Php 允许角色=x或角色=y的登录尝试
我知道可以通过向尝试方法传递数组来向其添加Php 允许角色=x或角色=y的登录尝试,php,laravel-5,laravel-5.4,Php,Laravel 5,Laravel 5.4,我知道可以通过向尝试方法传递数组来向其添加where查询。但是,对于允许所有具有特定角色的用户登录的登录表单呢 /** * Attempt to log the user into the application. * * @param \Illuminate\Http\Request $request * @return bool */ protected function attemptLogin(Request $request) { $values = ['admin
where
查询。但是,对于允许所有具有特定角色的用户登录的登录表单呢
/**
* Attempt to log the user into the application.
*
* @param \Illuminate\Http\Request $request
* @return bool
*/
protected function attemptLogin(Request $request)
{
$values = ['admin', 'distributor']; //all roles that are allowed
foreach ($values as $value) {
if ($this->guard()->attempt(array_merge($this->credentials($request), ['role' => $value]), $request->has('remember'))) {
return true;
}
}
return false;
}
尝试所有值会导致大量查询,因此是否有更优雅的方法来检查用户是否允许登录
/**
* Attempt to log the user into the application.
*
* @param \Illuminate\Http\Request $request
* @return bool
*/
protected function attemptLogin(Request $request)
{
$values = ['admin', 'distributor']; //all roles that are allowed
foreach ($values as $value) {
if ($this->guard()->attempt(array_merge($this->credentials($request), ['role' => $value]), $request->has('remember'))) {
return true;
}
}
return false;
}
您必须手动登录用户
protected function attemptLogin(Request $request)
{
$values = ['admin', 'distributor']; //all roles that are
$user = App\User::where(array_except($this->credentials($request), 'password'))->whereIn('role', $values)->first();
if($user) {
$this->guard()->login($user, $request->has('remember'));
return true;
}
return false;
}
在yazfields的帮助下,我找到了一个很好的解决方案:
/**
* Attempt to log the user into the application.
*
* @param \Illuminate\Http\Request $request
* @return bool
*/
protected function attemptLogin(Request $request)
{
$query = User::query();
$query->where($this->username(), $request->get($this->username()));
$user = $query->whereIn('role', $this->allowedRoles)->first();
if ($user) {
return $this->guard()->attempt(
$this->credentials($request), $request->has('remember')
);
}
return false;
}
首先,您尝试通过用户的电子邮件地址(或用户名)获取用户,并使用角色对其进行筛选。如果您有匹配项,请再次尝试登录该用户。在这种情况下,您只需从Laravel展开
尝试登录
,最多可对登录尝试进行2次查询。@AlonEitan更新了我的问题这不起作用,因为我无法比较where子句中的密码
。@mimo啊,对不起,我忘记了,我会更新我的回答为什么您要再次尝试登录?只需登录user@yazfield我想检查是否允许用户登录。系统有多个入口点,其中一些入口点需要最低权限。