Php Laravel如何实现会话超时后锁定屏幕

我从互联网上尝试了很多方法，但都无法实现，我希望有人能给我一个实现的想法或方法，谢谢你的帮助。

假设你使用会话驱动程序来处理身份验证，你可以更改空闲会话在

/app/config/session.php文件。

/*
|--------------------------------------------------------------------------
| Session Lifetime
|--------------------------------------------------------------------------
|
| Here you may specify the number of minutes that you wish the session
| to be allowed to remain idle before it expires. If you want them
| to immediately expire on the browser closing, set that option.
|
*/

'lifetime' => 120,    // minutes

'expire_on_close' => false,

---

假设您正在使用会话驱动程序处理身份验证，您可以更改空闲会话在中过期的时间段

/app/config/session.php文件。

/*
|--------------------------------------------------------------------------
| Session Lifetime
|--------------------------------------------------------------------------
|
| Here you may specify the number of minutes that you wish the session
| to be allowed to remain idle before it expires. If you want them
| to immediately expire on the browser closing, set that option.
|
*/

'lifetime' => 120,    // minutes

'expire_on_close' => false,

---

让我举个例子。在

app\Http\middleware

文件夹中定义

SessionTimeout

中间件

<?php

namespace App\Http\Middleware;

use Closure;
use Auth;
use Session;

class SessionTimeout
{


     /**
     * Check the incoming request for session data, log out if session lifetime is exceeded.
     *
     * @param  \Illuminate\Http\Request  $request
     * @param  \Closure  $next
     * @return mixed
     */

     public function handle($request, Closure $next)
     {

        //$isLoggedIn = $request->path() != '/logout';

        $bag = Session::getMetadataBag();

        $max = $this->getTimeOut();

        if (($bag && $max < (time() - $bag->getLastUsed()))) {

            //$cookie = cookie('intend', $isLoggedIn ? url()->current() : 'auth/login');

            $email = Auth::user()->email;

            $returnPath = url()->current();

            $request->session()->flush(); // remove all the session data

            Auth::logout(); // logout user

            return redirect('auth/login')
                    ->withInput(compact('email', 'returnPath'))
                    //->withCookie($cookie)
                    ->withErrors(['Please login']);
            //you could also redirect to lock-screen, a completely different view 
            //and then pass the returnPath to controller method maybe via hidden filed
            //to redirect to the last page/path the user was on 
            //after successful re-login from the lock-screen.
        }

        return $next($request);


     }

     /**
     * Set a variable in .env file TIMEOUT (in seconds) to play around in the development machine.
     */
     protected function getTimeOut()
     {
        return (env('TIMEOUT')) ?: (config('session.lifetime') * 60);
     }
}  

}

然后在登录表单的视图中，通常位于

resources\views\auth\login.blade.php

class Kernel extends HttpKernel {
 /**
 * The application's global HTTP middleware stack.
 *
 * @var array
 */
 protected $middleware = [
      'Illuminate\Foundation\Http\Middleware\CheckForMaintenanceMode',
      'Illuminate\Cookie\Middleware\EncryptCookies',
      'Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse',
      'Illuminate\Session\Middleware\StartSession',
      'Illuminate\View\Middleware\ShareErrorsFromSession',
      'App\Http\Middleware\SessionTimeout'
 ];
 /**
 * The application's route middleware.
 *
 * @var array
 */
 protected $routeMiddleware = [
      'auth' => 'App\Http\Middleware\Authenticate',
      'auth.basic' => 'Illuminate\Auth\Middleware\AuthenticateWithBasicAuth',
      'guest' => 'App\Http\Middleware\RedirectIfAuthenticated'
 ];

@extend('app-layout')
@section('content')
    //code to display errors here

    @if($email) //check if the request has $email returned by SessionTimeout middleware
        //if so display lock screen like
        //code to display the profile image
        //code to display the user email (or whatever id is used)
    @else
        //display email input field for a new login
        //code to input the email (whatever id is used) for a new login
    @endif
    //here the code common for lock screen as well as new login.
    //code to display input password 
    //code for submit button and rest of the things like remember me field
@stop  

您还可以使用partials作为锁屏和新的登录表单，并基于

@if（$email）

显示

---

希望这能让您开始学习。

让我举个例子。在

app\Http\middleware

文件夹中定义

SessionTimeout

中间件

<?php

namespace App\Http\Middleware;

use Closure;
use Auth;
use Session;

class SessionTimeout
{


     /**
     * Check the incoming request for session data, log out if session lifetime is exceeded.
     *
     * @param  \Illuminate\Http\Request  $request
     * @param  \Closure  $next
     * @return mixed
     */

     public function handle($request, Closure $next)
     {

        //$isLoggedIn = $request->path() != '/logout';

        $bag = Session::getMetadataBag();

        $max = $this->getTimeOut();

        if (($bag && $max < (time() - $bag->getLastUsed()))) {

            //$cookie = cookie('intend', $isLoggedIn ? url()->current() : 'auth/login');

            $email = Auth::user()->email;

            $returnPath = url()->current();

            $request->session()->flush(); // remove all the session data

            Auth::logout(); // logout user

            return redirect('auth/login')
                    ->withInput(compact('email', 'returnPath'))
                    //->withCookie($cookie)
                    ->withErrors(['Please login']);
            //you could also redirect to lock-screen, a completely different view 
            //and then pass the returnPath to controller method maybe via hidden filed
            //to redirect to the last page/path the user was on 
            //after successful re-login from the lock-screen.
        }

        return $next($request);


     }

     /**
     * Set a variable in .env file TIMEOUT (in seconds) to play around in the development machine.
     */
     protected function getTimeOut()
     {
        return (env('TIMEOUT')) ?: (config('session.lifetime') * 60);
     }
}  

}

然后在登录表单的视图中，通常位于

resources\views\auth\login.blade.php

class Kernel extends HttpKernel {
 /**
 * The application's global HTTP middleware stack.
 *
 * @var array
 */
 protected $middleware = [
      'Illuminate\Foundation\Http\Middleware\CheckForMaintenanceMode',
      'Illuminate\Cookie\Middleware\EncryptCookies',
      'Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse',
      'Illuminate\Session\Middleware\StartSession',
      'Illuminate\View\Middleware\ShareErrorsFromSession',
      'App\Http\Middleware\SessionTimeout'
 ];
 /**
 * The application's route middleware.
 *
 * @var array
 */
 protected $routeMiddleware = [
      'auth' => 'App\Http\Middleware\Authenticate',
      'auth.basic' => 'Illuminate\Auth\Middleware\AuthenticateWithBasicAuth',
      'guest' => 'App\Http\Middleware\RedirectIfAuthenticated'
 ];

@extend('app-layout')
@section('content')
    //code to display errors here

    @if($email) //check if the request has $email returned by SessionTimeout middleware
        //if so display lock screen like
        //code to display the profile image
        //code to display the user email (or whatever id is used)
    @else
        //display email input field for a new login
        //code to input the email (whatever id is used) for a new login
    @endif
    //here the code common for lock screen as well as new login.
    //code to display input password 
    //code for submit button and rest of the things like remember me field
@stop  

您还可以使用partials作为锁屏和新的登录表单，并基于

@if（$email）

显示

---

希望这能让您开始。

您所说的“会话超时后锁定屏幕”是什么意思？用户登录超时，只需输入密码，而不是第二次登录，谢谢您的回复：）您的意思是在一段时间后自动注销吗？就是这样！软注销！“会话超时后锁定屏幕”是什么意思？用户登录超时，只需输入密码，而不是第二次登录，谢谢您的回复：）您的意思是一段时间后自动注销吗？就是这样！软注销！对不起，我的场景是登录页面和锁屏页面，我想在会话过期页面后跳转到锁屏，但我无法启动。对不起，我的场景是登录页面和锁屏页面，我想在会话过期页面后跳转到锁屏，但我不能开始。@KylinSky请与您分享解决方案found@KylinSky请分享您找到的解决方案