Php laravel 5.2认证不';行不通
你好,我有一个超级威尔认证登录我的应用程序工作很好像6个月,但1天的用户,我不能再登录了 登录后我得到了Php laravel 5.2认证不';行不通,php,laravel,authentication,csrf,Php,Laravel,Authentication,Csrf,你好,我有一个超级威尔认证登录我的应用程序工作很好像6个月,但1天的用户,我不能再登录了 登录后我得到了 TokenMismatchException in VerifyCsrfToken.php line 67: 所以我尝试在VerifyCrsftoken上添加异常url,如下所示 protected $except = [ '/login' ]; 现在我在再次登录到登录页面后得到了重定向循环,我猜是auth返回false正确的电子邮件
TokenMismatchException in VerifyCsrfToken.php line 67:
protected $except = [
'/login'
];
Route::group(['middleware' => 'web'], function () {
Route::auth();
Route::get('/', 'WelcomeController@index');
Route::get('/home', 'AdminController@index');
Route::get('admin', 'AdminController@index');
Route::get('admin/tour', 'AdminController@tour');
});
<?php namespace App\Http\Controllers;
use App\Http\Requests;
use App\Http\Controllers\Controller;
use Illuminate\Http\Request;
use App\Booking;
use App\Booktour;
use App\Bookcustomer;
use App\Bookdiscount;
use App\Booktourpay;
use App\Customerorder;
use App\Tourdetail;
use App\Tourperiod;
use App\Tourlead;
use Session;
use View;
use Carbon\Carbon;
use Auth;
use Datetime;
use DB;
use Image;
use App\User;
class AdminController extends Controller {
public function __construct()
{
$this->middleware('auth');
}
public function index()
{
$count_customer = Bookcustomer::count();
$getuser = Auth::user()->name;
$booking_order = Booking::where('sales_name', '=',$getuser)
->orderby('created_at', 'DSEC')
->get();
$booktour_open = DB::table('tourlist')->where('status' ,'=', 'เปิดขาย')->count();
$tour = Booktour::where('status', 'เปิดขาย')
->orderby('depart_date', 'asc')
->get();
$unpaid = Booking::where('sales_name', '=', $getuser)
->where('status', 'รอเงินโอน')
->count();
$allbook_list = Booking::where('status', '=', "รอเงินโอน")->orderby('created_at', 'DSEC')->get();
$today_date = strtotime('now');
$payment_list = Booktourpay::Today()->get();
$user_list_payment = Booktourpay::where('create_by', '=', $getuser)->get();
return view('admin.home')
->with('booking_order', $booking_order)
->with('count_customer', $count_customer)
->with('booktour_open', $booktour_open)
->with('tour', $tour)
->with('unpaid', $unpaid)
->with('allbook_list', $allbook_list)
->with('payment_list', $payment_list)
->with('user_list_payment', $user_list_payment);
}
您需要从包含auth中间件的路由组中删除Route::auth()。试试看,它不起作用,我在登录后得到了重定向页面,就像这样“重定向到”。它就像在重定向后重置了auth会话一样
<?php
return [
/*
|--------------------------------------------------------------------------
| Authentication Defaults
|--------------------------------------------------------------------------
|
| This option controls the default authentication "guard" and password
| reset options for your application. You may change these defaults
| as required, but they're a perfect start for most applications.
|
*/
'defaults' => [
'guard' => 'web',
'passwords' => 'users',
],
/*
|--------------------------------------------------------------------------
| Authentication Guards
|--------------------------------------------------------------------------
|
| Next, you may define every authentication guard for your application.
| Of course, a great default configuration has been defined for you
| here which uses session storage and the Eloquent user provider.
|
| All authentication drivers have a user provider. This defines how the
| users are actually retrieved out of your database or other storage
| mechanisms used by this application to persist your user's data.
|
| Supported: "session", "token"
|
*/
'guards' => [
'web' => [
'driver' => 'session',
'provider' => 'users',
],
'api' => [
'driver' => 'token',
'provider' => 'users',
],
],
/*
|--------------------------------------------------------------------------
| User Providers
|--------------------------------------------------------------------------
|
| All authentication drivers have a user provider. This defines how the
| users are actually retrieved out of your database or other storage
| mechanisms used by this application to persist your user's data.
|
| If you have multiple user tables or models you may configure multiple
| sources which represent each model / table. These sources may then
| be assigned to any extra authentication guards you have defined.
|
| Supported: "database", "eloquent"
|
*/
'providers' => [
'users' => [
'driver' => 'eloquent',
'model' => App\User::class,
],
// 'users' => [
// 'driver' => 'database',
// 'table' => 'users',
// ],
],
/*
|--------------------------------------------------------------------------
| Resetting Passwords
|--------------------------------------------------------------------------
|
| Here you may set the options for resetting passwords including the view
| that is your password reset e-mail. You may also set the name of the
| table that maintains all of the reset tokens for your application.
|
| You may specify multiple password reset configurations if you have more
| than one user table or model in the application and you want to have
| separate password reset settings based on the specific user types.
|
| The expire time is the number of minutes that the reset token should be
| considered valid. This security feature keeps tokens short-lived so
| they have less time to be guessed. You may change this as needed.
|
*/
'passwords' => [
'users' => [
'provider' => 'users',
'email' => 'auth.emails.password',
'table' => 'password_resets',
'expire' => 60,
],
],
];
@extends('layouts.app')
@section('content')
<div class="container">
<div class="row">
<div class="col-md-8 col-md-offset-2">
<div class="panel panel-default">
<div class="panel-heading">Login</div>
<div class="panel-body">
<form class="form-horizontal" role="form" method="POST" action="{{ url('/login') }}">
{!! csrf_field() !!}
<div class="form-group{{ $errors->has('email') ? ' has-error' : '' }}">
<label class="col-md-4 control-label">E-Mail Address</label>
<div class="col-md-6">
<input type="email" class="form-control" name="email" value="{{ old('email') }}">
@if ($errors->has('email'))
<span class="help-block">
<strong>{{ $errors->first('email') }}</strong>
</span>
@endif
</div>
</div>
<div class="form-group{{ $errors->has('password') ? ' has-error' : '' }}">
<label class="col-md-4 control-label">Password</label>
<div class="col-md-6">
<input type="password" class="form-control" name="password">
@if ($errors->has('password'))
<span class="help-block">
<strong>{{ $errors->first('password') }}</strong>
</span>
@endif
</div>
</div>
<div class="form-group">
<div class="col-md-6 col-md-offset-4">
<div class="checkbox">
<label>
<input type="checkbox" name="remember"> Remember Me
</label>
</div>
</div>
</div>
<div class="form-group">
<div class="col-md-6 col-md-offset-4">
<button type="submit" class="btn btn-primary">
<i class="fa fa-btn fa-sign-in"></i>Login
</button>
<a class="btn btn-link" href="{{ url('/password/reset') }}">Forgot Your Password?</a>
</div>
</div>
</form>
</div>
</div>
</div>
</div>
</div>
@endsection