认证相干路由
# AuthRouteMethods.php# 登录退出$this->get('login', 'Auth\LoginController@showLoginForm')->name('login');$this->post('login', 'Auth\LoginController@login');$this->post('logout', 'Auth\LoginController@logout')->name('logout');# 注册$this->get('register', 'Auth\RegisterController@showRegistrationForm')->name('register');$this->post('register', 'Auth\RegisterController@register');# 重置明码$this->get('password/reset', 'Auth\ForgotPasswordController@showLinkRequestForm')->name('password.request');$this->post('password/email', 'Auth\ForgotPasswordController@sendResetLinkEmail')->name('password.email');$this->get('password/reset/{token}', 'Auth\ResetPasswordController@showResetForm')->name('password.reset');$this->post('password/reset', 'Auth\ResetPasswordController@reset')->name('password.update');$this->get('password/confirm', 'Auth\ConfirmPasswordController@showConfirmForm')->name('password.confirm');$this->post('password/confirm', 'Auth\ConfirmPasswordController@confirm');# 邮箱验证$this->get('email/verify', 'Auth\VerificationController@show')->name('verification.notice');$this->get('email/verify/{id}/{hash}', 'Auth\VerificationController@verify')->name('verification.verify');$this->post('email/resend', 'Auth\VerificationController@resend')->name('verification.resend');相干概念
认证配置文件:config/auth.php。
守卫 Guard:对用户进行身份验证,默认反对"session" 和 "token",能够在守卫中设置应用的提供者。
提供者 Provider:应用何种形式在数据库中查找用户,默认反对"eloquent" 和 "database",能够在守卫中设置应用的模型类。
模型类:默认为 App\User::class。
配置文件
# config/auth.phpreturn [ 'defaults' => [ 'guard' => 'web', 'passwords' => 'users', ], 'guards' => [ 'web' => [ 'driver' => 'session', 'provider' => 'users', ], 'api' => [ 'driver' => 'token', 'provider' => 'users', 'hash' => false, ], ], 'providers' => [ 'users' => [ 'driver' => 'eloquent', 'model' => App\User::class, ], ], 'passwords' => [ 'users' => [ 'provider' => 'users', 'table' => 'password_resets', 'expire' => 60, 'throttle' => 60, ], ], 'password_timeout' => 10800,];注册逻辑
use Illuminate\Support\Facades\Auth;$user = User::create([ 'name' => $data['name'], 'email' => $data['email'], 'password' => Hash::make($data['password']), ]);$this->guard()->login($user);登录逻辑
$credentials = $request->only('email', 'password');$credentials['active'] = 1;if ($this->guard()->attempt($credentials, $request->filled('remember'))) { $request->session()->regenerate(); return redirect()->intended('dashboard');}退出逻辑
$this->guard()->logout();$request->session()->invalidate();$request->session()->regenerateToken();自定义看管器
use Illuminate\Support\Facades\Auth;protected function guard(){ // 默认:Auth::guard(); // 看管器名称须要与 auth.php 配置文件中的配置项之一相匹配 return Auth::guard('guard-name');}获取认证用户
use Illuminate\Support\Facades\Auth;// 获取以后通过认证的用户...$user = Auth::user();// 获取以后通过认证的用户 ID...$id = Auth::id();// 返回一个认证用户实例...use Illuminate\Http\Request;$request->user();检查用户是否已认证
use Illuminate\Support\Facades\Auth;if (Auth::check()) { // 用户曾经登录了...}其余登录办法
// 登录Auth::login($user);// 登录并记住给定用户...Auth::login($user, true);// 指定看管器实例登录Auth::guard('admin')->login($user);// 通过 ID 将用户登录到利用Auth::loginUsingId(1);//登录并记住给定用户...Auth::loginUsingId(1, true);// 仅验证一次用户身份,不应用 session 或 cookiesAuth::once($credentials)爱护路由
Laravel 自带了一个 auth 中间件,定义在 Illuminate\Auth\Middleware\Authenticate 中。因为这个中间件曾经在 HTTP 内核中注册,只需把这个中间件附加到路由定义中即可:
Route::get('profile', function () { // 只有认证过的用户能够进入...})->middleware('auth');# 或者public function __construct(){ $this->middleware('auth');}把 auth 中间件增加到路由时,能够同时指定应用哪个看管器进行用户认证。
指定的看管器应该对应 auth.php 配置文件中 guards 数组中的的一个键:
public function __construct(){ $this->middleware('auth:api');}