为什么这个仪表板路由不遵循我的中间件逻辑?
Why doesn't this dashboard route follow my middleware logic?
我正在开发一个 Laravel 8 应用程序,它使用 Microsoft Azure 进行用户管理(包括登录)。
我开始在他们的网站上关注 this tutorial。
我在 dashboard 路由“下面”有这些路由,我想用一个自定义中间件来保护它们:
// Dashboard routes
Route::get('/dashboard', [DashboardContoller::class, 'index'])->name('dashboard');
Route::group(['prefix' => 'dashboard' , 'middleware' => ['checkSignedIn']], function() {
Route::get('/users', [UsersContoller::class, 'index']);
Route::get('/create-user', [UsersContoller::class, 'create']);
Route::get('/delete-user/{id}', [UsersContoller::class, 'delete']);
});
允许用户访问应用程序仪表板的条件是:
他们使用有效的 Microsoft 帐户登录
他们的电子邮件在一组允许的电子邮件中:
private $allowedEmails = [
'user.one@domain.com',
'user.two@domain.com',
'user.three@domain.com',
];
为此,我做了以下工作:
创建了 CheckSignedIn 中间件,php artisan make:middleware CheckSignedIn。
在app\Http\Kernel.php中注册了上述中间件:
protected $routeMiddleware = [
// More middleware
'checkSignedIn' => \App\Http\Middleware\CheckSignedIn::class,
];
在app\Http\Middleware\CheckSignedIn.php我有:
namespace App\Http\Middleware;
use Closure;
use Illuminate\Http\Request;
class CheckSignedIn {
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure(\Illuminate\Http\Request): (\Illuminate\Http\Response|\Illuminate\Http\RedirectResponse) $next
* @return \Illuminate\Http\Response|\Illuminate\Http\RedirectResponse
*/
private $allowedEmails = [
'user.one@domain.com',
'user.two@domain.com',
'user.three@domain.com',
];
public function handle(Request $request, Closure $next) {
$isSignedIn = null !== session('userName') && in_array(session('userEmail'), $this->allowedEmails);
if (!$isSignedIn) {
return redirect('/');
}
return $next($request);
}
}
问题
Evan 如果我 未 登录,我仍然可以看到仪表板(/dashboard 路线)。
这条线不应该也处理 /dashboard 路线吗?
Route::group(['prefix' => 'dashboard' , 'middleware' => ['checkSignedIn']], function() {
我做错了什么?
像这样更改路线:
// Dashboard routes
Route::group(['prefix' => 'dashboard', 'middleware' => ['checkSignedIn']], function() {
Route::get('/', [DashboardContoller::class, 'index'])->name('dashboard');
Route::get('/users', [UsersContoller::class, 'index']);
Route::get('/create-user', [UsersContoller::class, 'create']);
Route::get('/delete-user/{id}', [UsersContoller::class, 'delete']);
});
我正在开发一个 Laravel 8 应用程序,它使用 Microsoft Azure 进行用户管理(包括登录)。
我开始在他们的网站上关注 this tutorial。
我在 dashboard 路由“下面”有这些路由,我想用一个自定义中间件来保护它们:
// Dashboard routes
Route::get('/dashboard', [DashboardContoller::class, 'index'])->name('dashboard');
Route::group(['prefix' => 'dashboard' , 'middleware' => ['checkSignedIn']], function() {
Route::get('/users', [UsersContoller::class, 'index']);
Route::get('/create-user', [UsersContoller::class, 'create']);
Route::get('/delete-user/{id}', [UsersContoller::class, 'delete']);
});
允许用户访问应用程序仪表板的条件是:
他们使用有效的 Microsoft 帐户登录
他们的电子邮件在一组允许的电子邮件中:
private $allowedEmails = [ 'user.one@domain.com', 'user.two@domain.com', 'user.three@domain.com', ];
为此,我做了以下工作:
创建了 CheckSignedIn 中间件,php artisan make:middleware CheckSignedIn。
在app\Http\Kernel.php中注册了上述中间件:
protected $routeMiddleware = [
// More middleware
'checkSignedIn' => \App\Http\Middleware\CheckSignedIn::class,
];
在app\Http\Middleware\CheckSignedIn.php我有:
namespace App\Http\Middleware;
use Closure;
use Illuminate\Http\Request;
class CheckSignedIn {
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure(\Illuminate\Http\Request): (\Illuminate\Http\Response|\Illuminate\Http\RedirectResponse) $next
* @return \Illuminate\Http\Response|\Illuminate\Http\RedirectResponse
*/
private $allowedEmails = [
'user.one@domain.com',
'user.two@domain.com',
'user.three@domain.com',
];
public function handle(Request $request, Closure $next) {
$isSignedIn = null !== session('userName') && in_array(session('userEmail'), $this->allowedEmails);
if (!$isSignedIn) {
return redirect('/');
}
return $next($request);
}
}
问题
Evan 如果我 未 登录,我仍然可以看到仪表板(/dashboard 路线)。
这条线不应该也处理 /dashboard 路线吗?
Route::group(['prefix' => 'dashboard' , 'middleware' => ['checkSignedIn']], function() {
我做错了什么?
像这样更改路线:
// Dashboard routes
Route::group(['prefix' => 'dashboard', 'middleware' => ['checkSignedIn']], function() {
Route::get('/', [DashboardContoller::class, 'index'])->name('dashboard');
Route::get('/users', [UsersContoller::class, 'index']);
Route::get('/create-user', [UsersContoller::class, 'create']);
Route::get('/delete-user/{id}', [UsersContoller::class, 'delete']);
});