Php Laravel如何实现会话超时后锁定屏幕
我从互联网上尝试了很多方法,但都无法实现,我希望有人能给我一个实现的想法或方法,谢谢你的帮助。假设你使用会话驱动程序来处理身份验证,你可以更改空闲会话在 /app/config/session.php文件。Php Laravel如何实现会话超时后锁定屏幕,php,session,laravel-5,Php,Session,Laravel 5,我从互联网上尝试了很多方法,但都无法实现,我希望有人能给我一个实现的想法或方法,谢谢你的帮助。假设你使用会话驱动程序来处理身份验证,你可以更改空闲会话在 /app/config/session.php文件。 /* |-------------------------------------------------------------------------- | Session Lifetime |-----------------------------------------------
/*
|--------------------------------------------------------------------------
| Session Lifetime
|--------------------------------------------------------------------------
|
| Here you may specify the number of minutes that you wish the session
| to be allowed to remain idle before it expires. If you want them
| to immediately expire on the browser closing, set that option.
|
*/
'lifetime' => 120, // minutes
'expire_on_close' => false,
假设您正在使用会话驱动程序处理身份验证,您可以更改空闲会话在中过期的时间段 /app/config/session.php文件。
/*
|--------------------------------------------------------------------------
| Session Lifetime
|--------------------------------------------------------------------------
|
| Here you may specify the number of minutes that you wish the session
| to be allowed to remain idle before it expires. If you want them
| to immediately expire on the browser closing, set that option.
|
*/
'lifetime' => 120, // minutes
'expire_on_close' => false,
让我举个例子。在
app\Http\middleware
文件夹中定义SessionTimeout
中间件
<?php
namespace App\Http\Middleware;
use Closure;
use Auth;
use Session;
class SessionTimeout
{
/**
* Check the incoming request for session data, log out if session lifetime is exceeded.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
//$isLoggedIn = $request->path() != '/logout';
$bag = Session::getMetadataBag();
$max = $this->getTimeOut();
if (($bag && $max < (time() - $bag->getLastUsed()))) {
//$cookie = cookie('intend', $isLoggedIn ? url()->current() : 'auth/login');
$email = Auth::user()->email;
$returnPath = url()->current();
$request->session()->flush(); // remove all the session data
Auth::logout(); // logout user
return redirect('auth/login')
->withInput(compact('email', 'returnPath'))
//->withCookie($cookie)
->withErrors(['Please login']);
//you could also redirect to lock-screen, a completely different view
//and then pass the returnPath to controller method maybe via hidden filed
//to redirect to the last page/path the user was on
//after successful re-login from the lock-screen.
}
return $next($request);
}
/**
* Set a variable in .env file TIMEOUT (in seconds) to play around in the development machine.
*/
protected function getTimeOut()
{
return (env('TIMEOUT')) ?: (config('session.lifetime') * 60);
}
}
}
然后在登录表单的视图中,通常位于resources\views\auth\login.blade.php
class Kernel extends HttpKernel {
/**
* The application's global HTTP middleware stack.
*
* @var array
*/
protected $middleware = [
'Illuminate\Foundation\Http\Middleware\CheckForMaintenanceMode',
'Illuminate\Cookie\Middleware\EncryptCookies',
'Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse',
'Illuminate\Session\Middleware\StartSession',
'Illuminate\View\Middleware\ShareErrorsFromSession',
'App\Http\Middleware\SessionTimeout'
];
/**
* The application's route middleware.
*
* @var array
*/
protected $routeMiddleware = [
'auth' => 'App\Http\Middleware\Authenticate',
'auth.basic' => 'Illuminate\Auth\Middleware\AuthenticateWithBasicAuth',
'guest' => 'App\Http\Middleware\RedirectIfAuthenticated'
];
@extend('app-layout')
@section('content')
//code to display errors here
@if($email) //check if the request has $email returned by SessionTimeout middleware
//if so display lock screen like
//code to display the profile image
//code to display the user email (or whatever id is used)
@else
//display email input field for a new login
//code to input the email (whatever id is used) for a new login
@endif
//here the code common for lock screen as well as new login.
//code to display input password
//code for submit button and rest of the things like remember me field
@stop
您还可以使用partials作为锁屏和新的登录表单,并基于@if($email)
显示
希望这能让您开始学习。让我举个例子。在
app\Http\middleware
文件夹中定义SessionTimeout
中间件
<?php
namespace App\Http\Middleware;
use Closure;
use Auth;
use Session;
class SessionTimeout
{
/**
* Check the incoming request for session data, log out if session lifetime is exceeded.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
//$isLoggedIn = $request->path() != '/logout';
$bag = Session::getMetadataBag();
$max = $this->getTimeOut();
if (($bag && $max < (time() - $bag->getLastUsed()))) {
//$cookie = cookie('intend', $isLoggedIn ? url()->current() : 'auth/login');
$email = Auth::user()->email;
$returnPath = url()->current();
$request->session()->flush(); // remove all the session data
Auth::logout(); // logout user
return redirect('auth/login')
->withInput(compact('email', 'returnPath'))
//->withCookie($cookie)
->withErrors(['Please login']);
//you could also redirect to lock-screen, a completely different view
//and then pass the returnPath to controller method maybe via hidden filed
//to redirect to the last page/path the user was on
//after successful re-login from the lock-screen.
}
return $next($request);
}
/**
* Set a variable in .env file TIMEOUT (in seconds) to play around in the development machine.
*/
protected function getTimeOut()
{
return (env('TIMEOUT')) ?: (config('session.lifetime') * 60);
}
}
}
然后在登录表单的视图中,通常位于resources\views\auth\login.blade.php
class Kernel extends HttpKernel {
/**
* The application's global HTTP middleware stack.
*
* @var array
*/
protected $middleware = [
'Illuminate\Foundation\Http\Middleware\CheckForMaintenanceMode',
'Illuminate\Cookie\Middleware\EncryptCookies',
'Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse',
'Illuminate\Session\Middleware\StartSession',
'Illuminate\View\Middleware\ShareErrorsFromSession',
'App\Http\Middleware\SessionTimeout'
];
/**
* The application's route middleware.
*
* @var array
*/
protected $routeMiddleware = [
'auth' => 'App\Http\Middleware\Authenticate',
'auth.basic' => 'Illuminate\Auth\Middleware\AuthenticateWithBasicAuth',
'guest' => 'App\Http\Middleware\RedirectIfAuthenticated'
];
@extend('app-layout')
@section('content')
//code to display errors here
@if($email) //check if the request has $email returned by SessionTimeout middleware
//if so display lock screen like
//code to display the profile image
//code to display the user email (or whatever id is used)
@else
//display email input field for a new login
//code to input the email (whatever id is used) for a new login
@endif
//here the code common for lock screen as well as new login.
//code to display input password
//code for submit button and rest of the things like remember me field
@stop
您还可以使用partials作为锁屏和新的登录表单,并基于@if($email)
显示
希望这能让您开始。您所说的“会话超时后锁定屏幕”是什么意思?用户登录超时,只需输入密码,而不是第二次登录,谢谢您的回复:)您的意思是在一段时间后自动注销吗?就是这样!软注销!“会话超时后锁定屏幕”是什么意思?用户登录超时,只需输入密码,而不是第二次登录,谢谢您的回复:)您的意思是一段时间后自动注销吗?就是这样!软注销!对不起,我的场景是登录页面和锁屏页面,我想在会话过期页面后跳转到锁屏,但我无法启动。对不起,我的场景是登录页面和锁屏页面,我想在会话过期页面后跳转到锁屏,但我不能开始。@KylinSky请与您分享解决方案found@KylinSky请分享您找到的解决方案