我将laravel 5.2与truste/zizaco一起使用。当用户进行身份验证时,他们拥有admin角色,但当我将dd(1(放入app_user角色中间件时,请求会输入它!!请求还输入admin和business_owner角色中间件。即使用户注销,之后他们的每个请求都会通过auth中间件!!
Route::group(['middleware' => 'auth'], function () {
Route::group(['middleware' => ['role:admin']], function (){
// Routes go here
});
Route::group(['middleware' => ['role:app_user']], function (){
// Routes go here
});
Route::group(['middleware' => ['role:business_owner']], function (){
// Routes go here
});
});
是的,请求应该进入认证中间件,您可以在中间件中编写代码。这是laravel内置的用于验证用户的中间件:
public function handle($request, Closure $next)
{
if ($this->auth->guest()) { // if user isn't authenticated
if ($request->ajax()) { // if request is ajax
return response('Unauthorized.', 401); // return 401 res
} else {
return redirect()->guest('login'); // else redirect login page
}
}
return $next($request); // return next res(e.g dashboard) if user is authenticated
}