我创建了三个自定义中间件,即RedirectIfNotAdmin,RedirectIfNotStartup,RedirectIfNotInvestor。
中间件代码分别为:
class RedirectIfNotAdmin
{
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
$user = Auth::user()->user_type;
if ($user != 'admin') {
return response('Unauthorized.', 401);
}
return $next($request);
}
}
class RedirectIfNotStartup
{
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
$user = Auth::user()->user_type;
if ($user != 'startup') {
return response('Unauthorized.', 401);
}
return $next($request);
}
}
class RedirectIfNotInvestor
{
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
$user = Auth::user()->user_type;
if ($user != 'investor') {
return response('Unauthorized.', 401);
}
return $next($request);
}
}
路线:
Route::group(array('namespace' => 'UserControllers'), function(){
Route::group(['middleware' => ['auth', 'admin', 'startup', 'investor']], function () {
Route::any('showidea/{id}', ['as' => 'showidea', 'uses' => 'IdeaController@showIdea']);
Route::get('community', 'UserController@showCommunity');
Route::post('communities', 'UserController@addCommunity');
Route::get('edit/{id}', ['as' => 'edit', 'uses' => 'UserController@editCommunity']);
Route::get('delete/{id}', 'UserController@deleteCommunity');
Route::post('update/{id}', ['as' => 'update', 'uses' => 'UserController@updateCommunity']);
Route::any('create', 'IdeaController@displayPost');
Route::post('idea', 'IdeaController@storePost');
Route::get('users', 'UserController@showUserListing');
Route::get('deleteUser/{id}', 'UserController@deleteUser');
Route::get('delete/idea/{id}', 'IdeaController@deleteIdea');
Route::get('approve/{id}', 'IdeaController@approveIdea');
Route::get('edit/idea/{id}', [ 'as' => 'edit/idea', 'uses' => 'IdeaController@editIdea']);
Route::post('update/idea/{id}', [ 'as' => 'update/idea', 'uses' => 'IdeaController@updateIdea']);
});
});
我面临的问题是,它只会进入RedirectIfNotAdmin中间件,而不进入其他两个middlewares。它应该授权为startup和investor. But it is applying admin middleware on every route and returns the response未授权的路线制作
内核文件:
protected $routeMiddleware = [
'auth' => \App\Http\Middleware\Authenticate::class,
'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class,
'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class,
'admin' => \App\Http\Middleware\RedirectIfNotAdmin::class,
'investor' => \App\Http\Middleware\RedirectIfNotInvestor::class,
'startup' => \App\Http\Middleware\RedirectIfNotStartup::class
];
}
答案 0 :(得分:0)
尝试使用中间件组,因为这些中间件是相同的,所以使用一个中间件而不是将它们分开,例如:
class RedirectIfNotUserType
{
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next, $type = null)
{
$user = Auth::user()->user_type;
$type = explode('|', $type);
if (! in_array($user, $type)) {
return response('Unauthorized.', 401);
}
return $next($request);
}
}
在Kernel.php注册您的中间件并创建一个新组:
/**
* The application's route middleware groups.
*
* @var array
*/
protected $middlewareGroups = [
...
'type' => [
'auth',
'type:admin|investor|startup',
],
];
/**
* The application's route middleware.
*
* These middleware may be assigned to groups or used individually.
*
* @var array
*/
protected $routeMiddleware = [
...
'type' => \App\Http\Middleware\RedirectIfNotUserType::class,
];
在type
routes.php中间件
Route::group(array('namespace' => 'UserControllers'), function(){
Route::group(['middleware' => 'type'], function () {
...
});
});