用于管理员和用户角色的Laravel 5.4中间件

I created two Middleware called "MustBeAdmin" and "MustBeUser" to make sure depending on the user login I redirect them to the right page and restrict unauthorized content. Currently everything is working fine and redirects work well too. But the Logic I wrote behind the scene seems wrong to me and its weird it still works. If I write the logic that seems right to me atleast, it does not seem to work as expected.

Users table

id (1,2,3,...)
name
role (1,2,3,...)

Roles table

id (1,2,3,...)
role (Student, Admin,...)

MustBeAdmin middleware

public function handle($request, Closure $next)
    {
        if($request->user()->role == 2)
        {
            return $next($request);
        }
        else
        {
            return redirect('/admin/users');
        }

    }

MustBeUser middleware:

public function handle($request, Closure $next)
    { 
        if($request->user()->role == 1)
        {
            return $next($request);
        }
        else
        {
            return redirect('/admin/users');
        }

    }

kernel.php

'admin' => \App\Http\Middleware\MustBeAdmin::class,
'user' => \App\Http\Middleware\MustBeUser::class,

As you can see I have registered middlewares in kernel.

I am getting results exactly what I need but I doubt if the logic in middleware is correct?

1 = Student
2 = Admin

if you see in MustBeAdmin middleware I am comparing if user role is 2 (admin) then do next($request) and in MustBeUser middleware I am comparing if user role is 1 (Student) then do next($request) and I set else to /Admin directory.

I feel its wrong, what do you think?

写回答
好问题 0 提建议
追加酬金
关注问题
分享
邀请回答
编辑收藏删除结题
收藏举报

2条回答默认最新

关注

码龄粉丝数原力等级 --

被采纳

被点赞

采纳率
doukui4836 2017-05-13 04:12
关注
You are not checking the authenticated users details in your Middleware. The middleware should be something like:

//for student public function handle($request, Closure $next) { if ( Auth::check() && Auth::user()->role == 1 ) { return $next($request); } return redirect('/admin'); } //for admin public function handle($request, Closure $next) { if ( Auth::check() && Auth::user()->role == 2 ) { return $next($request); } return redirect('/student'); }

You should check my detailed answer on the same topic here
本回答被题主选为最佳回答 , 对您是否有帮助呢?

解决无用
评论打赏
分享
举报

评论

按下Enter换行，Ctrl+Enter发表内容

查看更多回答(1条)

报告相同问题？

关注问题

用于管理员和用户角色的Laravel 5.4中间件 php
2017-05-13 01:41

回答 2 已采纳 You are not checking the authenticated users details in your Middleware. The middleware should be
Laravel 5.4 MethodNotAllowedHttpException laravel php
2017-09-19 11:49

回答 6 已采纳 this is happening because you are making a request to wrong url it must be action="/admin/room/{{
如何在PHP 5.0到5.4的服务器上运行laravel 5.4网站？ laravel php
2017-09-29 02:39

回答 2 已采纳 There is no way around minimum PHP requirements. You would have to change providers or get your p
laravel 5.4 api.php,Laravel 5.4 api 允许跨域访问
2021-04-25 00:52

久作无端客的博客 Laravel 5.4 api 允许跨域访问需求: SPA单页应用请求接口, 报错XMLHttpRequest cannot load ...
Laravel 5.4改变了用户角色 laravel php
2017-03-18 23:15

回答 1 已采纳 try to pass the user id to your route and your form action and instead of post make it put for exa
Laravel 5.4认证 laravel php
2017-02-22 03:00

回答 1 已采纳 1- Check app/Exceptions/Handler.php That's where the redirect to login is. Function name is unauth
Laravel 5.4访问全局中间件中的$ errors变量 laravel php
2017-04-11 02:41

回答 1 已采纳 I found that the easiest way was to start the session and share the errors on the global middlewar
laravel 5.4 api.php,Laravel5.4 Api Token认证
2021-04-25 00:52

初小轨的博客本片文章，我们将使用前后端分离...问题api.php中接口使用中间件 middleware('auth:api')权限验证会出现问题： // 请求Api urlRoute::post('question/follower', function(Request $request){$followed = \App\Model...
如何在Laravel 5.4中使用验证码在auth中间件中 php
2018-01-30 12:10

回答 1 已采纳 Route login goes to LoginController::login() method. Add your validation rules to LoginController:
未找到Laravel 5.4'HTML'类 laravel php
2019-03-11 04:43

回答 2 已采纳 Make sure to use the same capitalization in config/app.php for the alias as you use elsewhere. Als
Laravel 5.4中的其他auth中间件 laravel php
2017-05-30 15:46

回答 2 已采纳 You're better off checking this when a user logins instead of using a middleware. Add this to the
laravel 5.4 api.php,php – Laravel 5.4：Api路由列表
2021-04-25 00:52

醉酒奶糖的博客我的路线/ api.php中有以下几行Route::middleware('api')->get('/posts', function (Request $request) {Route::resource('posts','ApiControllers\PostsApiController');});当我点击...
找不到主题和插件tinymce laravel 5.4 laravel php
2018-04-16 23:19

回答 1 已采纳 If TinyMCE is not properly calculating its "base URL" for loading other parts of the editor you ca
Laravel 5.4 路由
2018-10-10 09:17

你与时光终会散的博客 routes/web.php 文件定义了web界面的路由，这些路由被分配了web中间件组，从而可以提供session和csrf防护等功能。 1.基本路由 Route::get('user1', function () { return 'Hello World'; }); Rout...
laravel php 跳转页面跳转页面,Laravel 5.4重新登录实现跳转到登录前页面的原理和方法...
2021-04-16 15:07

极客有车的博客前言本文主要给大家介绍的是关于Laravel5.4重新登录跳转到登录前页面的相关内容，分享出来供大家参考学习，下面话不多说，来一起看看详细的介绍：一、应用场景：用户登陆后存在过期时间，超时用户需重新登录。...
没有解决我的问题, 去提问

悬赏问题

¥20 关于#硬件工程#的问题，请各位专家解答！
¥15 关于#matlab#的问题：期望的系统闭环传递函数为G(s)=wn^2/s^2+2¢wn+wn^2阻尼系数¢=0.707，使系统具有较小的超调量
¥15 FLUENT如何实现在堆积颗粒的上表面加载高斯热源
¥30 截图中的mathematics程序转换成matlab
¥15 动力学代码报错，维度不匹配
¥15 Power query添加列问题
¥50 Kubernetes&Fission&Eleasticsearch
¥15 報錯：Person is not mapped，如何解決？
¥15 c++头文件不能识别CDialog
¥15 Excel发现不可读取的内容