你好,我正试图重定向任何试图登录的用户,谁有一个ban_status != 0
我想知道对我来说最好的方法是什么,我想只是注销它们并将它们重定向到一个被禁止的页面,但我只希望被禁止的用户访问这个页面,或者在表单上添加一个错误,说"你被禁止了"等。下面是我当前的代码:
public function login(Request $ Request){$ this -> validateLogin($请求);
// If the class is using the ThrottlesLogins trait, we can automatically throttle
// the login attempts for this application. We'll key this by the username and
// the IP address of the client making these requests into this application.
if ($lockedOut = $this->hasTooManyLoginAttempts($request)) {
$this->fireLockoutEvent($request);
return $this->sendLockoutResponse($request);
}
$credentials = $this->credentials($request);
if ($this->guard()->attempt($credentials, $request->has('remember'))) {
if ($this->guard()->user()->ban_status === 0) { // Check if the user is banned or not before allowing login
return $this->sendLoginResponse($request);
}
else {
$this->guard()->logout();
$request->session()->flush();
$request->session()->regenerate();
return redirect('/banned'); // If the user banned_status is set to 1, then they will be redirected to a banned page.
}
}
// If the login attempt was unsuccessful we will increment the number of attempts
// to login and redirect the user back to the login form. Of course, when this
// user surpasses their maximum number of attempts they will get locked out.
if (! $lockedOut) {
$this->incrementLoginAttempts($request);
}
return $this->sendFailedLoginResponse($request);
}
如果用户知道你的路由名,这个方法不会阻止他们直接访问你的其他路由。
你可以通过添加一个中间件来阻止这种情况,保护你所有的其他路由,如果中间件无法验证,将用户重定向到被禁止的页面。
请看这里:https://laravel.com/docs/5.3/middleware