我目前正在开发我的Laravel应用程序,为了防止垃圾邮件,我决定只有活跃用户才能登录。我目前正在使用Laravel的登录系统,就像在Laravel的官方网站教程中一样,这是我的表单操作:
<form class="form-horizontal" role="form" method="POST" action="{{ url('/auth/login') }}">
这完全可以正常工作,但是我想检查用户的活动,如果不处于活动状态,它将被重定向到激活页面,否则它将登录。有没有一种简单的方法来做到这一点,或者我有义务制作一个新的控制器,路由和更多的验证?谢谢。
编辑:忘记提到我的数据库中有一个“活动”列。
通过将此函数放在您的 :login()LoginController
public function login(\Illuminate\Http\Request $request) {
$this->validateLogin($request);
// If the class is using the ThrottlesLogins trait, we can automatically throttle
// the login attempts for this application. We'll key this by the username and
// the IP address of the client making these requests into this application.
if ($this->hasTooManyLoginAttempts($request)) {
$this->fireLockoutEvent($request);
return $this->sendLockoutResponse($request);
}
// This section is the only change
if ($this->guard()->validate($this->credentials($request))) {
$user = $this->guard()->getLastAttempted();
// Make sure the user is active
if ($user->active && $this->attemptLogin($request)) {
// Send the normal successful login response
return $this->sendLoginResponse($request);
} else {
// Increment the failed login attempts and redirect back to the
// login form with an error message.
$this->incrementLoginAttempts($request);
return redirect()
->back()
->withInput($request->only($this->username(), 'remember'))
->withErrors(['active' => 'You must be active to login.']);
}
}
// If the login attempt was unsuccessful we will increment the number of attempts
// to login and redirect the user back to the login form. Of course, when this
// user surpasses their maximum number of attempts they will get locked out.
$this->incrementLoginAttempts($request);
return $this->sendFailedLoginResponse($request);
}
建议以这种方式覆盖该方法,而不是此问题的许多其他答案,因为它允许您仍然使用Laravel 5.4 +的许多更高级的身份验证功能,例如登录限制,多个身份验证保护驱动程序/提供程序等,同时仍然允许您设置自定义错误消息。login()
更改或覆盖您的函数,如下所示:postLogin()AuthController
public function postLogin(Request $request)
{
$this->validate($request, [
'email' => 'required|email', 'password' => 'required',
]);
$credentials = $this->getCredentials($request);
// This section is the only change
if (Auth::validate($credentials)) {
$user = Auth::getLastAttempted();
if ($user->active) {
Auth::login($user, $request->has('remember'));
return redirect()->intended($this->redirectPath());
} else {
return redirect($this->loginPath()) // Change this to redirect elsewhere
->withInput($request->only('email', 'remember'))
->withErrors([
'active' => 'You must be active to login.'
]);
}
}
return redirect($this->loginPath())
->withInput($request->only('email', 'remember'))
->withErrors([
'email' => $this->getFailedLoginMessage(),
]);
}
此代码重定向回登录页,并显示有关用户处于非活动状态的错误消息。如果要重定向到身份验证页面,请更改我用注释标记的行。Change this to redirect elsewhere
在 Laravel 5.4 中,打开 Auth/LoginController.php
并添加此函数:
/**
* Get the needed authorization credentials from the request.
*
* @param \Illuminate\Http\Request $request
* @return array
*/
protected function credentials(\Illuminate\Http\Request $request)
{
//return $request->only($this->username(), 'password');
return ['email' => $request->{$this->username()}, 'password' => $request->password, 'status' => 1];
}
你完成了..!
