Php Laravel 5.2:登录后应用程序丢失会话
我花了整整一天的时间试图解决这个问题,在谷歌上搜索了很多次 输入用户名和密码后,我会得到一个401未经授权的文件,但是在/storage/framework/session中创建了该文件 登录页面部分Php Laravel 5.2:登录后应用程序丢失会话,php,laravel,session,Php,Laravel,Session,我花了整整一天的时间试图解决这个问题,在谷歌上搜索了很多次 输入用户名和密码后,我会得到一个401未经授权的文件,但是在/storage/framework/session中创建了该文件 登录页面部分 <meta name="csrf-token" content="{{ csrf_token() }}"> ... <form class="login-form" action="admin/login" method="post">
<meta name="csrf-token" content="{{ csrf_token() }}">
...
<form class="login-form" action="admin/login" method="post">
<h3 class="form-title">Access Data</h3>
<div class="alert alert-danger display-hide">
<button class="close" data-close="alert"></button>
<span>
Username or password invalid. </span>
</div>
<div class="form-group">
<!--ie8, ie9 does not support html5 placeholder, so we just show field title for that-->
<label for="username" class="control-label visible-ie8 visible-ie9">Username</label>
<div class="input-icon">
<i class="fa fa-user"></i>
<input class="form-control placeholder-no-fix" type="text" autocomplete="off" placeholder="Username" name="username"/>
</div>
</div>
<div class="form-group">
<label for="password" class="control-label visible-ie8 visible-ie9">Password</label>
<div class="input-icon">
<i class="fa fa-lock"></i>
<input class="form-control placeholder-no-fix" type="password" autocomplete="off" placeholder="Password" name="password"/>
</div>
</div>
<div class="form-actions">
<label class="checkbox">
<input type="checkbox" name="remember" value="1"/> Remember me </label>
<button type="submit" id="submit" class="btn blue pull-right">
Login <i class="m-icon-swapright m-icon-white"></i>
</button>
</div>
<input type="hidden" name="_token" value="{{ csrf_token() }}" />
</form>
...
<script>
$('#submit').on('click', function (e) {
e.preventDefault();
data = $('form').serialize();
$.ajax({
'method': 'POST',
'url': 'admin/login',
'data': data,
'dataType': 'JSON',
'success': function (data) {
if (data.type === 'redirect') {
window.location.href = 'admin/dashboard';
} else {
console.log(data);
}
}
});
});
</script>
Route.php
/*
|--------------------------------------------------------------------------
| Routes File
|--------------------------------------------------------------------------
|
| Here is where you will register all of the routes in an application.
| It's a breeze. Simply tell Laravel the URIs it should respond to
| and give it the controller to call when that URI is requested.
|
*/
Route::get('/', function () {
return view('welcome');
});
/*
|--------------------------------------------------------------------------
| Application Routes
|--------------------------------------------------------------------------
|
| This route group applies the "web" middleware group to every route
| it contains. The "web" middleware group is defined in your HTTP
| kernel and includes session state, CSRF protection, and more.
|
*/
Route::group(['middleware' => ['web']], function () {
//Route::group(['prefix' => 'admin'], function() {
Route::get('admin', ['uses' => 'UsersController@getLogin']);
Route::post('admin/login', ['uses' => 'UsersController@doLogin']);
Route::post('admin/logout', ['uses' => 'UsersController@doLogout']);
//});
});
Route::group(['middleware' => ['web', 'auth']], function () {
//Route::group(['prefix' => 'admin'], function() {
Route::get('admin/dashboard', function() {
return view('admin/dashboard');
});
//});
});
UsersController.php
<?php
namespace App\Http\Controllers;
use Request, Validator, Redirect, Hash, Auth;
use Illuminate\Support\Facades\Input;
use App\Models\UsersAuth;
use App\Models\UsersModel;
class UsersController extends Controller {
function getLogin() {
return view('admin/index');
}
function doLogin() {
$validator = Validator::make(Input::all(), [
'username' => 'required',
'password' => 'required|alphaNum|min:5'
]);
if($validator->fails()) {
/*...*/
} else {
if(Auth::attempt(['username' => Input::get('username'), 'password' => Input::get('password'), 'active' => '1'])) {
if(Auth::check()) {
return json_encode(['type' => 'redirect']);
}
} else {
return json_encode(['type' => 'danger', 'msg' => 'Username or password is invalid.']);
}
}
}
}
在两天的搜索后,我认为应该将所有数据库列更改为默认名称,如id、用户名、密码等(在我使用002\u id、002\u用户名、002\u密码等之前…)。。。
更换后一切正常
在Laravel中,如果不修改基本身份验证类,您就不能使用自定义字段?O.O
没有信息的错误是什么?像“TokenMismatchException”…如果您没有做过很多更改,请再次尝试运行php artisan make:auth
。检查从ajax请求得到的响应,它是否包含会话cookie?对不起,我是Laravel 5.2的新手。如何检查Ajax请求和会话Cookie?如果我在doLogin函数中使用“Request$Request”参数,我会在laravel.log中得到“tokenmischException”错误,浏览器控制台代码为500内部服务器错误。如果没有更好的解决方案,很容易检查downvote,无需更改类基代码。您可以使用$primaryKey属性()更改模型使用的主键
<?php
namespace App\Http\Controllers;
use Request, Validator, Redirect, Hash, Auth;
use Illuminate\Support\Facades\Input;
use App\Models\UsersAuth;
use App\Models\UsersModel;
class UsersController extends Controller {
function getLogin() {
return view('admin/index');
}
function doLogin() {
$validator = Validator::make(Input::all(), [
'username' => 'required',
'password' => 'required|alphaNum|min:5'
]);
if($validator->fails()) {
/*...*/
} else {
if(Auth::attempt(['username' => Input::get('username'), 'password' => Input::get('password'), 'active' => '1'])) {
if(Auth::check()) {
return json_encode(['type' => 'redirect']);
}
} else {
return json_encode(['type' => 'danger', 'msg' => 'Username or password is invalid.']);
}
}
}
}
<?php
return [
/*
|--------------------------------------------------------------------------
| Authentication Defaults
|--------------------------------------------------------------------------
|
| This option controls the default authentication "guard" and password
| reset options for your application. You may change these defaults
| as required, but they're a perfect start for most applications.
|
*/
'defaults' => [
'guard' => 'web',
'passwords' => 'users',
],
/*
|--------------------------------------------------------------------------
| Authentication Guards
|--------------------------------------------------------------------------
|
| Next, you may define every authentication guard for your application.
| Of course, a great default configuration has been defined for you
| here which uses session storage and the Eloquent user provider.
|
| All authentication drivers have a user provider. This defines how the
| users are actually retrieved out of your database or other storage
| mechanisms used by this application to persist your user's data.
|
| Supported: "session", "token"
|
*/
'guards' => [
'web' => [
'driver' => 'session',
'provider' => 'users',
],
'api' => [
'driver' => 'token',
'provider' => 'users',
],
],
/*
|--------------------------------------------------------------------------
| User Providers
|--------------------------------------------------------------------------
|
| All authentication drivers have a user provider. This defines how the
| users are actually retrieved out of your database or other storage
| mechanisms used by this application to persist your user's data.
|
| If you have multiple user tables or models you may configure multiple
| sources which represent each model / table. These sources may then
| be assigned to any extra authentication guards you have defined.
|
| Supported: "database", "eloquent"
|
*/
'providers' => [
'users' => [
'driver' => 'eloquent',
'model' => App\Models\UsersAuth::class,
],
// 'users' => [
// 'driver' => 'database',
// 'table' => 'users',
// ],
],
/*
|--------------------------------------------------------------------------
| Resetting Passwords
|--------------------------------------------------------------------------
|
| Here you may set the options for resetting passwords including the view
| that is your password reset e-mail. You may also set the name of the
| table that maintains all of the reset tokens for your application.
|
| You may specify multiple password reset configurations if you have more
| than one user table or model in the application and you want to have
| separate password reset settings based on the specific user types.
|
| The expire time is the number of minutes that the reset token should be
| considered valid. This security feature keeps tokens short-lived so
| they have less time to be guessed. You may change this as needed.
|
*/
'passwords' => [
'users' => [
'provider' => 'users',
'email' => 'auth.emails.password',
'table' => 'password_resets',
'expire' => 60,
],
],
];
<?php
namespace App\Models;
use Illuminate\Foundation\Auth\User as Authenticatable;
class UsersAuth extends Authenticatable
{
/**
* Users db table.
*
* @var string
*/
protected $table = '002';
/**
* URL to redirect after login.
*
* @var string
*/
protected $redirectTo = 'admin/dashboard';
/**
* The attributes that are mass assignable.
*
* @var array
*/
protected $fillable = [
'username', 'email', 'password',
];
/**
* The attributes excluded from the model's JSON form.
*
* @var array
*/
protected $hidden = [
'password', 'remember_token',
];
}