postLogin 显示令牌并且似乎未在 Laravel 5.2 中调用
postLogin displaying token and doesn't seem to be called in Laravel 5.2
一段时间以来,我一直在努力思考这个问题,但似乎无法弄清楚问题出在哪里。我在 Laravel 5.2.* 中手动创建了一个登录页面,我过去曾成功地完成了它,但由于某种原因这次它不起作用......这是我的代码的重要部分的细分:
Route::group(['middleware' => ['web']], function () {
// Authentication Routes...
Route::get('auth/login', 'Auth\AuthController@getLogin');
Route::post('auth/login', 'Auth\AuthController@postLogin');
Route::get('auth/logout', 'Auth\AuthController@getLogout');
....
});
<!DOCTYPE html>
<html lang="en">
<head>
<meta name="csrf-token" content="{{ csrf_token() }}" />
....
</head>
<body>
<form action="{{ url( '/auth/login' ) }}" class="clearfix" id="login" method="post" novalidate>
{!! csrf_field() !!}
@if (count($errors) > 0)
<div class="show validation-summary">
<strong>Whoops!</strong> There were some problems with your input.<br />
<ul>
@foreach ($errors->all() as $error)
<li>{{ $error }}</li>
@endforeach
</ul>
</div>
@else
<div class="validation-summary">
<ul>
</ul>
</div>
@endif
<label class="grey" for="email"><b>Username: </b></label>
<input class="field" type="text" name="email" id="email" value="{{ old('email') }}" size="23" />
<label class="grey" for="password"><b>Password:</b></label>
<input class="field" type="password" name="password" id="password" size="23" />
<button class="bt_login" name="submit" type="submit">
<i class="fa fa-btn fa-sign-in"></i> Login
</button>
</form>
....
</body>
</html>
这是来自 AuthenticatesUsers 特征的 postLogin 方法:
public function postLogin(Request $request)
{
return $this->login($request);
}
public function login(Request $request)
{
$this->validate($request, [
$this->loginUsername() => 'required', 'password' => 'required',
]);
// If the class is using the ThrottlesLogins trait, we can automatically throttle
// the login attempts for this application. We'll key this by the username and
// the IP address of the client making these requests into this application.
$throttles = $this->isUsingThrottlesLoginsTrait();
if ($throttles && $this->hasTooManyLoginAttempts($request)) {
return $this->sendLockoutResponse($request);
}
$credentials = $this->getCredentials($request);
if (Auth::guard($this->getGuard())->attempt($credentials, $request->has('remember'))) {
return $this->handleUserWasAuthenticated($request, $throttles);
}
// If the login attempt was unsuccessful we will increment the number of attempts
// to login and redirect the user back to the login form. Of course, when this
// user surpasses their maximum number of attempts they will get locked out.
if ($throttles) {
$this->incrementLoginAttempts($request);
}
return $this->sendFailedLoginResponse($request);
}
当点击登录按钮时,它似乎显示了 csrf 令牌值,甚至没有点击 AuthenticatesUsers 特征中的 postLogin 方法。如果您想要一个实际示例,可以转到 http://www.dorothea.co.za/auth/login 并单击屏幕顶部的“登录”滑动面板,然后单击“登录”。
只是回答我上面的问题,问题出在 app/Http/Middleware/VerifyCsrfToken.php class 的 tokensMatch 方法中。这是导致问题的代码:
echo($request->header('X-CSRF-Token') .' '. $request->input('_token'));
die();
我认为我没有对此文件进行任何更改,所以请注意您是否正在使用身份验证并且 laravel 的版本是 5.2.7。
一段时间以来,我一直在努力思考这个问题,但似乎无法弄清楚问题出在哪里。我在 Laravel 5.2.* 中手动创建了一个登录页面,我过去曾成功地完成了它,但由于某种原因这次它不起作用......这是我的代码的重要部分的细分:
Route::group(['middleware' => ['web']], function () {
// Authentication Routes...
Route::get('auth/login', 'Auth\AuthController@getLogin');
Route::post('auth/login', 'Auth\AuthController@postLogin');
Route::get('auth/logout', 'Auth\AuthController@getLogout');
....
});
<!DOCTYPE html>
<html lang="en">
<head>
<meta name="csrf-token" content="{{ csrf_token() }}" />
....
</head>
<body>
<form action="{{ url( '/auth/login' ) }}" class="clearfix" id="login" method="post" novalidate>
{!! csrf_field() !!}
@if (count($errors) > 0)
<div class="show validation-summary">
<strong>Whoops!</strong> There were some problems with your input.<br />
<ul>
@foreach ($errors->all() as $error)
<li>{{ $error }}</li>
@endforeach
</ul>
</div>
@else
<div class="validation-summary">
<ul>
</ul>
</div>
@endif
<label class="grey" for="email"><b>Username: </b></label>
<input class="field" type="text" name="email" id="email" value="{{ old('email') }}" size="23" />
<label class="grey" for="password"><b>Password:</b></label>
<input class="field" type="password" name="password" id="password" size="23" />
<button class="bt_login" name="submit" type="submit">
<i class="fa fa-btn fa-sign-in"></i> Login
</button>
</form>
....
</body>
</html>
这是来自 AuthenticatesUsers 特征的 postLogin 方法:
public function postLogin(Request $request)
{
return $this->login($request);
}
public function login(Request $request)
{
$this->validate($request, [
$this->loginUsername() => 'required', 'password' => 'required',
]);
// If the class is using the ThrottlesLogins trait, we can automatically throttle
// the login attempts for this application. We'll key this by the username and
// the IP address of the client making these requests into this application.
$throttles = $this->isUsingThrottlesLoginsTrait();
if ($throttles && $this->hasTooManyLoginAttempts($request)) {
return $this->sendLockoutResponse($request);
}
$credentials = $this->getCredentials($request);
if (Auth::guard($this->getGuard())->attempt($credentials, $request->has('remember'))) {
return $this->handleUserWasAuthenticated($request, $throttles);
}
// If the login attempt was unsuccessful we will increment the number of attempts
// to login and redirect the user back to the login form. Of course, when this
// user surpasses their maximum number of attempts they will get locked out.
if ($throttles) {
$this->incrementLoginAttempts($request);
}
return $this->sendFailedLoginResponse($request);
}
当点击登录按钮时,它似乎显示了 csrf 令牌值,甚至没有点击 AuthenticatesUsers 特征中的 postLogin 方法。如果您想要一个实际示例,可以转到 http://www.dorothea.co.za/auth/login 并单击屏幕顶部的“登录”滑动面板,然后单击“登录”。
只是回答我上面的问题,问题出在 app/Http/Middleware/VerifyCsrfToken.php class 的 tokensMatch 方法中。这是导致问题的代码:
echo($request->header('X-CSRF-Token') .' '. $request->input('_token'));
die();
我认为我没有对此文件进行任何更改,所以请注意您是否正在使用身份验证并且 laravel 的版本是 5.2.7。