard', 'DashboardController')->only(['index', 'create', 'store']);
});

这是检查权限的代码：

    $classroom = ClassRoom::findOrFail($classroom_id);

        $ok = false;
        foreach ($classroom->users as $classroom_user) {
          if ($classroom_user->id == user()->id) {
            $ok = true;
          }
        }

        if (!$ok) {
          return redirect()->route('user.classrooms.index');
        }

Answer 1

运行命令：

php artisan make:middleware CheckPermission

您的中间件：

<?php

namespace App\Http\Middleware;

use Closure;

class CheckPermission
{
    /**
     * Handle an incoming request.
     *
     * @param  \Illuminate\Http\Request  $request
     * @param  \Closure  $next
     * @return mixed
     */
    public function handle($request, Closure $next)
    {

       // apply your permission logic here

        return $next($request);
    }
}

app/Http/Kernel.php

protected $routeMiddleware = [
    ... ,
    'check-permission' => \App\Http\Middleware\CheckPermission::class,
];

在路由文件（web.php）中

Route::group(['middleware' => ['check-permission'], 'prefix' => 'classroom/{classroom_id}', 'namespace' => 'Classroom', 'as' => 'classroom.'], function(){
    Route::resource('dashboard', 'DashboardController')->only(['index', 'create', 'store']);
});

Answer 2

要在 laravel 中创建中间件，请使用 php artisan make:middleware YourCustomMiddleWare

然后您需要在受保护的 routeMiddleware 数组中的 app/Http/Kernel.php 中注册它

你像普通的中间件一样将它添加到路由中

https://laravel.com/docs/5.8/middleware