- 网站一般分为后台和用户端,如果将用户数据与管理员数据放在同一张的表会出现不好管理和不必要的风险。
- 这就需要将用户表和管理员表进行分开处理,这里就使用laravel的多用户认证来实现
在laravel6版本以下可以使用php artisan make:auth
命令快速生成登录模板,但在laravel以上登录模块进行分离,需要引入拓展包才能够去处理,这里使用的是laravel6.2版本。
composer require laravel/ui 1.2
php artisan ui bootstrap --auth
php artisan migrate
连接数据库跑以上的命令,我们即可获取到默认的登录模块,并生成了路由
- 并且页面已经生成完整的登录模块,这样我们一个登录模块已经完成,我们根据默认的登录模块来完成多用户认证
多用户认证
- 在config/auth.php配置文件进行守卫配置,配置一个自定义的用户驱动表
admin
'guards' => [
'web' => [
'driver' => 'session',
'provider' => 'users',
],
'api' => [
'driver' => 'token',
'provider' => 'users',
'hash' => false,
],
'admin'=>[//新增admin守卫
'driver'=>'session',
'provider'=>'admins'
],
],
'providers' => [
'users' => [
'driver' => 'eloquent',
'model' => App\User::class,
],
'admins'=>[//数据模型
'driver'=>'eloquent',
'model'=>App\Admin::class
],
// 'users' => [
// 'driver' => 'database',
// 'table' => 'users',
// ],
],
根据默认的User模型创建一个类型的Admin模型和admins数据表
<?php
namespace App;
use Illuminate\Database\Eloquent\Model;
use Illuminate\Foundation\Auth\User as Authenticatable;
class Admin extends Authenticatable
{
protected $table = 'admins';
protected $fillable = ['name', 'account_number', 'password'];
public $timestamps = false;
protected $hidden = ['password', 'remember_token'];
}
- 新建登录相关路由
Route::prefix('admin')->namespace('Dauth')->group(function (){
Route::get('login','AuthController@showLoginForm');
Route::post('login','AuthController@login');
// Route::get('logout','AuthController@logout');
});
Route::get('/admin','AdminController@index');
新建中间件AuthAdmin并使用
<?php
namespace App\Http\Middleware;
use Closure;
use Illuminate\Support\Facades\Auth;
class AuthAdmin
{
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next, $guard = null)
{
if(Auth::guard('admin')->guest()){
if ($request->ajax() || $request->wantsJson()){
return response('Unauthorized.', 401);
}else{
return redirect()->guest('admin/login');
}
}
return $next($request);
}
}
在 Kernel.php中注册中间件
protected $routeMiddleware = [
'auth' => \App\Http\Middleware\Authenticate::class,
'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
'bindings' => \Illuminate\Routing\Middleware\SubstituteBindings::class,
'cache.headers' => \Illuminate\Http\Middleware\SetCacheHeaders::class,
'can' => \Illuminate\Auth\Middleware\Authorize::class,
'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class,
'password.confirm' => \Illuminate\Auth\Middleware\RequirePassword::class,
'signed' => \Illuminate\Routing\Middleware\ValidateSignature::class,
'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class,
'verified' => \Illuminate\Auth\Middleware\EnsureEmailIsVerified::class,
'admin' => \App\Http\Middleware\AuthAdmin::class
];
改写登录模块
<?php
namespace App\Http\Controllers\Dauth;
use App\Http\Controllers\Controller;
use Illuminate\Foundation\Auth\AuthenticatesUsers;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
class AuthController extends Controller
{
use AuthenticatesUsers;
protected $redirectTo = '/admin';
public function __construct()
{
$this->middleware('guest:admin')->except('logout');
}
/**
* 登录页面
*/
public function showLoginForm()
{
return view('admin.login');
}
public function username()
{
return 'name';
}
protected function guard()
{
return Auth::guard('admin');//守卫使用我们定义的数据库驱动admin
}
}
- AdminController.php
<?php
namespace App\Http\Controllers;
use Illuminate\Http\Request;
class AdminController extends Controller
{
public function __construct()
{
$this->middleware('admin');
}
public function index()
{
return 12345;
}
}
我们自定义已经大功告成,我尝试把我们user表的数据拷贝一份放到admins中进行登录尝试是否两个登录互不影响
在我们自定义模块是登录成功的情况下,我们查看默认的user模块是未登录状态
并且默认user登录也能成功登录