dongpi9494
2017-10-22 16:14
浏览 119
已采纳

如果用户计算机的IP地址与允许的IP地址mysql表不匹配,请使用Laravel 5.4阻止登录

I am trying to develop a users login authentication system which will identify users username password and ip address. If the users username password is correct and ip address is not mathing to allowed ip address table then i want that user to redirect to login page or show laravels default error message.

As i am totally new to laravel so till now i have just created a default users authentication system using some youtube videos, which is already given by laravel 5.4 app.

Now i need help from a proffessional like you to create what exactly i have explained in first paragraph. Thank You !!

Migration = create_users_table.php

<?php

use Illuminate\Support\Facades\Schema;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Database\Migrations\Migration;

class CreateUsersTable extends Migration
{
    /**
     * Run the migrations.
     *
     * @return void
     */
    public function up()
    {
        Schema::create('users', function (Blueprint $table) {
            $table->increments('id');
            $table->string('name');
            $table->string('email')->unique();
            $table->string('password');
            $table->string('verifyToken');
            $table->boolean('status');
            $table->rememberToken();
            $table->timestamps();
        });
    }

    /**
     * Reverse the migrations.
     *
     * @return void
     */
    public function down()
    {
        Schema::dropIfExists('users');
    }
}

Route = Web.php

<?php

/*
|--------------------------------------------------------------------------
| Web Routes
|--------------------------------------------------------------------------
|
| Here is where you can register web routes for your application. These
| routes are loaded by the RouteServiceProvider within a group which
| contains the "web" middleware group. Now create something great!
|
*/

Route::get('/', function () {
    return view('welcome');
});


// Route::get('/', 'homeController@index');

Auth::routes();

Route::get('/home', 'HomeController@index')->name('home');

Route::GET('/salesmanager','SalesManagerController@index')->name('salesmanager');
Route::GET('/salesmanager/home','SalesManagerController@home')->name('salesmanagerhome');

Route::GET('/salesops','SalesOpsController@index')->name('salesops');


Route::GET('admin/home','AdminController@index');//->name('admin.home');
Route::GET('admin/support','SupportController@index');//->name('admin.support');
Route::GET('admin','Admin\LoginController@showLoginForm')->name('admin.login');
Route::POST('admin','Admin\LoginController@login');
Route::POST('admin-password/email','Admin\ForgotPasswordController@sendResetLinkEmail')->name('admin.password.email');
Route::GET('admin-

password/reset','Admin\ForgotPasswordController@showLinkRequestForm')->name('admin.password.request')

;
Route::POST('admin-password/reset','Admin\ResetPasswordController@reset');
Route::GET('admin-password/reset/{token}','Admin\ResetPasswordController@showResetForm')->name('admin.password.reset');

Route::GET('verifyEmailFirst', 'Auth\RegisterController@verifyEmailFirst')->name('verifyEmailFirst');

Route::GET('verify/{email}/{verifyToken}','Auth\RegisterController@sendEmailDone')->name('sendEmailDone');

LoginController.php

<?php

namespace App\Http\Controllers\Auth;

use App\Http\Controllers\Controller;
use Illuminate\Foundation\Auth\AuthenticatesUsers;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;

class LoginController extends Controller
{
    /*
    |--------------------------------------------------------------------------
    | Login Controller
    |--------------------------------------------------------------------------
    |
    | This controller handles authenticating users for the application and
    | redirecting them to your home screen. The controller uses a trait
    | to conveniently provide its functionality to your applications.
    |
    */

    use AuthenticatesUsers;

    /**
     * Where to redirect users after login.
     *
     * @var string
     */
    protected $redirectTo = '/home'; // /home

    /**
     * Create a new controller instance.
     *
     * @return void
     */
    public function __construct()
    {
        $this->middleware('guest')->except('logout');
    }

    /**
     * Get the needed authorization credentials from the request.
     *
     * @param  \Illuminate\Http\Request  $request
     * @return array
     */
    protected function credentials(Request $request)
    {
        //return $request->only($this->username(), 'password');
        return ['email' => $request->{$this->username()}, 'password' => $request->password, 'status' => '1'];
    }


    protected function sendLoginResponse(Request $request)
    {
        $request->session()->regenerate();

        $this->clearLoginAttempts($request);

        foreach ($this->guard()->user()->role as $role) {
                # code...
                if ($role->name == 'salesmanager') {
                    # code...
                    return redirect('/salesmanager');
                }elseif ($role->name == 'salesops') {
                    # code...
                    return redirect('/salesops');
                }

            }   
    }


}

Model = User.php

<?php

namespace App;

use Illuminate\Notifications\Notifiable;
use Illuminate\Foundation\Auth\User as Authenticatable;

class User extends Authenticatable
{
    use Notifiable;

    public function role()
    {
        return $this->belongsToMany(urole::class,'role_users');
    }


    /**
     * The attributes that are mass assignable.
     *
     * @var array
     */
    protected $fillable = [
        'name', 'email', 'password', 'verifyToken'
    ];

    /**
     * The attributes that should be hidden for arrays.
     *
     * @var array
     */
    protected $hidden = [
        'password', 'remember_token',
    ];
}
  • 写回答
  • 好问题 提建议
  • 追加酬金
  • 关注问题
  • 收藏
  • 邀请回答

1条回答 默认 最新

  • dsmlf1207915 2017-10-22 20:51
    已采纳

    Create a middleware php artisan make:middleware VerifyIpMiddleware.

    Englobe the routes you want to protect with a group

    Route::group(['middleware' => \App\Http\Middleware\VerifyIpMiddleware::class], function () {
        // Protected routes by IP here
    });
    

    In that middleware, you'll need to do the logic inside handle method

    if (! in_array($userIp, $allowedIps)) {
        auth()->logout();
        // some warning message
        return redirect('blocked-ip');
    } 
    
    评论
    解决 无用
    打赏 举报

相关推荐 更多相似问题