如果当前用户是特定grup的成员,我想编写自己的中间件来检查。如果是,用户可以继续前进到路线,如果没有,用户将被重定向到不同的页面。
我的中间件正在运行,但我不知道如何获取当前用户ID。我已经尝试过Auth :: user()方法,但没有成功。
这是我的中间件:
namespace App\Http\Middleware;
use Closure;
use App\User;
use App\Usergroups;
use Illuminate\Http\Request;
class UserGroupMiddleware
{
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle(Request $request, Closure $next, $group = NULL)
{
$user_id = $request->user()->user_id;
$user = User::find($user_id);
$usergroup = Usergroups::find($user->benutzergruppe);
if($usergroup->slug == 'admin'){
return $next($request);
}
return redirect('/');
}
}
答案 0 :(得分:3)
您可以访问当前已通过身份验证的用户(如果已解决)。这意味着您需要确保在路由/路由组中的auth
中间件之后放置组检查中间件:
Route::group(['middleware' => ['auth', 'in_group:group_name']], function () {
// Routes
});
然后您可以检查这样的角色:
class UserGroupMiddleware
{
public function handle(Request $request, Closure $next, $group)
{
// Check user is in specified group here
if ($request->user()->memberOf($group)) {
return $next($request);
}
// Display a 403 Forbidden error
abort(403);
}
}
答案 1 :(得分:-1)
像 Martin Bean 所说,我必须包含另一个中间件。但在这种情况下,它不是auth-middlewar。我必须在我的routes.php中包含网络中间件。
routes.php文件:
Route::group(['middleware' => ['web', 'admingroup']], function () {
Route::get('/admin', 'TestController@index');
});
UserGroupMiddleware.php:
namespace App\Http\Middleware;
use Closure;
use App\User;
use App\Usergroups;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
class UserGroupMiddleware
{
public function handle(Request $request, Closure $next, $group = NULL)
{
if(Auth::user()){
$user_id = Auth::user()->user_id;
$user = User::find($user_id);
$usergroup = Usergroups::find($user->benutzergruppe);
if($usergroup->slug === 'admin'){
return $next($request);
}
}
abort(403, 'No Access');
}
}
在我编写中间件之前,我运行了
php artisan make:auth
命令。因此,所有视图都是由laravel创建的。
重要提示:不要忘记在Kernel.php中注册中间件:
protected $routeMiddleware = [
'auth' => \App\Http\Middleware\Authenticate::class,
'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class,
'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class,
// Custom Middleware
'admingroup' => \App\Http\Middleware\UserGroupMiddleware::class,
];