使用中间件进行后台权限验证
创建中间件
php artisan make:middleware AdminMiddleware
执行后会在app/Http/Middleware目录下生成AdminMiddleware.php文件
在AdminMiddleware类handle方法中使用Auth验证
use Auth;
public function handle($request, Closure $next)
{
if(!Auth::guard('admin')->check()){
return redirect('/admin/login');
}
return $next($request);
}
路由中挂载此中间件
配置app/Http/Kernel.php
protected $routeMiddleware = [
'admin.auth' => AdminMiddleware::class, //在路由中挂载登录验证中间件
'auth' => \App\Http\Middleware\Authenticate::class,
'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
'bindings' => \Illuminate\Routing\Middleware\SubstituteBindings::class,
'cache.headers' => \Illuminate\Http\Middleware\SetCacheHeaders::class,
'can' => \Illuminate\Auth\Middleware\Authorize::class,
'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class,
'signed' => \Illuminate\Routing\Middleware\ValidateSignature::class,
'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class,
'verified' => \Illuminate\Auth\Middleware\EnsureEmailIsVerified::class,
];
在控制器中使用登录验证中间件
public function __construct()
{
//登录验证中间件
$this->middleware('admin.auth')->except(['loginForm','login']);
}
except() 排除loginForm、login方法
Auth&guard完成退出功能
退出方法
public function logout()
{
Auth::guard('admin')->logout();
return redirect('/admin/login');
}
