我在Laravel应用程序中试验中间件.我目前已将其设置为在经过身份验证的用户的每个路由上运行,但是,我希望它忽略以setupURI 开头的任何请求.
这是我的CheckOnboarding中间件方法的样子:
public function handle($request, Closure $next)
{
/**
* Check to see if the user has completed the onboarding, if not redirect.
* Also checks that the requested URI isn't the setup route to ensure there isn't a redirect loop.
*/
if ($request->user()->onboarding_complete == false && $request->path() != 'setup') {
return redirect('setup');
} else {
return $next($request);
}
}
这在我的路线中使用如下:
Route::group(['middleware' => ['auth','checkOnboarding']], function () {
Route::get('/home', 'HomeController@index');
Route::get('/account', 'AccountController@index');
Route::group(['prefix' => 'setup'], function …我试图在我的条件下给予条件Middleware.
这是我的剧本
if (auth()->check() && auth()->user()->type == 'TP001') {
$menu->add("User Control",array('nickname' => "user",'class'=>'treeview'))
->append(' <b class="caret"></b>')
->prepend('<span class="glyphicon glyphicon-user"></span> ');
$menu->user->add('Daftar User','user/list');
$menu->user->add('Tipe User','user/type');
} else {
/* Some code here...*/
}
上面的脚本我不能看到带有条件的菜单,即使我已经登录'TP001'(总是在其他地方),然后我尝试修复我的代码
auth()->user()->isDeveloper()
我的模特
public function isDeveloper()
{
return ($this->type == 'TP001');
}
但仍然没有工作,有没有办法给出上述条件但是以正确的方式?提前谢谢,抱歉我的英语不好.
我的核心
protected $middleware = [
\Illuminate\Foundation\Http\Middleware\CheckForMaintenanceMode::class,
\Illuminate\Foundation\Http\Middleware\ValidatePostSize::class,
\App\Http\Middleware\TrimStrings::class,
\Illuminate\Foundation\Http\Middleware\ConvertEmptyStringsToNull::class,
\App\Http\Middleware\Frontend::class,
];
某些服务向我的站点发出 HTTP 请求并传递一些输入。这个输入的结构对我来说有点错误,所以我正在尝试修改它。
我制作了一个中间件并将这个中间件附加到我的路线上。句柄方法如下所示:
public function handle($request, Closure $next)
{
$input = $request->all();
// Input modification
$request->replace($input);
\Log::info($request->all()); // Shows modified request
return $next($request);
}
但是在我的控制器中,我得到了旧的输入。另外我有点困惑,因为我也使用 FormRequest,而且我意识到这两个请求是不同的实体。那么如何修改中间件中的输入呢?
----------------------------------------------------------------------------------+
| Domain | Method | URI | Name | Action | Middleware
|
+--------+----------+----------------------------+------------------+------------------------------------------------------------------------+--------------------------------------------------
----------------------------------------------------------------------------------+
| | GET|HEAD | / | | Closure | web
|
| | POST | _ignition/execute-solution | | Facade\Ignition\Http\Controllers\ExecuteSolutionController | Facade\Ignition\Http\Middleware\IgnitionEnabled,F
acade\Ignition\Http\Middleware\IgnitionConfigValueEnabled:enableRunnableSolutions |
| | GET|HEAD | _ignition/health-check | | Facade\Ignition\Http\Controllers\HealthCheckController | Facade\Ignition\Http\Middleware\IgnitionEnabled
|
| | GET|HEAD | _ignition/scripts/{script} | | Facade\Ignition\Http\Controllers\ScriptController | Facade\Ignition\Http\Middleware\IgnitionEnabled
|
| | POST | _ignition/share-report | | Facade\Ignition\Http\Controllers\ShareReportController | Facade\Ignition\Http\Middleware\IgnitionEnabled,F
acade\Ignition\Http\Middleware\IgnitionConfigValueEnabled:enableShareButton |
| | GET|HEAD | _ignition/styles/{style} | | …我正在尝试为登录用户创建管理员路由限制.我已经尝试检查我的用户是否log-in,以及用户类型是否Admin,如果是,我想允许他们访问管理路由,否则,回复404.
<!-- Route group -->
$router->group(['middleware' => 'auth'], function() {
<!-- No Restriction -->
Route::get('dashboard','WelcomeController@index');
<!-- Admin Only -->
if(Auth::check()){
if ( Auth::user()->type == "Admin" ){
//Report
Route::get('report','ReportController@index');
Route::get('report/create', array('as'=>'report.create', 'uses'=>'ReportController@create'));
Route::post('report/store','ReportController@store');
Route::get('report/{id}', array('before' =>'profile', 'uses'=>'ReportController@show'));
Route::get('report/{id}/edit', 'ReportController@edit');
Route::put('report/{id}/update', array('as'=>'report.update', 'uses'=>'ReportController@update'));
Route::delete('report/{id}/destroy',array('as'=>'report.destroy', 'uses'=>'ReportController@destroy'));
}
}
});
它没有像我预期的那样工作.它会引发404错误 - 即使对于Admin用户也是如此.
我正在使用Auth脚手架Laravel 5.3,我已经改变了路线auth.因此,而不是/login和/register我使用/signin和/signup.
在Laravel 5.2我们在有这个默认auth的中间件,
public function handle($request, Closure $next, $guard = null)
{
if (Auth::guard($guard)->guest()) {
if ($request->ajax() || $request->wantsJson()) {
return response('Unauthorized.', 401);
}
return redirect()->guest('login');
}
return $next($request);
}
login如果用户没有登录,这将重定向到路由.Laravel 5.3我们有这个,
public function handle($request, Closure $next, $guard = null)
{
if (Auth::guard($guard)->check()) {
return redirect('/');
}
return $next($request);
}
这会将已登录的用户重定向到默认路由/.所以他们在5.3中改变了它.而不是定义客人去哪里,我们定义了登录用户去.
我的问题是,我将如何原 …
Laravel 5.7
PHP 7.2.10
目前我可以使用 web 和 api 守卫中的任何一个,有什么方法可以同时使用两者,以便 web 应用程序和 api 可以一起工作。
就像是
return [
/*
|--------------------------------------------------------------------------
| Authentication Defaults
|--------------------------------------------------------------------------
|
| This option controls the default authentication "guard" and password
| reset options for your application. You may change these defaults
| as required, but they're a perfect start for most applications.
|
*/
'defaults' => [
'guard' => 'api|web',
'passwords' => 'users',
],
如果不使用架构,这是一个需要更改架构的解决方案/解决方法,这是我不喜欢的。此外,我不需要访问令牌进行注册,这个答案在做什么。
api.php
Route::group([
'middleware' => 'api|web',
'prefix' => 'auth'
], function …laravel laravel-middleware laravel-5.7 laravel-guard laravel-jwt
你好开发者,
这不是直接重复:调用成员函数setCookie()on null 当我从Middleware调用Controller操作然后在控制器操作中我返回View时,
这是我的路线 web.php
Route::get('/end', [EndPageController::class, 'index'])
->name('survey.end')
->middleware('App\Http\Middleware\LegacyEndCheck');
中间件LegacyEndCheck.php处理功能
public function handle($request, Closure $next)
{
$sjid = $request->input('sjid', false);
if( empty($sjid) || strlen($sjid) !== 36 ){
return app()->make(EndLegacyController::class)->index($request); //I have to call EndLegacyController@index here as I can't change URL using redirect route
}
return $next($request);
}
控制器EndLegacyController index动作
public function index(Request $request)
{
$sjid = $request->input('sjid',false);
$status = $request->input('status',false);
if( empty($sjid) || empty($status) ){
$this->status = 5;
return view('survey.legacy.end')
->with('status', $this->status);
} …在我的应用程序中,我实现了OAuth2-Server(oauth2-server-laravel)与自定义身份验证包(Sentinel by Cartalyst)的组合.
在我的routes.php中:
Route::group(['before' => 'oauth'], function()
{
// ... some routes here
}
因此,请求必须提供授权标头,否则应用程序将退出OAuthException.
现在我想对我的控制器进行单元测试.因此,我必须为每个测试使用OAuth会话和访问令牌为我的数据库建立种子.然后覆盖call()-method TestCase并使用Bearer Token设置HTTP-Authorization Header.
有没有办法禁用或绕过中间件(在我的情况下仅用于单元测试)?
在Laravel 4中,它们被称为路由过滤器,无论如何它们在测试环境中被禁用.您也可以手动启用/禁用它们Route::enableFilters().
我用laravel后端制作了反应项目......我有一个CORS问题,我像下面的链接一样做所有事情,用水果蛋糕。
API 的 Laravel 6 CORS 策略问题, 但仍然无法正常工作。
'paths' => ['api/*'],
/*
* Matches the request method. `[*]` allows all methods.
*/
'allowed_methods' => ['*'],
/*
* Matches the request origin. `[*]` allows all origins.
*/
'allowed_origins' => ['*'],
/*
* Matches the request origin with, similar to `Request::is()`
*/
'allowed_origins_patterns' => [],
/*
* Sets the Access-Control-Allow-Headers response header. `[*]` allows all headers.
*/
'allowed_headers' => ['*'],
/*
* Sets the Access-Control-Expose-Headers …laravel ×9
laravel-5 ×5
php ×5
laravel-5.4 ×2
cors ×1
eloquent ×1
laravel-5.1 ×1
laravel-5.3 ×1
laravel-5.7 ×1
laravel-jwt ×1
react-redux ×1
reactjs ×1