Route::group([
'middleware' =>['JwtMiddleware', 'auth:api','can:isSuperAdmin'],
'prefix' => '/schools'
], function () {
Route::get('/', [SchoolController::class, 'index']);
});
我想添加一个额外的身份验证,比如只有具有super_admin角色的用户才能访问这个端点,具有super_adminrole的用户的user_id是1。如何像上面一样将中间件添加到我的路由中。。这个中间件的其他关系/重要代码是什么
您需要在中间件文件夹下创建一个中间件:
<?php
namespace AppHttpMiddleware;
use Closure;
class EnsureUserHasRole
{
/**
* Handle the incoming request.
*
* @param IlluminateHttpRequest $request
* @param Closure $next
* @param string $role
* @return mixed
*/
public function handle($request, Closure $next, $role)
{
if (! $request->user()->hasRole($role)) {
// Redirect...
}
return $next($request);
}
}
并将此中间件注册到您的app/Http/Kernel.php
:
protected $routeMiddleware = [
// ...
'role' => IlluminateAuthMiddlewareEnsureUserHasRole::class,
];
您的用户模型中还需要hasRole()
public function hasRole($role)
{
switch ($role) {
case 'isSuperAdmin':
return $this->super_admin;
}
}
毕竟你可以用它作为:
Route::group([
'middleware' => ['JwtMiddleware', 'auth:api', 'role:isSuperAdmin'],
'prefix' => '/schools'
], function () {
Route::get('/', [SchoolController::class, 'index']);
});