Fatal编程技术网
  • laravel-4/
  • Laravel 4 Laravel 4:如何保护组路由管理员和用户?

Laravel 4 Laravel 4:如何保护组路由管理员和用户?

laravel-4

Laravel 4 Laravel 4:如何保护组路由管理员和用户?,laravel-4,Laravel 4,你好!请告诉我如何分割用户和管理员的路由?为了授权,用户访问了你的主页,只能移动到正确的路线,管理员出现在你的网页上,只能看到他们的路线。 我的文件routes.php Route::get('/', array( 'as' => 'home', 'uses' => 'HomeController@home' )); Route::group(array('before' => 'auth'), function(){ Route::group(array('befo

你好!请告诉我如何分割用户和管理员的路由?为了授权,用户访问了你的主页,只能移动到正确的路线,管理员出现在你的网页上,只能看到他们的路线。 我的文件routes.php

Route::get('/', array(
'as' => 'home',
'uses' => 'HomeController@home'
));




Route::group(array('before' => 'auth'), function(){

Route::group(array('before' => 'csrf'), function(){

    Route::post('/account/change-password', array(
        'as' => 'account-change-password-post',
        'uses' => 'AccountController@postChangePassword'
    ));
});

Route::get('/account/change-password', array(
    'as' => 'account-change-password',
    'uses' => 'AccountController@getChangePassword'
));


Route::get('/user/{username}', array(
    'as' => 'profile-user',
    'uses' => 'ProfileController@user'
)); 

Route::get('/account/sign-out', array(
    'as' => 'account-sign-out',
    'uses' => 'AccountController@getSignOut'
));

});




Route::group(array('before' => 'admin'), function(){
Route::get('/dashboard', array(
    'as' => 'dashboard',
    'uses' => 'TiketsController@dashboard'
));

Route::get('/tiket-new', array(
    'as' => 'tiket-new',
    'uses' => 'TiketsController@tiketNew'
));

Route::get('/tiket-work', array(
    'as' => 'tiket-work',
    'uses' => 'TiketsController@tiketWork'
));

Route::get('/tiket-complete', array(
    'as' => 'tiket-complete',
    'uses' => 'TiketsController@tiketComplete'
));

Route::get('/tiket-arhive', array(
    'as' => 'tiket-arhive',
    'uses' => 'TiketsController@tiketArhive'
));
});


Route::group(array('before' => 'user'), function(){


Route::get('/user-dashboard', array(
    'as' => 'user-dashboard',
    'uses' => 'TiketsController@userDashboard'
));
});
My AccountController.php

public function postSignIn(){

    $validator = Validator::make(Input::all(), 
        array(
            'email'          => 'required|email',
            'password'       => 'required'
    ));

    if($validator->fails()){

        return Redirect::route('account-sign-in')
                ->withErrors($validator)
                ->withInput();
    } else {

        $remember = (Input::has('remember')) ? true : false;



        $auth = Auth::attempt(array(
            'email' => Input::get('email'),
            'password' => Input::get('password'),
            'active' => 1
        ), $remember);





        if($auth){
            if (Auth::user()->role==5) {

                return Redirect::intended('/dashboard');
            }
            if (Auth::user()->role==1) {

                return Redirect::intended('/user-dashboard');
            }


        } else {
            return Redirect::route('account-sign-in')
                ->with('global', 'Error');
        }
    }
不幸的是,当这种路由出现时,管理员和用户可以看到彼此的页面。请尽可能详细地告诉我,如何区分不同的用户组?

您可以使用

Route::filter('pattern: admin/*', 'auth')
这场比赛的模式像

admin/cpanel
admin/dir/path/...
。 .

请告诉我,要写入文件filter.php或routes.php的过滤器是什么?这取决于您希望如何授权用户,默认情况下,“auth”过滤器将检查用户是否是来宾或已登录(如果来宾将其重定向到登录页面),您可以获取当前用户信息,并检查他是否有访问管理员页面的权限。。。 
Route::filter('pattern: user/*', 'auth2')