版权声明:本文为博主原创文章,未经博主允许不得转载。 https://blog.csdn.net/fenghuangjc/article/details/82709035
认证权限:文章权限
注册控制器:RegisterController.php
public function index() {
return view('register.index');
}
public function register(){
//验证
$this->validate(request(),[
'name'=>'required|min:3|max:50|unique:users,name',
'email'=>'required|email|unique:user,email',
'password'=>'required|min:6|max:20|confirmed'
]);
//逻辑
$name=request('name');
$email = request('email');
$password = bcrypt(request('password'));//加密
$user = User::create(compact('name','email','password'));
//渲染
return redircet('/login');
}
Auth
Auth 来访问Laravel的认证服务,需要顶部映入Auth。
use Illuminate\Support\Facades\Auth;
class LoginController extends Controller {
public function authenticate()
{
//处理身份认证尝试
if(Auth::attempt(['email' => $email,'password' => $password])){
//认证通过
return redirect()->intended('dashboard');
}
}
}
LoginController.php
//登录页面
public function index(){
return view('login.index');
}
//登录
public function login(){
//验证输入项
$this->validate(request(),[
'email'=>'required|email',
'password'=>'required|min:6|max:20',
'is_remeber'=>''
]);
//登陆逻辑
$user = request(['email','password']);
$remeber = boolval(request('is_remeber'));
if(\Auth::attempt($user,$remeber)){
//登陆成功跳转到文章列表页
return redirect('/posts');
}
//登陆验证不成功返回到登陆页面
return \Redirect::back()->withErrors('用户名或者密码错误');
}
//退出登录
public function logout(){
\Auth::logout();
return redirect('/login');
}
用户授权
一、定义策略类
二、注册策略类和模型关联
三、策略判断
在PostController中的创建文章方法,新建文章时带上创建者的id
//创建文章
public function create()
{
return view('post/create');
}
//保存新建文章
public function store(Request $request)
{
//应对表单三步骤
//1.验证
$this->validate($request,{
'title' =>'required|string|min:5|max:100',
'content' => 'required|min:10'
});
//2.逻辑
$parms = array_merge(request(['title','content']),['user_id'=>\Auth::id()]);
Post::create($parms);
//3.渲染
return redirect('/posts');
}
修改model类,添加关联(一对多)
public function user()
{
//第二个参数是model类中外键名,第三个是user表的主键名
return $this->belongsTo("App\User",'user_id','id');
}
在Policie文件夹创建策略类XXPostPolicy添加权限
public function update(User $user, Post $post)
{
return $user->id===$post->user_id;
}
public function delete(User $user,Post $post)
{
return $user->id === $post->user_id;
}
在AuthServiceProvider映射对应的策略类
protected $policies = [
'App\XXModel' => 'App\Policies\XXPolicy'
];
修改相关页面blade.php添加判断,有对应权限,再显示相关按钮
XXX.blade.php
<div>
@can('update',$post)
@endcan
</div>
登陆路由控制
//单条路由
Route::get('profile',fuction(){
//只有登陆的用户才能进入
})->middleware('auth');
//路由组
Route::->group(['middleware'=>'auth'],function(){
Route::get('/email_verify_notice','PagesController@emailVerifyNotice')->name('emailVerifyNotice');
Route::get('email_verification/verify','EmailVerificationController@verify')->name('email_verification.verify');
});
同时修改登陆页面,用户已登陆时,输入login路由,直接跳到网站首页
app/Http/Controllers/LoginController.php
//登陆页面
public function index()
{
if(\Auth::check()){
return redirect('/home');
}
return view('login/index');
}