Laravel 7 中间件 - 如何为某些 views/blade 文件的未验证 users/guests 创建分组中间件
Laravel 7 Middleware - How to create grouped middleware for non-authenticated users/guests for certain views/blade files
我为注册用户创建了一个群中间件。如果用户通过身份验证并登录,则用户将能够访问中间件内的视图/页面,否则他们将重定向到带有错误消息的页面。
但是当我访问 login 的视图时,它还会将我重定向到一个针对未授权用户的页面(针对未经过身份验证的用户的页面),甚至非用户可以访问的注册视图、密码重置视图和其他页面。
如何分离这些页面,以便无需登录或验证即可访问它们?
这是我名为 UserMiddleware 的中间件的代码:
<?php
namespace App\Http\Middleware;
use Closure;
class UserMiddleware
{
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
if (!$request->user())
{
return redirect('unauthorized');
}
return $next($request);
}
}
这是我的分组路线和其他路线的代码web.php:
<?php
use Illuminate\Support\Facades\Route;
use Spatie\Activitylog\Models\Activity;
Route::get('/', function () {
return view('welcome');
});
//Views for non-users/not logged-in users
Route::view('unauthorized', 'unauthorized');
Route::get('/home', 'HomeController@index')->name('home');
Route::get('/showLoginForm', 'LoginController@showLoginForm');
Route::group(['middleware' => ['user_middleware']], function() //Group middleware for authenticated / logged-in users
{
Auth::routes();
Route::get('/logout', 'Auth\LoginController@logout');
Route::resource('master/vendor', 'Master\VendorController');
Route::get('vendor/datatable', 'Master\VendorController@datatable')->name('vendor/datatable');
Route::resource('master/product', 'Master\ProductController');
Route::get('product/datatable', 'Master\ProductController@datatable')->name('product/datatable');
Route::get('product/datatableTrash', 'Master\ProductController@datatableTrash')->name('product/datatableTrash');
Route::post('product/undoTrash/{id}', 'Master\ProductController@undoTrash')->name('product/undoTrash/{id}');
Route::get('master/product/history/{id}', 'Master\ProductController@history')->name('master/product/history/{id}');
Route::resource('transaction/purchase-order', 'Transaction\PurchaseController');
Route::get('transaction/purchase-order/vendor/popup_media', 'Transaction\PurchaseController@popup_media_vendor')->name('transaction/purchase-order/vendor/popup_media');
Route::get('transaction/purchase-order/product/popup_media/{id_count}', 'Transaction\PurchaseController@popup_media_product')->name('transaction/purchase-order/product/popup_media/{id_count}');
Route::get('browse-product/datatable', 'Master\ProductController@datatable_product')->name('browse-product/datatable');
Route::get('browse-vendor/datatable', 'Master\VendorController@datatable_vendor')->name('browse-vendor/datatable');
Route::get('purchase-order/datatable', 'Transaction\PurchaseController@datatable')->name('purchase-order/datatable');
Route::post('transaction/purchase-order/receive/{id}', 'Transaction\PurchaseController@received')->name('transaction/purchase-order/received/{id}');
Route::get('transaction/purchase-order/print/{id}', 'Transaction\SaleController@print')->name('transaction/purchase-order/print/{id}');
Route::resource('transaction/sales', 'Transaction\SaleController');
Route::get('transaction/sales/product/popup_media/{id_count}', 'Transaction\SaleController@popup_media_product')->name('transaction/sales/product/popup_media/{id_count}');
Route::get('sales/datatable', 'Transaction\SaleController@datatable')->name('sales/datatable');
Route::get('transaction/sales/print/{id}', 'Transaction\SaleController@print')->name('transaction/sales/print/{id}');
Route::get('transaction/stock', 'Transaction\StockController@index')->name('transaction/stock');
Route::get('transaction/stock/product/popup_media', 'Transaction\StockController@popup_media_product')->name('transaction/stock/product/popup_media');
Route::post('transaction/stock', 'Transaction\StockController@update')->name('transaction/stock');
Route::get('stock/report', 'Transaction\StockController@report')->name('stock/report');
Route::resource('user', 'UserController');
Route::get('/datatable_Activities', 'UserController@datatable_Activities')->name('datatable_Activities');
Route::get('/RecentActivities', 'UserController@RecentActivities')->name('RecentActivities');
Route::get('/password', 'UserController@Password');
//Route::get('/calendar', 'UserController@Calendar');
Route::post('user/updatePassword', 'UserController@updatePassword')->name('user.updatePassword');
});
我的 Kernel.php 片段代码:
protected $middlewareGroups = [
'web' => [
\App\Http\Middleware\EncryptCookies::class,
\Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class,
\Illuminate\Session\Middleware\StartSession::class,
\Illuminate\Session\Middleware\AuthenticateSession::class,
\Illuminate\View\Middleware\ShareErrorsFromSession::class,
\App\Http\Middleware\VerifyCsrfToken::class,
\Illuminate\Routing\Middleware\SubstituteBindings::class,
],
'api' => [
'throttle:60,1',
\Illuminate\Routing\Middleware\SubstituteBindings::class,
],
'user_middleware' => [
\App\Http\Middleware\UserMiddleware::class,
]
];
这是我的问题演示:
在 'user_middleware' 之外放置 Auth::routes() 应该是这种情况下的正确方法。
我为注册用户创建了一个群中间件。如果用户通过身份验证并登录,则用户将能够访问中间件内的视图/页面,否则他们将重定向到带有错误消息的页面。
但是当我访问 login 的视图时,它还会将我重定向到一个针对未授权用户的页面(针对未经过身份验证的用户的页面),甚至非用户可以访问的注册视图、密码重置视图和其他页面。
如何分离这些页面,以便无需登录或验证即可访问它们?
这是我名为 UserMiddleware 的中间件的代码:
<?php
namespace App\Http\Middleware;
use Closure;
class UserMiddleware
{
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
if (!$request->user())
{
return redirect('unauthorized');
}
return $next($request);
}
}
这是我的分组路线和其他路线的代码web.php:
<?php
use Illuminate\Support\Facades\Route;
use Spatie\Activitylog\Models\Activity;
Route::get('/', function () {
return view('welcome');
});
//Views for non-users/not logged-in users
Route::view('unauthorized', 'unauthorized');
Route::get('/home', 'HomeController@index')->name('home');
Route::get('/showLoginForm', 'LoginController@showLoginForm');
Route::group(['middleware' => ['user_middleware']], function() //Group middleware for authenticated / logged-in users
{
Auth::routes();
Route::get('/logout', 'Auth\LoginController@logout');
Route::resource('master/vendor', 'Master\VendorController');
Route::get('vendor/datatable', 'Master\VendorController@datatable')->name('vendor/datatable');
Route::resource('master/product', 'Master\ProductController');
Route::get('product/datatable', 'Master\ProductController@datatable')->name('product/datatable');
Route::get('product/datatableTrash', 'Master\ProductController@datatableTrash')->name('product/datatableTrash');
Route::post('product/undoTrash/{id}', 'Master\ProductController@undoTrash')->name('product/undoTrash/{id}');
Route::get('master/product/history/{id}', 'Master\ProductController@history')->name('master/product/history/{id}');
Route::resource('transaction/purchase-order', 'Transaction\PurchaseController');
Route::get('transaction/purchase-order/vendor/popup_media', 'Transaction\PurchaseController@popup_media_vendor')->name('transaction/purchase-order/vendor/popup_media');
Route::get('transaction/purchase-order/product/popup_media/{id_count}', 'Transaction\PurchaseController@popup_media_product')->name('transaction/purchase-order/product/popup_media/{id_count}');
Route::get('browse-product/datatable', 'Master\ProductController@datatable_product')->name('browse-product/datatable');
Route::get('browse-vendor/datatable', 'Master\VendorController@datatable_vendor')->name('browse-vendor/datatable');
Route::get('purchase-order/datatable', 'Transaction\PurchaseController@datatable')->name('purchase-order/datatable');
Route::post('transaction/purchase-order/receive/{id}', 'Transaction\PurchaseController@received')->name('transaction/purchase-order/received/{id}');
Route::get('transaction/purchase-order/print/{id}', 'Transaction\SaleController@print')->name('transaction/purchase-order/print/{id}');
Route::resource('transaction/sales', 'Transaction\SaleController');
Route::get('transaction/sales/product/popup_media/{id_count}', 'Transaction\SaleController@popup_media_product')->name('transaction/sales/product/popup_media/{id_count}');
Route::get('sales/datatable', 'Transaction\SaleController@datatable')->name('sales/datatable');
Route::get('transaction/sales/print/{id}', 'Transaction\SaleController@print')->name('transaction/sales/print/{id}');
Route::get('transaction/stock', 'Transaction\StockController@index')->name('transaction/stock');
Route::get('transaction/stock/product/popup_media', 'Transaction\StockController@popup_media_product')->name('transaction/stock/product/popup_media');
Route::post('transaction/stock', 'Transaction\StockController@update')->name('transaction/stock');
Route::get('stock/report', 'Transaction\StockController@report')->name('stock/report');
Route::resource('user', 'UserController');
Route::get('/datatable_Activities', 'UserController@datatable_Activities')->name('datatable_Activities');
Route::get('/RecentActivities', 'UserController@RecentActivities')->name('RecentActivities');
Route::get('/password', 'UserController@Password');
//Route::get('/calendar', 'UserController@Calendar');
Route::post('user/updatePassword', 'UserController@updatePassword')->name('user.updatePassword');
});
我的 Kernel.php 片段代码:
protected $middlewareGroups = [
'web' => [
\App\Http\Middleware\EncryptCookies::class,
\Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class,
\Illuminate\Session\Middleware\StartSession::class,
\Illuminate\Session\Middleware\AuthenticateSession::class,
\Illuminate\View\Middleware\ShareErrorsFromSession::class,
\App\Http\Middleware\VerifyCsrfToken::class,
\Illuminate\Routing\Middleware\SubstituteBindings::class,
],
'api' => [
'throttle:60,1',
\Illuminate\Routing\Middleware\SubstituteBindings::class,
],
'user_middleware' => [
\App\Http\Middleware\UserMiddleware::class,
]
];
这是我的问题演示:
在 'user_middleware' 之外放置 Auth::routes() 应该是这种情况下的正确方法。