问题
It is project requirement. where i have multiple logins but some user can not access few module. like super admin and analyst can access all module but developer can only use own controller.
so in this case , how can i guard a controller with multiple logins. also note that i have separate login page and table into Database.
for Example phonebookController can be access by super admin and analyst but not by developers. so please tell me how can i implement this?
i use this for ::
if( Auth::guard('superAdmin')->check() )
{ $author =Auth::guard('superAdmin')->User()->id ; }
else if( Auth::guard('analysts')->check() )
{ $author =Auth::guard('analysts')->User()->id; }
else
{ $author =Auth::guard('supervisor')->User()->id }
i want to use this into constructor method of class
回答1:
Here is my implementation for access control for admin and users(agents in my case)
I have a boolean
field in my user table(is_admin
) which is 0
for normal users and 1
for admins. so in my User model I did this
protected $casts = [
'is_admin' => 'boolean',
];
public function isAdmin()
{
return $this->is_admin;
}
Create a new middleware for the type of roles u want using
php artisan make:middleware Admin
php artisan make:middleware Agent
The middleware files will be created in App\Http\Middleware\
add this to class inside Admin.php
public function handle($request, Closure $next)
{
if ( Auth::check() && Auth::user()->isAdmin() )
{
return $next($request);
}
return redirect('/agent');
}
and this to Agent.php
public function handle($request, Closure $next)
{
if ( Auth::check() && !Auth::user()->isAdmin() )
{
return $next($request);
}
return redirect('/home');
}
After this register your middleware with laravel to do this add this to protected $routeMiddleware
in your Kernel.php which is located at app\Http\Kernel.php
'admin' => 'App\Http\Middleware\Admin',
'agent' => 'App\Http\Middleware\Agent',
make sure to create proper routes for redirection as we've mentioned in our middleware files. after this you are almost done. Now to verify if a user is admin or normal user add this to the constructor method of your controller.
Actions allowed only for admin users
public function __construct()
{
$this->middleware('auth');
$this->middleware('admin');
}
Action allowed only for normal users
public function __construct() {
$this->middleware('auth');
$this->middleware('agent');
}
来源:https://stackoverflow.com/questions/43558230/how-to-guard-a-controller-through-multiple-of-user