Laravel Multi-user authentication system use case analysis

This time to bring you laravel multi-user authentication system use case analysis, laravel multi-user authentication system use of the note what, the following is the actual case, together to see.

Objective

Since Laravel5.2, the AUTH certification system has been able to support multiple role certifications. That means you can use the same auth system to achieve authentication, even if you have both roles of administrator and normal user.

This article will give you a detailed introduction about the Laravel multi-user authentication system related content, share out for everyone to reference the study, the following words do not say, come together to see the detailed introduction bar.

#1 automatically generate code

Laravel's own auth can generate the associated authentication controller, template, and routing through a single line of commands:

PHP Artisan Make:auth

This will generate a Authcontroller authentication controller and HomeController Universal controller, this controller is useless, that is, the login to jump after success, there are some login registration required template files, in the Resource/view inside to see to know , but also in the routing file to generate the relevant authentication route, the source code \Illuminate\Routing\Router::auth(); , in fact, is configured with some login registration:

Public Function auth () {  //authentication Routes  ... $this->get (' login ', ' auth\authcontroller@showloginform ');  $this->post (' login ', ' auth\authcontroller@login ');  $this->get (' logout ', ' auth\authcontroller@logout ');  Registration Routes  ... $this->get (' register ', ' Auth\authcontroller@showregistrationform ');  $this->post (' register ', ' Auth\authcontroller@register ');  Password Reset Routes  ... $this->get (' Password/reset/{token} ', ' Auth\passwordcontroller@showresetform ');  $this->post (' Password/email ', ' auth\passwordcontroller@sendresetlinkemail ');  $this->post (' Password/reset ', ' auth\passwordcontroller@reset '); }

#2 auth.php File Configuration

This is a certification-related configuration file, it is estimated that many people can not understand some of the concepts, such as guard and provider
These, the documentation is basically not written. So what is a guard in the end? This can be understood as a character, in guards
Each item in the array is a role, with the default of two types of Web and API, which indicates that both roles are currently used in the authentication system. Of course, these two will certainly not meet our requirements, so we will generally customize some of the guard. Custom is also very simple, that is, in the guards array to add an item, where driver is to indicate how the authentication to save the user state, is generally stored in the session, and provider is the following provider array of an item, then provider is what ghost? This better understand, you want to achieve user authentication is sure to save the user name password right, then provider is to tell Laravel your user information saved in which table, driver is told to use that way to operate the database.

#3 Certification

In fact, Laravel automatically generated code can meet the requirements of login registration, but each guard needs a authcontroller, then how to common one authentication controller? This is where guard is used, because it can represent a user's identity for different logic. However, this guard cannot be acquired in the authentication controller, so we can do so by routing parameters. Define a routing group:

Route::group ([' prefix ' = ' {guard} '],function () {Route::auth ();});

In this routing group we set the prefix to the guard parameter so that we can get the current guard in the Authcontroller. In general, we get the route parameters are obtained through the dependency injection request instance, but there is also a pit that is I before the 5.1 version of the route parameters can be

$request->input (' key ')

So to get, but in 5.2 It's gone, must pass

$request->key

, or just get it directly from the routing instance, and don't know what the reason is. Some trait are used in the Authcontroller controller, which is the logic that implements the authentication registration, which can be customized by overriding the properties of some controllers. Including and $redirectTo $guard $username so on, and so on, these are the first to see the success of the login jump, the second is to define the current use of the guard, the third is the authentication used by the User name field. So we can customize it by acquiring the guard in the authentication controller.

#4 Route Protection

Generally do authentication system, are to protect the route, then how to protect the route? The document says to add a auth middleware to the route that needs to be protected, so what is the truth? This is true, but the document does not say that the route through the Auth middleware protection must also be added to the Web middleware, must also add Web middleware, must also add Web middleware, important things to say three times ah, otherwise what will happen? Whether your certification success or failure is going to jump to/this route, this big pit to pay attention to! Of course, you can also specify the guard in the middleware to let Laravel know through the authentication, if not specified is used in the configuration file default:

Route::get (' profile ', [' middleware ' = ' auth:api ', ' uses ' = ' profilecontroller@show ']);

#5 Get User Instances

After certification, you can obtain the current authenticated user instance through the auth façade.

$user = Auth::user ();

One more note is that the above method is obtained by default in the configuration file of the guard, if you are currently logged in the Guard is not in the configuration file, it must be like this to obtain:

$user = Auth::guard (' guard ')->user ();

#6 Summary

Always, Laravel5.2 comes with the auth system is still very easy to use, but there are some small pits documents did not say clearly, after several times can be very familiar with, can give us a lot of savings in development time.

Believe that you have read the case of this article you have mastered the method, more exciting please pay attention to the PHP Chinese network other related articles!

Recommended reading:

PHP Builder using steps

Php namespace namespace definition and import use case analysis