Js *_*Lim 6 php session google-authenticator laravel-5
我实际上是在项目中实现双因素身份验证.我做的是
Auth::user()->google2fa_passed = 1;
事实上它并没有真正存储,当导航到另一个页面时,缺少值.
我也不想保留在另一个会话中,因为当用户注销(或用户从浏览器中删除会话cookie)时,将显示登录页面,并再次通过2因子身份验证.
知道如何为用户会话保存1个以上的属性吗?
最终,我用来session存储。
输入 6 位代码后,将标志存储到会话中
\Session::put('totp_passed', 1);
在app/Http/Middleware/Authenticate.php中,如果会话过期,请删除2FA 会话
public function handle($request, Closure $next)
{
if ($this->auth->guest()) {
// remove the 2-factor auth if the user session expired
\Session::forget('totp_passed'); // <------- add this line
if ($request->ajax()) {
return response('Unauthorized.', 401);
} else {
return redirect()->route('auth.login');
}
}
return $next($request);
}
然后创建另一个中间件,例如app/Http/Middleware/TwoFactorAuth.php
namespace App\Http\Middleware;
use Closure;
class TwoFactorAuth
{
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
if (!\Session::has('totp_passed')) {
return redirect()->route('auth.2fa');
}
return $next($request);
}
}
在应用程序/Http/Kernel.php中
protected $routeMiddleware = [
'auth' => \App\Http\Middleware\Authenticate::class,
'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class,
'2fa' => \App\Http\Middleware\TwoFactorAuth::class, // <------ add this line
];
Route::group(['middleware' => 'auth'], function () {
// must be login first only can access this page
Route::get('2fa', ['as' => 'auth.2fa', 'uses' => 'Auth\AuthController@get2FactorAuthentication']);
Route::post('2fa', ['uses' => 'Auth\AuthController@post2FactorAuthentication']);
// add 2-factor auth middleware
Route::group(['middleware' => '2fa'], function () {
// all routes that required login
});
});