Laravel 5 Framework Learning user authentication, LARAVEL5 Framework Certification _php Tutorial

Source: Internet
Author: User

Laravel 5 Framework Learning user authentication, LARAVEL5 framework Certification

Laravel Factory has a user authentication system, we look at routes.php, if removed, add on:

Route::controllers ([  ' auth ' = ' auth\authcontroller ',  ' password ' = ' auth\passwordcontroller ']);

You can use PHP artisan route:list to view it. In the browser to access the/auth/login, you can see the login interface, it is best to put the system default app.blade.php about Google things, or you will be crazy.

You can use register, login, and even forget password.

The actual registration of a user, after the submission failed, actually did not fail, just larave automatically jump to/home, we have deleted this controller. You can use tinker to see what the user has built.

Trait is actually used in Auth\authcontroller, what is Triat? Well,php only supports single inheritance, adds trait in php5.4, and a trait is actually a package of methods that you can include in another class. Like an abstract class, you can't instantiate him directly.

There are references to trait in Auth\authcontroller:

Copy the Code code as follows:
Use Authenticatesandregistersusers;

Let's find him and see how it jumps after registration. He hides quite deep in the vendor/laravel/framework/src/illuminate/foundation/auth/authenticatesandregistersusers.php,wow.

Public Function Redirectpath () {if (Property_exists ($this, ' Redirectpath ')) {  return $this->redirectpath;}        If the user sets the Redirectto property, jumps to the user-set property, otherwise to home return property_exists ($this, ' Redirectto ')? $this->redirectto: '/home '; }

OK, we know, as long as the setting Redirectto this property can be customized after the registration of the jump. We modified in Auth\authcontotroller:

Copy the Code code as follows:
protected $redirectTo = ' articles ';

Let's use/auth/logout to make sure we exit, if something goes wrong, don't be afraid, we don't have the default home page, revisit: Auth/register Create a new user, this time should be OK.

Logout again, then login with login.

Now we can delete the hidden fields temporarily set in form_partial and then modify the controller:

  Public function Store (requests\articlerequest $request) {    //You can do this    //$request = $request->all ();    $request [' user_id '] = Auth::id ();    A simpler method    $article = Article::create ($request->all ());    Laravel automatic completion of foreign Key Association    Auth::user ()->articles ()->save ($article);    Return redirect (' articles ');  }

Add an article and then use Tinker to see it.

We certainly do not want anyone to be able to publish articles, at least for landing. We add protection to the controller:

  Public Function Create () {    if (auth::guest ()) {      return redirect (' articles ');    }    Return view (' Articles.create ');  }

The above code can work, there is a problem, we need to be in each method to protect the above processing, it is silly, fortunately we have middleware.

Middleware can be understood as a processing pipeline in which the middleware is processed at some point in the pipeline, which can be either a request or a response. Depending on the processing rules of the middleware, requests may be redirected or may be requested.

In the App/http/middleware contains three middleware, name can see what is doing, take a good look, notice, Closure $next represents the next middleware.

The middleware is registered in the app/http/kernel.php. The $middleware section declares the middleware that handles all HTTP, $routeMiddleware only for routing, and you must display a declaration to use one or several of these middleware.

Assuming we want to protect the entire articlescontroller, we add the middleware directly to the constructor:

  Public Function __construct () {    $this->middleware (' auth ');  }

Now, any method is protected.

But we may not want the entire controller to be protected, what if it's just one or two of these methods? We can deal with this:

  Public Function __construct () {    $this->middleware (' auth ', [' only ' = ' create ']);    Of course it can be reversed    //$this->middleware (' auth ', [' except ' = ' index ']);  }

We do not necessarily introduce middleware in the controller's constructor, we can declare it directly in the route:

Copy the Code code as follows:
Route::get (' About ', [' middleware ' = ' auth ', ' uses ' = ' pagescontroller@about ']);

The system middleware provided in kernel.php, such as ' Illuminate\foundation\http\middleware\checkformaintenancemode ', allows us to go into maintenance mode, such as the system on-line, But now it needs to be temporarily closed for a while, and we can work on the command line to see how this middleware works:

Copy the Code code as follows:
PHP Artisan Down

Visit the site to see any URL requests are immediately back. Website on-line:

Copy the Code code as follows:
PHP Artisan up

Let's make a middleware of our own:

Copy the Code code as follows:
PHP Artisan Make:middleware Demo

Then add the code:

Public function handle ($request, Closure $next) {    //If the request contains Foo, we go back to the controller home    if ($request->has (' foo ')) {      Return redirect (' articles ');    } Return $next ($request); }

If you want to use middleware for all requests, you need to register in the $middleware in kernel.php:

protected $middleware = [... ' App\http\middleware\demo ',];

Now we can test it, assuming we visit/articles/create?foo=bar, we are redirected to the home page.

Let's get rid of this display middleware and we'll create a really useful middleware. Suppose we want to protect a page that must be accessed by a manager.

Copy the Code code as follows:
PHP Artisan Make:middleware Redirectifnotamanager

Let's add the processing code:

Public function handle ($request, Closure $next) {    if (! $request->user () | |! $request->user () Isateammanager ()) {      return redirect (' articles ');    } return $next ($request);}

The following modifies our model:

  Public Function Isateammanager () {    return false;  }

For simplicity's sake, we return false directly. This time we put the middleware in the $routemiddleware in kernel.php.

protected $routeMiddleware = [... ' manager ' = ' App\http\middleware\redirectifnotamanager ',];

Let's do a test route test:

Route::get (' foo ', [' middleware ' + ' manager ', Function () () {return ' This page is only being  viewed by manager ';}]);

Guest identity access or login access will return to the home page, but if you modify Isateammanager () returns True, logon identity access can see the returned information.

The above is the whole content described in this article, I hope that we are familiar with the LARAVEL5 framework can be helpful. true techarticle Laravel 5 Framework Learning user authentication, LARAVEL5 Framework certification Laravel Factory has been shipped with a user authentication system, we look at routes.php, if deleted, add: Route:: ...

  • Related Article

    Contact Us

    The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

    If you find any instances of plagiarism from the community, please send an email to: and provide relevant evidence. A staff member will contact you within 5 working days.

    A Free Trial That Lets You Build Big!

    Start building with 50+ products and up to 12 months usage for Elastic Compute Service

    • Sales Support

      1 on 1 presale consultation

    • After-Sales Support

      24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.