Laravel 4 Laravel 4:如何保护组路由管理员和用户?
你好!请告诉我如何分割用户和管理员的路由?为了授权,用户访问了你的主页,只能移动到正确的路线,管理员出现在你的网页上,只能看到他们的路线。 我的文件routes.phpLaravel 4 Laravel 4:如何保护组路由管理员和用户?,laravel-4,Laravel 4,你好!请告诉我如何分割用户和管理员的路由?为了授权,用户访问了你的主页,只能移动到正确的路线,管理员出现在你的网页上,只能看到他们的路线。 我的文件routes.php Route::get('/', array( 'as' => 'home', 'uses' => 'HomeController@home' )); Route::group(array('before' => 'auth'), function(){ Route::group(array('befo
Route::get('/', array(
'as' => 'home',
'uses' => 'HomeController@home'
));
Route::group(array('before' => 'auth'), function(){
Route::group(array('before' => 'csrf'), function(){
Route::post('/account/change-password', array(
'as' => 'account-change-password-post',
'uses' => 'AccountController@postChangePassword'
));
});
Route::get('/account/change-password', array(
'as' => 'account-change-password',
'uses' => 'AccountController@getChangePassword'
));
Route::get('/user/{username}', array(
'as' => 'profile-user',
'uses' => 'ProfileController@user'
));
Route::get('/account/sign-out', array(
'as' => 'account-sign-out',
'uses' => 'AccountController@getSignOut'
));
});
Route::group(array('before' => 'admin'), function(){
Route::get('/dashboard', array(
'as' => 'dashboard',
'uses' => 'TiketsController@dashboard'
));
Route::get('/tiket-new', array(
'as' => 'tiket-new',
'uses' => 'TiketsController@tiketNew'
));
Route::get('/tiket-work', array(
'as' => 'tiket-work',
'uses' => 'TiketsController@tiketWork'
));
Route::get('/tiket-complete', array(
'as' => 'tiket-complete',
'uses' => 'TiketsController@tiketComplete'
));
Route::get('/tiket-arhive', array(
'as' => 'tiket-arhive',
'uses' => 'TiketsController@tiketArhive'
));
});
Route::group(array('before' => 'user'), function(){
Route::get('/user-dashboard', array(
'as' => 'user-dashboard',
'uses' => 'TiketsController@userDashboard'
));
});
My AccountController.php
public function postSignIn(){
$validator = Validator::make(Input::all(),
array(
'email' => 'required|email',
'password' => 'required'
));
if($validator->fails()){
return Redirect::route('account-sign-in')
->withErrors($validator)
->withInput();
} else {
$remember = (Input::has('remember')) ? true : false;
$auth = Auth::attempt(array(
'email' => Input::get('email'),
'password' => Input::get('password'),
'active' => 1
), $remember);
if($auth){
if (Auth::user()->role==5) {
return Redirect::intended('/dashboard');
}
if (Auth::user()->role==1) {
return Redirect::intended('/user-dashboard');
}
} else {
return Redirect::route('account-sign-in')
->with('global', 'Error');
}
}
不幸的是,当这种路由出现时,管理员和用户可以看到彼此的页面。请尽可能详细地告诉我,如何区分不同的用户组?您可以使用
Route::filter('pattern: admin/*', 'auth')
这场比赛的模式像
admin/cpanel
admin/dir/path/...
。
.
及
请告诉我,要写入文件filter.php或routes.php的过滤器是什么?这取决于您希望如何授权用户,默认情况下,“auth”过滤器将检查用户是否是来宾或已登录(如果来宾将其重定向到登录页面),您可以获取当前用户信息,并检查他是否有访问管理员页面的权限。。。
Route::filter('pattern: user/*', 'auth2')