一者填,laravel前后臺分離砌庄,使用laravel自帶的auth認證
1, 放置的位置 : AppServiceProvider.php
<?php
namespace App\Providers;
use App\Models\Admin\Permission;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\Request;
use Illuminate\Support\Facades\Route;
use Illuminate\Support\Facades\URL;
use Illuminate\Support\ServiceProvider;
class AppServiceProvider extends ServiceProvider
{
/**
* Register any application services.
*
* @return void
*/
private $user;
public function register()
{
//
}
/**
* Bootstrap any application services.
*
* @return void
*/
public function boot()
{
if (!preg_match('/^admin/', Request::path())) {
// 全局變量使用蔫缸,前臺
view()->composer('*', function ($view) {
if (!isset($this->user)) {
$this->user = Auth::user();
$this->appendUserinfo($this->user);
}
$view->with('user', $this->user);
});
} else {
// 后臺
}
}
}
2泪姨,設置auth認證的session鍵 Auth::setDefaultDriver('admin'); 一般放在全局路由里肠槽,或者其他全局調(diào)用的文件,比如 AppServiceProvider.php
use Illuminate\Support\Facades\Auth;
/**
* laravel auth認證 前后臺分離認證 【前臺默認auth阔加,后臺admin】
* @method static \Illuminate\Auth\AuthManager extend(string $driver, \Closure $callback)
* @method static \Illuminate\Auth\AuthManager provider(string $name, \Closure $callback)
* @see \Illuminate\Auth\AuthManager
*
* Set the default authentication driver name.
*/
Auth::setDefaultDriver('admin');
use Illuminate\Support\Facades\Route;
use Illuminate\Support\Facades\Auth;
Route::namespace('Admin')->prefix('admin')->group(function () {
Auth::setDefaultDriver('admin');
// ........
}
3饵史,前后臺路由分離,創(chuàng)建 routes/admin.php
// RouteServiceProvider.php
/**
* TODO 新增后臺路由文件
*
* Define the "web" routes for the application.
*
* These routes all receive session state, CSRF protection, etc.
*
* @return void
*/
protected function mapAdminRoutes()
{
Route::middleware('web')
->namespace($this->namespace)
->group(base_path('routes/admin.php'));
}
// 新建 config\auth.php
'guards' => [
'web' => [
'driver' => 'session',
'provider' => 'users',
],
// Laravel Auth 后臺驗證登錄
'admin' => [
'driver' => 'session',
'provider' => 'admins',
],
'api' => [
'driver' => 'token',
'provider' => 'users',
'hash' => false,
],
],
/*
|--------------------------------------------------------------------------
| User Providers
|--------------------------------------------------------------------------
|
| All authentication drivers have a user provider. This defines how the
| users are actually retrieved out of your database or other storage
| mechanisms used by this application to persist your user's data.
|
| If you have multiple user tables or models you may configure multiple
| sources which represent each model / table. These sources may then
| be assigned to any extra authentication guards you have defined.
|
| Supported: "database", "eloquent"
|
*/
'providers' => [
'users' => [
'driver' => 'eloquent',
'model' => App\User::class,
],
// Laravel Auth 后臺驗證登錄
'admins' => [
'driver' => 'eloquent',
'model' => App\Admin::class,
],
// 'users' => [
// 'driver' => 'database',
// 'table' => 'users',
// ],
],
二,網(wǎng)上教程
Auth 認證原理簡述
Laravel 的認證是使用 guard 與 provider 配合完成胜榔, guard 負責認證的業(yè)務邏輯胳喷,認證信息的服務端保存等; provider 負責提供認證信息的持久化數(shù)據(jù)提供夭织。
請求提交給 guard吭露, guard 從 provider 里取出數(shù)據(jù)(類似用戶名、密碼等)尊惰,驗證輸入數(shù)據(jù)與服務器端存儲的數(shù)據(jù)是否吻合奴饮。如果提交的數(shù)據(jù)正確纬向,再做 session 等業(yè)務的處理(如有需要)。
認證腳手架
首先我們導入 Laravel 的自帶的認證腳手架
php artisan make:auth
執(zhí)行數(shù)據(jù)庫遷移:
php artisan migrate
修改 Auth 認證的配置文件 config/auth.php
在 gurads 處戴卜,添加 admin guard 用于后臺管理員認證
'guards' => [
'web' => [
'driver' => 'session',
'provider' => 'users',
],
'admin' => [
'driver' => 'session',
'provider' => 'admins',
],
'api' => [
'driver' => 'token',
'provider' => 'users',
],
],
在 providers 處添加 admins provider逾条,使用 Admin 模型
'providers' => [
'users' => [
'driver' => 'eloquent',
'model' => App\User::class,
],
'admins' => [
'driver' => 'eloquent',
'model' => App\Admin::class,
],
],
創(chuàng)建后臺管理員模型
我們再創(chuàng)建一個 Admin 模型,用于后臺管理員登錄驗證投剥。
php artisan make:model Admin -m
-m 參數(shù)會同時生成數(shù)據(jù)庫遷移文件 xxxx_create_admins_table
修改 app/Admin.php 模型文件
<?php
namespace App;
use Illuminate\Notifications\Notifiable;
use Illuminate\Foundation\Auth\User as Authenticatable;
class Admin extends Authenticatable
{
use Notifiable;
/**
* The attributes that are mass assignable.
*
* @var array
*/
protected $fillable = [
'name', 'password',
];
/**
* The attributes that should be hidden for arrays.
*
* @var array
*/
protected $hidden = [
'password', 'remember_token',
];
}
編輯 xxxx_create_admins_table 文件师脂,后臺管理員模型結(jié)構(gòu)與前臺用戶差不多,去掉 email 字段江锨,name 字段設為 unique
<?php
use Illuminate\Support\Facades\Schema;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Database\Migrations\Migration;
class CreateAdminsTable extends Migration
{
/**
* Run the migrations.
*
* @return void
*/
public function up()
{
Schema::create('admins', function (Blueprint $table) {
$table->increments('id');
$table->string('name')->unique();
$table->string('password');
$table->rememberToken();
$table->timestamps();
});
}
/**
* Reverse the migrations.
*
* @return void
*/
public function down()
{
Schema::dropIfExists('admins');
}
}
管理員模型填充數(shù)據(jù)
定義一個數(shù)據(jù)模型工廠吃警,在 database/factories/ModelFactory.php 中添加如下代碼
$factory->define(App\Admin::class, function (Faker\Generator $faker) {
static $password;
return [
'name' => $faker->firstName,
'password' => $password ?: $password = bcrypt('secret'),
'remember_token' => str_random(10),
];
});
使用 Faker 隨機填充用戶名
在 database/seeds 目錄下生成 AdminsTableSeeder.php 文件。
php artisan make:seeder AdminsTableSeeder
編輯 database/seeds/AdminsTableSeeder.php 文件的 run 方法啄育,添加3個管理員用戶酌心,密碼為 123456
public function run()
{
factory('App\Admin', 3)->create([
'password' => bcrypt('123456')
]);
}
在 database/seeds/DatabaseSeeder.php 的 run 方法里調(diào)用 AdminsTableSeeder 類
public function run()
{
$this->call(AdminsTableSeeder::class);
}
執(zhí)行數(shù)據(jù)庫遷移命令
php artisan migrate --seed
數(shù)據(jù)庫里會創(chuàng)建 admins 表,并且生成了3條數(shù)據(jù)
創(chuàng)建后臺頁面
創(chuàng)建控制器
php artisan make:controller Admin/LoginController
php artisan make:controller Admin/IndexController
其中挑豌, Admin/LoginController 負責登錄邏輯安券; Admin/IndexController 管理登錄后的首頁。
編輯 Admin/LoginController.php
<?php
namespace App\Http\Controllers\Admin;
use App\Http\Controllers\Controller;
use Illuminate\Foundation\Auth\AuthenticatesUsers;
class LoginController extends Controller
{
/*
|--------------------------------------------------------------------------
| Login Controller
|--------------------------------------------------------------------------
|
| This controller handles authenticating users for the application and
| redirecting them to your home screen. The controller uses a trait
| to conveniently provide its functionality to your applications.
|
*/
use AuthenticatesUsers;
/**
* Where to redirect users after login / registration.
*
* @var string
*/
protected $redirectTo = '/admin';
/**
* Create a new controller instance.
*
* @return void
*/
public function __construct()
{
$this->middleware('guest.admin', ['except' => 'logout']);
}
/**
* 顯示后臺登錄模板
*/
public function showLoginForm()
{
return view('admin.login');
}
/**
* 使用 admin guard
*/
protected function guard()
{
return auth()->guard('admin');
}
/**
* 重寫驗證時使用的用戶名字段
*/
public function username()
{
return 'name';
}
}
編輯 Admin/IndexController.php
<?php
namespace App\Http\Controllers\Admin;
use Illuminate\Http\Request;
use App\Http\Requests;
use App\Http\Controllers\Controller;
class IndexController extends Controller
{
/**
* 顯示后臺管理模板首頁
*/
public function index()
{
return view('admin.index');
}
}
后臺顯示模板
復制 views/layouts/app.blade.php 成 views/layouts/admin.blade.php
編輯后臺管理布局模板
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1">
<!-- CSRF Token -->
<meta name="csrf-token" content="{{ csrf_token() }}">
<title>{{ config('app.name', 'Laravel') }} - Admin</title>
<!-- Styles -->
<link href="{{ asset('css/app.css') }}" rel="stylesheet">
</head>
<body>
<nav class="navbar navbar-default navbar-static-top">
<div class="container">
<div class="navbar-header">
<!-- Collapsed Hamburger -->
<button type="button" class="navbar-toggle collapsed" data-toggle="collapse"
data-target="#app-navbar-collapse">
<span class="sr-only">Toggle Navigation</span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
</button>
<!-- Branding Image -->
<a class="navbar-brand" href="{{ url('/') }}">
{{ config('app.name', 'Laravel') }}
</a>
</div>
<div class="collapse navbar-collapse" id="app-navbar-collapse">
<!-- Left Side Of Navbar -->
<ul class="nav navbar-nav">
</ul>
<!-- Right Side Of Navbar -->
<ul class="nav navbar-nav navbar-right">
<!-- Authentication Links -->
@if (auth()->guard('admin')->guest())
<li><a href="{{ url('/admin/login') }}">Login</a></li>
{{--<li><a href="{{ route('register') }}">Register</a></li>--}}
@else
<li class="dropdown">
<a href="#" class="dropdown-toggle" data-toggle="dropdown" role="button"
aria-expanded="false" aria-haspopup="true">
{{ auth()->guard('admin')->user()->name }} <span class="caret"></span>
</a>
<ul class="dropdown-menu">
<li>
<a href="{{ url('/admin/logout')}}"
οnclick="event.preventDefault();
document.getElementById('logout-form').submit();">
Logout
</a>
<form id="logout-form" action="{{ url('/admin/logout')}}" method="POST"
style="display: none;">
{{ csrf_field() }}
</form>
</li>
</ul>
</li>
@endif
</ul>
</div>
</div>
</nav>
@yield('content')
<!-- Scripts -->
<script src="{{ asset('js/app.js') }}"></script>
</body>
</html>
復制 views/auth/login.blade.php 成 views/admin/login.blade.php
編輯該模板氓英,更改布局文件為 layouts.admin侯勉, 把表單的提交 url 改為 admin/login,email 字段改成 name字段铝阐,去掉找回密碼的部分
@extends('layouts.admin')
@section('content')
<div class="container">
<div class="row">
<div class="col-md-8 col-md-offset-2">
<div class="panel panel-default">
<div class="panel-heading">Admin Login</div>
<div class="panel-body">
<form class="form-horizontal" role="form" method="POST" action="{{ url('/admin/login') }}">
{{ csrf_field() }}
<div class="form-group{{ $errors->has('name') ? ' has-error' : '' }}">
<label for="name" class="col-md-4 control-label">Name</label>
<div class="col-md-6">
<input id="name" type="text" class="form-control" name="name" value="{{ old('name') }}" required autofocus>
@if ($errors->has('name'))
<span class="help-block">
<strong>{{ $errors->first('name') }}</strong>
</span>
@endif
</div>
</div>
<div class="form-group{{ $errors->has('password') ? ' has-error' : '' }}">
<label for="password" class="col-md-4 control-label">Password</label>
<div class="col-md-6">
<input id="password" type="password" class="form-control" name="password" required>
@if ($errors->has('password'))
<span class="help-block">
<strong>{{ $errors->first('password') }}</strong>
</span>
@endif
</div>
</div>
<div class="form-group">
<div class="col-md-6 col-md-offset-4">
<div class="checkbox">
<label>
<input type="checkbox" name="remember"> Remember Me
</label>
</div>
</div>
</div>
<div class="form-group">
<div class="col-md-8 col-md-offset-4">
<button type="submit" class="btn btn-primary">
Login
</button>
</div>
</div>
</form>
</div>
</div>
</div>
</div>
</div>
@endsection
復制 views/home.blade.php 成 views/admin/index.blade.php
編輯該模板
@extends('layouts.admin')
@section('content')
<div class="container">
<div class="row">
<div class="col-md-8 col-md-offset-2">
<div class="panel panel-default">
<div class="panel-heading">Dashboard</div>
<div class="panel-body">
You are logged in admin dashboard!
</div>
</div>
</div>
</div>
</div>
@endsection
添加后臺路由
編輯 routes/web.php址貌, 添加以下內(nèi)容
Route::group(['prefix' => 'admin'], function () {
Route::group(['middleware' => 'auth.admin'], function () {
Route::get('/', 'Admin\IndexController@index');
});
Route::get('login','Admin\LoginController@showLoginForm')->name('admin.login');
Route::post('login', 'Admin\LoginController@login');
Route::post('logout', 'Admin\LoginController@logout');
});
后臺管理認證中間件
創(chuàng)建后臺管理認證中間件
php artisan make:middleware AuthAdmin
編輯 AuthAdmin
<?php
namespace App\Http\Middleware;
use Closure;
class AuthAdmin
{
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
if (auth()->guard('admin')->guest()) {
if ($request->ajax() || $request->wantsJson()) {
return response('Unauthorized.', 401);
} else {
return redirect()->guest('admin/login');
}
}
return $next($request);
}
}
創(chuàng)建后臺管理登錄跳轉(zhuǎn)中間件,用于有些操作在登錄之后的跳轉(zhuǎn)
php artisan make:middleware GuestAdmin
編輯該中間件的 handle 方法
public function handle($request, Closure $next)
{
if (auth()->guard('admin')->check()) {
return redirect('/admin');
}
return $next($request);
}
在 app/Http/Kernel.php 中注冊以上中間件
protected $routeMiddleware = [
......
'auth.admin' => \App\Http\Middleware\AuthAdmin::class,
'guest.admin' => \App\Http\Middleware\GuestAdmin::class,
];
處理注銷
經(jīng)過上面的步驟徘键,已經(jīng)實現(xiàn)了前后臺分離登錄练对,但是不管是在前臺注銷,還是在后臺注銷吹害,都銷毀了所有的 session螟凭,導致前后臺注銷連在一起。所以我們還要對注銷的方法處理一下赠制。
原來的 logout 方法是這樣寫的,在 Illuminate\Foundation\Auth\AuthenticatesUsers 里
public function logout(Request $request)
{
$this->guard()->logout();
$request->session()->flush();
$request->session()->regenerate();
return redirect('/');
}
注意這一句
$request->session()->flush();
將所有的 session 全部清除挟憔,這里不分前臺钟些、后臺,所以要對這里進行改造绊谭。
因為前臺政恍、后臺注銷都要修改,所以我們新建一個 trait达传,前后臺都可以使用篙耗。
新建一個文件 app/Extensions/AuthenticatesLogout.php
<?php
namespace App\Extensions;
use Illuminate\Http\Request;
trait AuthenticatesLogout
{
public function logout(Request $request)
{
$this->guard()->logout();
$request->session()->forget($this->guard()->getName());
$request->session()->regenerate();
return redirect('/');
}
}
我們將上面的那一句改成
$request->session()->forget($this->guard()->getName());
只是刪除掉當前 guard 所創(chuàng)建的 session迫筑,這樣就達到了分別注銷的目的。
修改 Auth/LoginController.php 和 Admin/LoginController.php宗弯,將
class LoginController extends Controller
{
use AuthenticatesUsers;
改掉脯燃,在文件的前面別忘了加上 use 語句
use App\Extensions\AuthenticatesLogout;
class LoginController extends Controller
{
use AuthenticatesUsers, AuthenticatesLogout {
AuthenticatesLogout::logout insteadof AuthenticatesUsers;
}
到這里,就完成了整個不同用戶表登錄認證的過程蒙保。