dongliang9576
2016-09-04 12:09 阅读 55
已采纳

Laravel 5.3在登录时重定向被禁用的用户

Hi there I am trying to redirect any user who tries to login who has a ban_status ! = 0

I am wondering what the best way for me to do this, I was thinking just to log them out and redirect them to a banned page but I only want banned users accessing this page, or adding a error on the form to say 'you are banned' etc. Here is my code currently:

public function login(Request $request) { $this->validateLogin($request);

    // If the class is using the ThrottlesLogins trait, we can automatically throttle
    // the login attempts for this application. We'll key this by the username and
    // the IP address of the client making these requests into this application.
    if ($lockedOut = $this->hasTooManyLoginAttempts($request)) {
        $this->fireLockoutEvent($request);

        return $this->sendLockoutResponse($request);
    }

    $credentials = $this->credentials($request);

    if ($this->guard()->attempt($credentials, $request->has('remember'))) {
        if ($this->guard()->user()->ban_status === 0) { // Check if the user is banned or not before allowing login
            return $this->sendLoginResponse($request);
        }
        else {

            $this->guard()->logout();

            $request->session()->flush();

            $request->session()->regenerate();

            return redirect('/banned'); // If the user banned_status is set to 1, then they will be redirected to a banned page.
        }
    }

    // If the login attempt was unsuccessful we will increment the number of attempts
    // to login and redirect the user back to the login form. Of course, when this
    // user surpasses their maximum number of attempts they will get locked out.
    if (! $lockedOut) {
        $this->incrementLoginAttempts($request);
    }

    return $this->sendFailedLoginResponse($request);
}
  • 点赞
  • 写回答
  • 关注问题
  • 收藏
  • 复制链接分享

1条回答 默认 最新

  • 已采纳
    dongshun1884 dongshun1884 2016-09-04 12:22

    The method wouldn't stop the users from accessing your other routes directly if they know your route names.

    You could stop this by adding a middleware, protecting all your other routes and if the middle ware fails to validate, redirecting the user to a banned page.

    See here: https://laravel.com/docs/5.3/middleware

    点赞 评论 复制链接分享

相关推荐